Bitwarden adds passkey support to log into web password vaults
The open-source Bitwarden password manager has announced that all users can now log into their web vaults using a passkey instead of the standard username…
Category: Bleeping Computer
New Balada Injector campaign infects 6,700 WordPress sites
A little over 6,700 WordPress websites using a vulnerable version of the Popup Builder plugin have been infected with the Balada Injector malware in a…
Finland warns of Akira ransomware wiping NAS and tape backup devices
The Finish National Cybersecurity Center (NCSC-FI) is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups. The agency says that the…
Microsoft Exchange 2019 has reached end of mainstream support
Microsoft announced the end of mainstream support for its Exchange Server 2019 on-premises mail server software on January 9, 2023. Starting today, the company says…
Ivanti warns of Connect Secure zero-days exploited in attacks
Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted…
Hackers stole data of 1.3 million people
Fidelity National Financial (FNF) has confirmed that a November cyberattack (claimed by the BlackCat ransomware gang) has exposed the data of 1.3 million customers. FNF…
Mandiant’s X account hacked by crypto Drainer-as-a-Service gang
Cybersecurity firm and Google subsidiary Mandiant says its Twitter/X account was hijacked last week by a Drainer-as-a-Service (DaaS) gang in what it described as “likely a brute…
Cisco says critical Unity Connection bug lets attackers get root
Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices. Unity Connection is a…
Pro-Ukraine hackers breach Russian ISP in revenge for KyivStar attack
A pro-Ukraine hacktivist group named ‘Blackjack’ has claimed a cyberattack against Russian provider of internet services M9com as a direct response to the attack against…
Fake 401K year-end statements used to steal corporate credentials
Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports to steal company employees’ credentials.…
Windows 10 KB5034441 security update fails with 0x80070643 errors
Windows 10 users worldwide report problems installing Microsoft’s January Patch Tuesday updates, getting 0x80070643 errors when attempting to install the KB5034441 security update for BitLocker.…
ShinyHunters member gets 3 years in prison for breaching 60 firms
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution of $5,000,000. Previously, in September…