Category: Bleeping Computer

New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock
19
Dec
2025

New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock

The UEFI firmware implementation in some motherboards from ASUS, Gigabyte, MSI, and ASRock is vulnerable to direct memory access (DMA) attacks…

Share: X : New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRockFacebook : New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRockLinkedin : New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRockReddit : New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRockTelegram : New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRockWhatsApp : New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRockEmail : New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock
Fortinet
19
Dec
2025

Over 25,000 FortiCloud SSO devices exposed to remote attacks

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting…

Share: X : Over 25,000 FortiCloud SSO devices exposed to remote attacksFacebook : Over 25,000 FortiCloud SSO devices exposed to remote attacksLinkedin : Over 25,000 FortiCloud SSO devices exposed to remote attacksReddit : Over 25,000 FortiCloud SSO devices exposed to remote attacksTelegram : Over 25,000 FortiCloud SSO devices exposed to remote attacksWhatsApp : Over 25,000 FortiCloud SSO devices exposed to remote attacksEmail : Over 25,000 FortiCloud SSO devices exposed to remote attacks
Denmark flag
19
Dec
2025

Denmark blames Russia for destructive cyberattack on water utility

Danish intelligence officials blamed Russia for orchestrating cyberattacks against Denmark’s critical infrastructure, as part of Moscow’s hybrid attacks against Western…

Share: X : Denmark blames Russia for destructive cyberattack on water utilityFacebook : Denmark blames Russia for destructive cyberattack on water utilityLinkedin : Denmark blames Russia for destructive cyberattack on water utilityReddit : Denmark blames Russia for destructive cyberattack on water utilityTelegram : Denmark blames Russia for destructive cyberattack on water utilityWhatsApp : Denmark blames Russia for destructive cyberattack on water utilityEmail : Denmark blames Russia for destructive cyberattack on water utility
WatchGuard
19
Dec
2025

New critical WatchGuard Firebox firewall flaw exploited in attacks

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its Firebox firewalls. Tracked…

Share: X : New critical WatchGuard Firebox firewall flaw exploited in attacksFacebook : New critical WatchGuard Firebox firewall flaw exploited in attacksLinkedin : New critical WatchGuard Firebox firewall flaw exploited in attacksReddit : New critical WatchGuard Firebox firewall flaw exploited in attacksTelegram : New critical WatchGuard Firebox firewall flaw exploited in attacksWhatsApp : New critical WatchGuard Firebox firewall flaw exploited in attacksEmail : New critical WatchGuard Firebox firewall flaw exploited in attacks
Instacart
19
Dec
2025

Instacart to refund $60M over deceptive subscription tactics

Grocery delivery service Instacart will refund $60 million to settle FTC claims that it misled customers with false advertising and…

Share: X : Instacart to refund $60M over deceptive subscription tacticsFacebook : Instacart to refund $60M over deceptive subscription tacticsLinkedin : Instacart to refund $60M over deceptive subscription tacticsReddit : Instacart to refund $60M over deceptive subscription tacticsTelegram : Instacart to refund $60M over deceptive subscription tacticsWhatsApp : Instacart to refund $60M over deceptive subscription tacticsEmail : Instacart to refund $60M over deceptive subscription tactics
Windows 10
19
Dec
2025

Windows 10 OOB update released to fix Message Queuing (MSMQ) issues

This month’s extended security update for Windows 10 broke Message Queuing (MSMQ), which is typically used by enterprises to manage background…

Share: X : Windows 10 OOB update released to fix Message Queuing (MSMQ) issuesFacebook : Windows 10 OOB update released to fix Message Queuing (MSMQ) issuesLinkedin : Windows 10 OOB update released to fix Message Queuing (MSMQ) issuesReddit : Windows 10 OOB update released to fix Message Queuing (MSMQ) issuesTelegram : Windows 10 OOB update released to fix Message Queuing (MSMQ) issuesWhatsApp : Windows 10 OOB update released to fix Message Queuing (MSMQ) issuesEmail : Windows 10 OOB update released to fix Message Queuing (MSMQ) issues
Hacker
19
Dec
2025

Clop ransomware targets Gladinet CentreStack in data theft attacks

The Clop ransomware gang (also known as Cl0p) is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign….

