Riot Games hacked, delays game patches after security breach
Riot Games, the video game developer and publisher behind League of Legends and Valorant, says it will delay game patches after its development environment was…
Category: Bleeping Computer
New Boldmove Linux malware used to backdoor Fortinet devices
Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a…
Over 19,000 end-of-life Cisco routers exposed to RCE attacks
Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain. By chaining two security flaws disclosed…
The Week in Ransomware – January 20th 2023
There has been quite a bit of ransomware news this week, with crypto exchanges being seized for alleged money laundering and researchers providing fascinating reports…
Exploits released for two Samsung Galaxy App Store vulnerabilities
Two vulnerabilities in the Galaxy App Store, Samsung’s official repository for its devices, could enable attackers to install any app in the Galaxy Store without…
Critical ManageEngine RCE bug now exploited to open reverse shells
A critical remote code execution (RCE) vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks. The first exploitation attempts were observed by…
LAUSD says Vice Society ransomware gang stole contractors’ SSNs
Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang has stolen files containing contractors’…
Ransomware profits drop 40% in 2022 as victims refuse to pay
Ransomware gangs extorted from victims about $456.8 million throughout 2022, a drop of roughly 40% from the record-breaking $765 million recorded in the previous two…
New ‘Blank Image’ attack hides phishing scripts in SVG files
An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be DocuSign documents. Security researchers at…
Exploit released for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code is now available for a remote code execution (RCE) vulnerability in multiple Zoho ManageEngine products. This pre-authentication RCE flaw is tracked as…
Microsoft starts testing Notepad tabs in Windows 11
Microsoft released a new version of Notepad for Windows 11 on Thursday that will allow Windows Insiders in the Dev channel to use multiple tabs.…
T-Mobile hacked to steal data of 37 million accounts in API data breach
T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application…