D-Link fixes auth bypass and RCE flaws in D-View 8 software
D-Link has fixed two critical-severity vulnerabilities in its D-View 8 network management suite that could allow remote attackers to bypass authentication and execute arbitrary code.…
Category: Bleeping Computer
Microsoft 365 phishing attacks use encrypted RPMSG messages
Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email…
What’s a Double-Blind Password Strategy and When Should It Be Used
Password security, like threat actor methods, continues to evolve. As computing power grows, previously best-practice passwords become increasingly vulnerable. Password managers have done their best…
New Russian-linked CosmicEnergy malware targets industrial systems
Mandiant security researchers have discovered a new malware called CosmicEnergy designed to disrupt industrial systems and linked to Russian cybersecurity outfit Rostelecom-Solar (formerly Solar Security).…
Zyxel warns of critical vulnerabilities in firewall and VPN devices
Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. Both security issues are buffer…
‘Operation Magalenha’ targets credentials of 30 Portuguese banks
A Brazilian hacking group has been targeting thirty Portuguese government and private financial institutions since 2021 in a malicious campaign called ‘Operation Magalenha.’ Examples of…
ChatGPT is down worldwide – OpenAI confirms issues
ChatGPT, the famous artificial intelligence chatbot that allows users to converse with various personalities and topics, has connectivity issues worldwide. OpenAI has confirmed users are currently…
New Buhti ransomware gang uses leaked Windows, Linux encryptors
A new ransomware operation named ‘Buhti’ uses the leaked code of the LockBit and Babuk ransomware families to target Windows and Linux systems, respectively. While…
Windows issue causes file copying, saving failures
Microsoft says some 32-bit applications are impacted by recurring failures when saving and copying files across multiple Windows versions (especially when copying to network shares).…
Hackers target 1.5M WordPress sites with cookie consent plugin exploit
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie Consent Banner with more than…
Windows 10 KB5026435 update released with 2 new features, 18 fixes
Microsoft has released the optional KB5026435 Preview cumulative update for Windows 10 22H2 with two new features and 18 additional fixes or changes. This release…
Chinese hackers breach US critical infrastructure in stealthy attacks
Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at…