CISA warns of breach risks from IDOR web app vulnerabilities
CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the…
Category: Bleeping Computer
Twitter’s rebranding to ‘X’ triggers Microsoft Edge security alert
Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to ‘X’. Amid its rapid rebranding over the last few days,…
New Android malware uses OCR to steal credentials from images
Two new Android malware families named ‘CherryBlos’ and ‘FakeTrade’ were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. The…
Hawai’i Community College pays ransomware gang to prevent data leak
The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.…
BreachForums database and private chats for sale in hacker data breach
While consumers are usually the ones worried about their information being exposed in data breaches, it’s now the hacker’s turn, as the notorious Breached cybercrime…
CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto
Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth…
Zimbra patches zero-day vulnerability exploited in XSS attacks
Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email…
SSNDOB cybercrime market admin faces 15 years after pleading guilty
A Ukrainian man, Vitalii Chychasov, has pleaded guilty in the United States to conspiracy to commit access device fraud and trafficking in unauthorized access devices…
WordPress Ninja Forms plugin flaw lets hackers steal submitted data
Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. Researchers at Patchstack discovered and disclosed…
Microsoft fixes bug that breaks video recording in Windows apps
Microsoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems. Apps using the…
8 million people hit by data breach at US govt contractor Maximus
U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the…
Swiss visa appointments cancelled in UK due to ‘IT incident’
All appointments for Swiss (Schengen) tourist and transit visas have been cancelled across the UK. TLSContact, the Swiss government’s chosen IT provider for facilitating visa applicants for…