Expensive Investigations Drive Surging Data Breach Costs
The dreaded data breach is an outcome feared by companies of all sizes in today’s threat landscape, largely due to the significant costs involved. Each…
Category: Bleeping Computer
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware.…
Signal adds quantum-resistant encryption to its E2EE messaging protocol
Signal has announced that it upgraded its end-to-end communication protocol to use quantum-resistant encryption keys to protect users from future attacks. Quantum computers that use…
Claimants in Celsius crypto bankruptcy targeted in phishing attack
Scammers are impersonating the bankruptcy claim agent for crypto lender Celsius in phishing attacks that attempt to steal funds from cryptocurrency wallets. In July 2022,…
Trend Micro fixes endpoint protection zero-day used in attacks
Trend Micro fixed a remote code execution zero-day vulnerability in the Trend Micro’s Apex One endpoint protection solution that was actively exploited in attacks. Apex One is…
Hackers breached International Criminal Court’s systems last week
The International Criminal Court (ICC) disclosed a cyberattack on Tuesday after discovering last week that its systems had been breached. “At the end of last…
GitLab urges users to install security updates for critical pipeline flaw
GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users via scheduled security scan policies.…
Microsoft to start retiring Exchange Web Services in October 2026
Microsoft said today that the Exchange Web Services (EWS) API for Exchange Online and Office 365 will be retired in approximately three years. EWS is a…
Hackers backdoor telecom providers with new HTTPSnoop malware
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands…
Windows Subsystem for Linux gets new ‘mirrored’ network mode
Microsoft has released Windows Subsystem for Linux (WSL) 2.0.0 with a set of new opt-in experimental features, including a new network mode and automated memory…
APT36 state hackers infect Android devices using YouTube app clones
The APT36 hacking group, aka ‘Transparent Tribe,’ has been observed using at least three Android apps that mimic YouTube to infect devices with their signature remote…
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw
An estimated 12,000 Juniper SRX firewalls and EX switches are vulnerable to a fileless remote code execution flaw that attackers can exploit without authentication. In…