British Library knocked offline by weekend cyberattack
The British Library has been hit by a major IT outage affecting its website and many of its services following a “cyber incident” that impacted…
Category: Bleeping Computer
Atlassian warns of critical Confluence flaw leading to data loss
Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful…
Microsoft releases Windows 11 23H2 as an enablement package
Microsoft announced today the release of Windows 11, version 23H2, the next feature update for its operating system (also known as the Windows 11 2023…
Dozens of countries will pledge to stop paying ransomware gangs
An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded…
Samsung Galaxy gets new Auto Blocker anti-malware feature
Samsung has unveiled a new security feature called ‘Auto Blocker’ as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices.…
Massive cybercrime URL shortening service uncovered via DNS data
An actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently…
Malicious NuGet packages abuse MSBuild to install malware
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio’s MSBuild integration to execute code and install malware stealthily. NuGet is an open-source…
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked
Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens…
LastPass breach linked to theft of $4.4 million in crypto
Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto…
RCE exploit for Wyze Cam v3 publicly released, patch now
A security researcher has published a proof-of-concept (PoC) exploit for Wyze Cam v3 devices that opens a reverse shell and allows the takeover of vulnerable…
SEC sues SolarWinds for misleading investors before 2020 hack
The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before a December 2020 linked to…
FTC orders non-bank financial firms to report breaches in 30 days
The U.S. Federal Trade Commission (FTC) has amended the Safeguards Rules, mandating that all non-banking financial institutions report data breach incidents within 30 days. Such…