Category: Bleeping Computer

Microsoft 365
03
Oct
2023

EvilProxy uses indeed.com open redirect for Microsoft 365 phishing

A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from…

Hacker
03
Oct
2023

ShellTorch flaws expose AI servers to code execution attacks

A set of critical vulnerabilities dubbed ‘ShellTorch’ in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed…

Microsoft
03
Oct
2023

Microsoft Edge, Teams get fixes for zero-days in open-source libraries

Microsoft released emergency security updates for Edge, Teams, and Skype to patch two zero-day vulnerabilities in open-source libraries used by…

Qualcomm
03
Oct
2023

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in…

Tor browser
02
Oct
2023

Microsoft Defender no longer flags Tor Browser as malware

Recent versions of the TorBrowser, specifically because of the updated tor.exe file it contained, were being incorrectly flagged as potential…

Exim
02
Oct
2023

Exim patches three of six zero-day bugs disclosed last week

Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro’s Zero Day Initiative (ZDI),…

New BunnyLoader threat emerges as a feature-rich malware-as-a-service
02
Oct
2023

New BunnyLoader threat emerges as a feature-rich malware-as-a-service

Security researchers discovered a new malware-as-a-service (MaaS) named ‘BunnyLoader’ advertised on multiple hacker forums as a fileless loader that can…

Hacker
02
Oct
2023

Ransomware gangs now exploiting critical TeamCity RCE flaw

Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains’ TeamCity continuous integration and deployment server. The flaw…

Hacker
02
Oct
2023

Exploit available for critical WS_FTP bug exploited in attacks

Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity vulnerability in Progress Software’s WS_FTP Server…

Arm warns of Mali GPU flaws likely exploited in targeted attacks
02
Oct
2023

Arm warns of Mali GPU flaws likely exploited in targeted attacks

Arm in a security advisory today is warning of an actively exploited vulnerability affecting the widely-used Mali GPU drivers. The…

Phone scammer
02
Oct
2023

FBI warns of surge in ‘phantom hacker’ scams impacting elderly

The FBI issued a public service announcement warning of a significant increase in ‘phantom hacker’ scams targeting senior citizens across…

Motel One
02
Oct
2023

Motel One discloses data breach following ransomware attack

The Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer…