Apple fixes iOS Kernel zero-day vulnerability on older iPhones
Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks. “Apple is…
Category: Bleeping Computer
ToddyCat hackers use ‘disposable’ malware to target Asian telecoms
A newly discovered campaign dubbed “Stayin’ Alive” has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of…
Hyped up curl vulnerability falls short of expectations
curl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38546), easing week-long concerns regarding the flaw’s severity.…
Shadow PC warns of data breach as hacker tries to sell gamers’ info
Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers’ private information, as a threat actor…
BianLian extortion group claims recent Air Canada breach
The BianLian extortion group claims to have stolen 210GB of data after breaching the network of Air Canada, the country’s largest airline and a founding…
New WordPress backdoor creates rogue admin to hijack websites
A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control…
Microsoft Defender now auto-isolates compromised accounts
Microsoft Defender for Endpoint now uses automatic attack disruption to isolate compromised user accounts and block lateral movement in hands-on-keyboard attacks with the help of…
LinkedIn Smart Links attacks return to target Microsoft accounts
Hackers are once again abusing LinkedIn Smart Links in phishing attacks to bypass protection measures and evade detection in attempts to steal Microsoft account credentials.…
Exchange Online mail delivery issues caused by anti-spam rules
Microsoft is investigating Exchange Online mail delivery issues causing “Server busy” errors and delays when receiving emails from outside organizations. According to user reports online, the Exchange Online…
Windows 11 21H2 and Windows Server 2012 reach end of support
Windows Server 2012 and multiple editions of Windows 11, version 21H2, have reached the end of support with this month’s Patch Tuesday. Starting this week,…
Preventing Microsoft Copilot Data Exposure
This article is written by Rob Sobers, Varonis. Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is…
State hackers exploiting Confluence zero-day since September
Microsoft says a Chinese-backed threat group tracked as ‘Storm-0062’ (aka DarkShadow or Oro0lxy) has been exploiting a critical privilege escalation zero-day in the Atlassian Confluence…