Windows 10 KB5072653 OOB update fixes ESU install errors
Microsoft has released an emergency Windows 10 KB5072653 out-of-band update to resolve ongoing issues with installing the November extended security updates. Windows 10 reached the…
Category: Bleeping Computer
Malicious NPM packages abuse Adspect redirects to evade security
Seven packages published on the Node Package Manager (npm) registry use the Adspect cloud-based service to separate researchers from potential victims and lead them to malicious locations. The…
xAI’s Grok 4.1 rolls out with improved quality and speed for free
Elon Musk-owned xAI has started rolling out Grok 4.1, which is an upgrade to the existing Grok 4 model. xAI has launched two Grok 4.1…
RondoDox botnet malware now hacks servers using XWiki flaw
The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. On October 30, the U.S.…
Google Gemini 3 spotted on AI Studio ahead of imminent release
Gemini 3, which could be Google’s best large language model, will begin rolling out in the next few hours or days, as the model has…
Eurofiber France warns of breach after hacker tries to sell customer data
Eurofiber France disclosed a data breach it discovered late last week when hackers gained access to its ticket management system by exploiting a vulnerability and…
Princeton University discloses data breach affecting donors, alumni
A Princeton University database was compromised in a cyberattack on November 10, exposing the personal information of alumni, donors, faculty members, and students. According to…
Dutch police seizes 250 servers used by “bulletproof hosting” service
The police in the Netherlands have seized around 250 physical servers powering a bulletproof hosting service in the country used exclusively by cybercriminals for providing…
Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses
Microsoft said today that the Aisuru botnet hit its Azure network with a 15.72 terabits per second (Tbps) DDoS attack, launched from over 500,000 IP…
DoorDash email spoofing vulnerability sparks messy disclosure dispute
A vulnerability in DoorDash’s systems could allow anyone to send “official” DoorDash-themed emails right from company’s authorized servers, paving a near-perfect phishing channel. DoorDash has now patched…
Pennsylvania AG confirms data breach after INC Ransom attack
The office of Pennsylvania’s attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. This…
Windows bug blocks Microsoft 365 desktop app installs
Microsoft is working to resolve a known issue preventing users from installing the Microsoft 365 desktop apps on Windows devices. In a Friday service alert…