Cloudflare hacked using auth tokens stolen in Okta attack
Cloudflare disclosed today that its internal Atlassian server was breached by a suspected ‘nation state attacker’ who accessed its Confluence wiki, Jira bug database, and…
Category: Bleeping Computer
Microsoft fixes connection issue affecting Outlook email apps
Microsoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts. “The Outlook.com Team implemented service…
PurpleFox malware infected thousands of systems in Ukraine
The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.…
Google shares fix for Pixel phones hit by bad system update
Google has shared a temporary fix for owners of Google Pixel devices that were rendered unusable after installing the January 2024 Google Play system update.…
CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday
CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday.…
CISA warns of patched iPhone kernel bug now exploited in attacks
CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks. Tracked as…
Police seize record 50,000 Bitcoin from now-defunct piracy site
The police in Saxony, eastern Germany, have seized 50,000 Bitcoin from the former operator of the pirate site movie2k.to through a voluntary deposit to a…
Hackers push USB malware payloads via news, media hosting sites
A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to…
Exploit released for Android local elevation flaw impacting 7 OEMs
A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub.…
Europcar denies data breach of 50 million users, says data is fake
Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after a threat actor claimed to…
FBI disrupts Chinese botnet by wiping malware from infected routers
The FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure. The hacking…
Vendors must secure SOHO routers against Volt Typhoon attacks
CISA has urged manufacturers of small office/home office (SOHO) routers to ensure their devices’ security against ongoing attacks attempting to hijack them, especially those coordinated by…