FBI warns of virtual kidnapping scams using altered social media photos
The FBI warns that criminals are altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom…
Category: Bleeping Computer
EU fines X $140 million over deceptive blue checkmarks
The European Commission has fined X €120 million ($140 million) for violating transparency obligations under the Digital Services Act (DSA). This is the first non-compliance…
Cloudflare blames today’s outage on emergency React2Shell patch
Earlier today, Cloudflare experienced a widespread outage that caused websites and online platforms worldwide to go down, returning a “500 Internal Server Error” message. In…
Pharma firm Inotiv discloses data breach after ransomware attack
American pharmaceutical firm Inotiv is notifying thousands of people that they’re personal information was stolen in an August 2025 ransomware attack. Inotiv is an Indiana-based contract…
React2Shell critical flaw actively exploited in China-linked attacks
Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React and Next.js just hours after the max-severity issue was disclosed. React2Shell is an…
Cloudflare down, websites offline with 500 Internal Server Error
Cloudflare is down, as websites are crashing with a 500 Internal Server Error. Cloudflare has confirmed that it’s investigating the reports. Cloudflare, a service that…
Hackers are exploiting ArrayOS AG VPN flaw to plant webshells
Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users. Array Networks fixed…
NCSC’s ‘Proactive Notifications’ warns orgs of flaws in exposed devices
The UK’s National Cyber Security Center (NCSC) announced the testing phase of a new service called Proactive Notifications, designed to inform organizations in the country…
Predator spyware uses new infection vector for zero-click attacks
The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed “Aladdin,” which compromised specific targets by simply viewing a malicious…
Russia blocks FaceTime and Snapchat over use in terrorist attacks
Russian telecommunications watchdog Roskomnadzor has blocked access to Apple’s FaceTime video conferencing platform and the Snapchat instant messaging service, claiming they’re being used to coordinate…
CISA warns of Chinese “BrickStorm” malware attacks on VMware servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned network defenders of Chinese hackers backdooring VMware vSphere servers with Brickstorm malware. In a joint malware…
Contractors with hacking records accused of wiping 96 govt databases
U.S. prosecutors have charged two Virginia brothers arrested on Wednesday with allegedly conspiring to steal sensitive information and destroy government databases after being fired from…