Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit
Proof-of-concept exploit code has been published for a Windows Themes vulnerability tracked as CVE-2023-38146 that allows remote attackers to execute code. The security issue is also…
Category: Bleeping Computer
Manchester Police officers’ data exposed in ransomware attack
United Kingdom’s Greater Manchester Police (GMP) said earlier today that some of its employees’ personal information was impacted by a ransomware attack that hit a…
Fake Cisco Webex Google Ads abuse tracking templates to push malware
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users to websites that distribute the…
Rollbar discloses data breach after hackers stole access tokens
Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access to customer access tokens. The…
New Windows 11 feature blocks NTLM-based attacks over SMB
Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks. This…
France demands Apple pull iPhone 12 due to high RF radiation levels
The Agence Nationale des Fréquences (ANFR) has asked Apple to withdraw iPhone 12 smartphones from the French market because the device emits radiofrequency energy that…
How end-user phishing training works (and why it doesn’t)
It always takes two for a phishing attack to work – an attacker to send the bait and an insider to take it. Almost every…
Ongoing outage behind message failures, delays
Microsoft is investigating an ongoing outage preventing customers from sending or receiving messages using the company’s Microsoft Teams communication platform. While Redmond is yet to…
Hackers steal $53 million worth of cryptocurrency from CoinEx
Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform’s operations.…
Hackers use new 3AM ransomware to save failed LockBit attack
A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on…
CISA offers free security scans for public water utilities
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has announced it is offering free security scans for critical infrastructure facilities, such as water utilities, to…
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.…