CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned U.S. federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. Tracked as CVE-2025-20362 and…
Category: Bleeping Computer
Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations
Law enforcement authorities from nine countries have taken down over 1,000 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the…
CISA warns of WatchGuard firewall flaw exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has warned government agencies to patch an actively exploited vulnerability impacting WatchGuard Firebox firewalls. Remote attackers can…
Google sues to dismantle Chinese phishing platform behind US toll scams
Google has filed a lawsuit to dismantle “Lighthouse”, a phishing-as-a-service (PhaaS) platform used by cybercriminals worldwide to steal credit card information through SMS phishing (“smishing”)…
Google sues to dismantle Chinese platform behind global toll scams
Google has filed a lawsuit to dismantle “Lighthouse”, a phishing-as-a-service (PhaaS) platform used by cybercriminals worldwide to steal credit card information through SMS phishing (“smishing”)…
Windows 11 now supports 3rd-party apps for native passkey management
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden.…
DanaBot malware is back to infecting Windows after 6-month break
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement’s Operation Endgame disrupted its activity in May. According to…
“Never Trust, Always Verify” Goes Autonomous
Written by Ido Shlomo, CTO and Co-Founder, Token Security As organizations rapidly adopt AI assistants and autonomous agents to streamline workflows and boost efficiency, they…
Microsoft fixes bug causing false Windows 10 end-of-support alerts
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the…
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities “Citrix Bleed 2″ (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero-days…
New UK laws to strengthen critical infrastructure cyber defenses
The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies, and transport networks against cyberattacks, linked to annual…
Synnovis notifies of data breach after 2024 ransomware attack
Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ransomware attack in June 2024, which resulted in…