Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets
The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen…
Category: Bleeping Computer
Google fixes two Android zero days exploited in attacks, 107 flaws
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks. The two high-severity vulnerabilities are…
Microsoft Defender portal outage disrupts threat hunting alerts
Microsoft is working to mitigate an ongoing incident that has been blocking access to some Defender XDR portal capabilities for the past 10 hours. According…
Renting Tools, Access, and Infrastructure
These days, the cybercrime ecosystem functions more and more like a subscription-based technology sector. Similar to the “as-a-service” model of legitimate cloud services, crime-as-a-service (CaaS)…
North Korea lures engineers to rent identities in fake IT worker scheme
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for revenue generation. Famous…
Fake Calendly invites spoof top brands to hijack ad manager accounts
An ongoing phishing campaign impersonates popular brands, such as Unilever, Disney, MasterCard, LVMH, and Uber, in Calendly-themed lures to steal Google Workspace and Facebook business…
KB5070311 triggers File Explorer white flash in dark mode
Microsoft has confirmed that the KB5070311 preview update is triggering bright white flashes when launching the File Explorer in dark mode on Windows 11 systems.…
University of Pennsylvania confirms new data breach after Oracle hack
The University of Pennsylvania (Penn) has announced a new data breach after attackers stole documents containing personal information from its Oracle E-Business Suite servers in…
Windows 11 KB5070311 update fixes File Explorer freezes, search issues
Microsoft has released the KB5070311 preview cumulative update for Windows 11 systems, which includes 49 changes, including fixes for File Explorer freezes and search issues.…
Glassworm malware returns in third wave of malicious VS Code packages
The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages…
SmartTube YouTube app for Android TV breached to push malicious update
The popular open-source SmartTube YouTube client for Android TV was compromised after an attacker gained access to the developer’s signing keys, leading to a malicious…
Microsoft says new Outlook can’t open some Excel attachments
Microsoft is working to resolve a known issue that prevents some users from opening Excel email attachments in the new Outlook client. According to a…