Category: Bleeping Computer

Maximum severity GoAnywhere MFT flaw exploited as zero day
26
Sep
2025

Maximum severity GoAnywhere MFT flaw exploited as zero day

Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere MFT that allows injecting commands remotely without authentication….

macOS
26
Sep
2025

Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs

Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating…

Email
25
Sep
2025

Unofficial Postmark MCP npm silently stole users’ emails

A npm package copying the official ‘postmark-mcp’ project on GitHub turned bad with the latest update that added a single line…

CISA
25
Sep
2025

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks

CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws…

Co-op sign
25
Sep
2025

Co-op says it lost $107 million after Scattered Spider attack

The Co-operative Group in the U.K. released its interim financial results report for the first half of 2025 with a…

Amazon
25
Sep
2025

Amazon pays $2.5 billion to settle Prime memberships lawsuit

Amazon will pay $2.5 billion to settle claims by the U.S. Federal Trade Commission (FTC) that it used dark patterns…

Cisco
25
Sep
2025

Cisco warns of ASA firewall zero-days exploited in attacks

Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company’s…

Malicious Rust packages on Crates.io steal crypto wallet keys
25
Sep
2025

Malicious Rust packages on Crates.io steal crypto wallet keys

Two malicious packages with nearly 8,500 downloads in Rust’s official crate repository scanned developers’ systems to steal cryptocurrency private keys…

A security key
25
Sep
2025

How secure are passkeys, really? Here’s what you need to know

We’ve known for a long time that passwords have their flaws. Whether it’s phishing, brute force, or dictionary attacks, password-based…

Windows
25
Sep
2025

Microsoft will offer free Windows 10 security updates in Europe

Microsoft will offer free extended security updates for Windows 10 users in the European Economic Area (EEA), which includes Iceland,…

Teen suspected of Vegas casino cyberattacks released to parents
25
Sep
2025

Teen suspected of Vegas casino cyberattacks released to parents

A 17-year-old hacker who surrendered to face charges over cyberattacks targeting Vegas casinos in 2023 has been released into the…

GPT-5
25
Sep
2025

OpenAI is testing a new GPT-5-based AI agent “GPT-Alpha”

OpenAI is internally testing a new version of its AI agent, which uses a special version of GPT-5 dubbed “GPT-Alpha.”…