Share: X : Clop ransomware targets Gladinet CentreStack in data theft attacksFacebook : Clop ransomware targets Gladinet CentreStack in data theft attacksLinkedin : Clop ransomware targets Gladinet CentreStack in data theft attacksReddit : Clop ransomware targets Gladinet CentreStack in data theft attacksTelegram : Clop ransomware targets Gladinet CentreStack in data theft attacksWhatsApp : Clop ransomware targets Gladinet CentreStack in data theft attacksEmail : Clop ransomware targets Gladinet CentreStack in data theft attacks
University of Sydney suffers data breach exposing student and staff info
18
Dec
2025

University of Sydney suffers data breach exposing student and staff info

Hackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information…

Share: X : University of Sydney suffers data breach exposing student and staff infoFacebook : University of Sydney suffers data breach exposing student and staff infoLinkedin : University of Sydney suffers data breach exposing student and staff infoReddit : University of Sydney suffers data breach exposing student and staff infoTelegram : University of Sydney suffers data breach exposing student and staff infoWhatsApp : University of Sydney suffers data breach exposing student and staff infoEmail : University of Sydney suffers data breach exposing student and staff info
New password spraying attacks target Cisco, PAN VPN gateways
18
Dec
2025

New password spraying attacks target Cisco, PAN VPN gateways

An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL…

Share: X : New password spraying attacks target Cisco, PAN VPN gatewaysFacebook : New password spraying attacks target Cisco, PAN VPN gatewaysLinkedin : New password spraying attacks target Cisco, PAN VPN gatewaysReddit : New password spraying attacks target Cisco, PAN VPN gatewaysTelegram : New password spraying attacks target Cisco, PAN VPN gatewaysWhatsApp : New password spraying attacks target Cisco, PAN VPN gatewaysEmail : New password spraying attacks target Cisco, PAN VPN gateways
US seizes E-Note crypto exchange for laundering ransomware payments
18
Dec
2025

US seizes E-Note crypto exchange for laundering ransomware payments

Law enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder…

Share: X : US seizes E-Note crypto exchange for laundering ransomware paymentsFacebook : US seizes E-Note crypto exchange for laundering ransomware paymentsLinkedin : US seizes E-Note crypto exchange for laundering ransomware paymentsReddit : US seizes E-Note crypto exchange for laundering ransomware paymentsTelegram : US seizes E-Note crypto exchange for laundering ransomware paymentsWhatsApp : US seizes E-Note crypto exchange for laundering ransomware paymentsEmail : US seizes E-Note crypto exchange for laundering ransomware payments
NIS2 compliance header
18
Dec
2025

How to get passwords and MFA right

The EU’s NIS2 Directive is pushing organizations to take cybersecurity seriously, and that means looking closely at how you manage…

Share: X : How to get passwords and MFA rightFacebook : How to get passwords and MFA rightLinkedin : How to get passwords and MFA rightReddit : How to get passwords and MFA rightTelegram : How to get passwords and MFA rightWhatsApp : How to get passwords and MFA rightEmail : How to get passwords and MFA right
GNV ferry ship
18
Dec
2025

France arrests Latvian for installing malware on Italian ferry

French authorities arrested two crew members of an Italian passenger ferry suspected of infecting the ship with malware that could…

Share: X : France arrests Latvian for installing malware on Italian ferryFacebook : France arrests Latvian for installing malware on Italian ferryLinkedin : France arrests Latvian for installing malware on Italian ferryReddit : France arrests Latvian for installing malware on Italian ferryTelegram : France arrests Latvian for installing malware on Italian ferryWhatsApp : France arrests Latvian for installing malware on Italian ferryEmail : France arrests Latvian for installing malware on Italian ferry