Hackers stole Microsoft signing key from Windows crash dump
Microsoft says Storm-0558 Chinese hackers stole a signing key used to breach government email accounts from a Windows crash dump after compromising a Microsoft engineer’s…
Category: Bleeping Computer
MSI BIOS updates fix Windows unsupported processor BSOD bug
MSI has released BIOS updates to fix a known issue that triggers blue screens of death on Windows computers after installing August 2023 preview updates.…
Mirai variant infects low-cost Android TV boxes for DDoS attacks
Image: Midjourney A new Mirai malware botnet variant has been spotted infecting inexpensive Android TV set-top boxes used by millions for media streaming. According to…
September Android updates fix zero-day exploited in attacks
The September 2023 Android security updates tackle 33 vulnerabilities, including a zero-day bug currently targeted in the wild. This high-severity zero-day vulnerability (CVE-2023-35674) is a…
Toyota says filled disk storage halted Japan-based factories
Image: Midjourney Toyota says a recent disruption of operations in Japan-based production plants was caused by its database servers running out of storage space. On…
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that compromised more than 8,000 Microsoft…
Coffee Meets Bagel says recent outage caused by destructive cyberattack
The Coffee Meets Bagel dating platform confirms last week’s outage was caused by hackers breaching the company’s systems and deleting company data. The dating platform…
Atlas VPN zero-day vulnerability leaks users’ real IP address
An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user’s real IP address simply by visiting a website. Atlas VPN is a VPN…
Crypto casino Stake.com loses $41 million to hot wallet hackers
Image: Midjourney Online cryptocurrency casino Stake.com announced that its ETH/BSC hot wallets had been compromised to perform unauthorized transactions, with over $40 million in crypto…
Chaes malware now uses Google Chrome DevTools Protocol to steal data
The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools protocol for direct access to…
PTaaS Bridges the Gap within Application Security
Pen testing, also known as “ethical hacking,” involves a team of cybersecurity professionals tasked to test the resilience of an organization’s security systems. Unfortunately, traditional web…
ASUS routers vulnerable to critical remote code execution flaws
Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not…