Consumer lender TMX discloses data breach impacting 4.8 million people
TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data...
Read more →Category: Bleeping Computer
Microsoft testing adaptive brightness on more Windows 11 devices
Microsoft says a new Windows 11 preview build rolling out today will allow Insiders to test the company’s adaptive brightness...
Read more →
Microsoft OneNote will block 120 dangerous file extensions
Microsoft has shared more information on what malicious embedded files OneNote will soon block to defend users against ongoing phishing...
Read more →
Winter Vivern hackers exploit Zimbra flaw to steal NATO emails
A Russian hacking group tracked as TA473, aka ‘Winter Vivern,’ has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since...
Read more →
Ukrainian cyberpolice busts fraud gang that stole $4.3 million
Ukraine’s cyberpolice has arrested members of a fraud gang that stole roughly $4,300,000 from over a thousand victims across the...
Read more →
CISA orders agencies to patch bugs exploited to drop spyware
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch security vulnerabilities exploited as zero-days in...
Read more →
Realtek and Cacti flaws now actively exploited by malware botnets
Multiple malware botnets actively target Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot...
Read more →
Bing search results hijacked via misconfigured Microsoft app
A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS...
Read more →
New AlienFox toolkit steals credentials for 18 cloud services
A new modular toolkit called ‘AlienFox’ allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials...
Read more →
Google finds more Android, iOS zero-days used to install spyware
Google’s Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install...
Read more →
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used...
Read more →
SafeMoon ‘burn’ bug abused to drain $8.9 million from liquidity pool
The SafeMoon token liquidity pool lost $8.9 million after a hacker exploited a newly created ‘burn’ smart contract function that...
Read more →