Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers
Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks. The American semiconductor company…
Category: Bleeping Computer
Microsoft Defender no longer flags Tor Browser as malware
Recent versions of the TorBrowser, specifically because of the updated tor.exe file it contained, were being incorrectly flagged as potential threats by Windows Defender. Users…
Exim patches three of six zero-day bugs disclosed last week
Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro’s Zero Day Initiative (ZDI), one of them allowing unauthenticated…
New BunnyLoader threat emerges as a feature-rich malware-as-a-service
Security researchers discovered a new malware-as-a-service (MaaS) named ‘BunnyLoader’ advertised on multiple hacker forums as a fileless loader that can steal and replace the contents…
Ransomware gangs now exploiting critical TeamCity RCE flaw
Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains’ TeamCity continuous integration and deployment server. The flaw (tracked as CVE-2023-42793 and tagged…
Exploit available for critical WS_FTP bug exploited in attacks
Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity vulnerability in Progress Software’s WS_FTP Server file sharing solution. Assetnote researchers…
Arm warns of Mali GPU flaws likely exploited in targeted attacks
Arm in a security advisory today is warning of an actively exploited vulnerability affecting the widely-used Mali GPU drivers. The flaw is currently tracked as…
FBI warns of surge in ‘phantom hacker’ scams impacting elderly
The FBI issued a public service announcement warning of a significant increase in ‘phantom hacker’ scams targeting senior citizens across the United States. “This Phantom…
Motel One discloses data breach following ransomware attack
The Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer data, including the details of 150…
New Marvin attack revives 25-year-old decryption flaw in RSA
A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used…
Amazon sends Mastercard, Google Play gift card order emails by mistake
Amazon mistakenly sent out purchase confirmation emails for Hotels.com, Google Play, and Mastercard gift cards to customers, making many worried their accounts were compromised. The…
Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang
The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors. LostTrust began attacking organizations in…