New Android malware uses OCR to steal credentials from images
Two new Android malware families named ‘CherryBlos’ and ‘FakeTrade’ were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. The…
Category: Bleeping Computer
Hawai’i Community College pays ransomware gang to prevent data leak
The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.…
BreachForums database and private chats for sale in hacker data breach
While consumers are usually the ones worried about their information being exposed in data breaches, it’s now the hacker’s turn, as the notorious Breached cybercrime…
CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto
Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth…
Zimbra patches zero-day vulnerability exploited in XSS attacks
Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email…
SSNDOB cybercrime market admin faces 15 years after pleading guilty
A Ukrainian man, Vitalii Chychasov, has pleaded guilty in the United States to conspiracy to commit access device fraud and trafficking in unauthorized access devices…
WordPress Ninja Forms plugin flaw lets hackers steal submitted data
Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. Researchers at Patchstack discovered and disclosed…
Microsoft fixes bug that breaks video recording in Windows apps
Microsoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems. Apps using the…
8 million people hit by data breach at US govt contractor Maximus
U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the…
Swiss visa appointments cancelled in UK due to ‘IT incident’
All appointments for Swiss (Schengen) tourist and transit visas have been cancelled across the UK. TLSContact, the Swiss government’s chosen IT provider for facilitating visa applicants for…
Microsoft previews Defender for IoT firmware analysis service
Microsoft announced a new Defender for IoT feature that will allow analyzing the firmware of embedded Linux devices like routers for security vulnerabilities and common…
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of…