Canada arrests three for operating “SMS blaster” device in Toronto
Canadian authorities have arrested three men for operating an “SMS blaster” device that pretends to be a cellular tower to send phishing texts to nearby…
Category: Bleeping Computer
Robinhood account creation flaw abused to send phishing emails
Online trading platform Robinhood’s account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts…
GlassWorm malware attacks return via 73 OpenVSX “sleeper” extensions
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 “sleeper” extensions that turn malicious after an update. Six of the…
FTC: Americans lost over $2.1 billion to social media scams in 2025
The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025. According…
Microsoft says Outlook.com outage is causing sign‑in failures
Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing their mailboxes. Since the incident started over…
American utility firm Itron discloses breach of internal IT network
Utility technology company Itron, Inc. has disclosed that an unauthorized third party accessed some of its internal systems during a cyberattack. The company states that…
Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver.…
DORA and operational resilience: Credential management as a financial risk control
Author: Eirik Salmi, System Analyst at Passwork When a threat actor walks into your network using a legitimate username and password, which control stops them?…
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. The feature is expected to…
Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named “Snow,” which includes a browser extension, a tunneler,…
Microsoft rolls out revamped Windows Insider Program
Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address reliability concerns in Windows 11. For…
New BlackFile extortion group linked to surge of vishing attacks
A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality…