Category: Bleeping Computer

The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect,…

Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users’ sensitive data in…

GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging…

A lot of news broke this week related to ransomware, with the discovery of LockBit testing macOS encryptors to an…

The X_Trader software supply chain attack that led to last month’s 3CX breach has also impacted at least several critical…

Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using…

Hackers use a novel method involving RBAC (Role-Based Access Control) to create persistent backdoor accounts on Kubernetes clusters and hijack…

The American Bar Association (ABA) has suffered a data breach after hackers compromised its network and gained access to older…

Websites of multiple U.S. universities are serving Fortnite and ‘gift card’ spam. Researchers observed Wiki and documentation pages being hosted by universities including Stanford, MIT, Berkeley,…

Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an…

Google’s Threat Analysis Group (TAG) has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine’s critical infrastructure in 2023. Google…

VMware addressed a critical vRealize Log Insight security vulnerability that allows remote attackers to gain remote execution on vulnerable appliances….