Australia warns of BadCandy infections on unpatched Cisco devices
The Australian government is warning about ongoing cyberattacks against unpatched Cisco IOS XE devices in the country to infect routers with the BadCandy webshell. The…
Category: Bleeping Computer
Why password controls still matter in cybersecurity
In January 2024, Russian hackers broke into Microsoft’s systems by slipping past what many believed was an ironclad security setup. The attack proved that even with multiple…
Alleged Meduza Stealer malware admins arrested after hacking Russian org
The Russian authorities have arrested three individuals in Moscow who are believed to be the creators and operators of the Meduza Stealer information-stealing malware. The action was…
High-severity Linux flaw now exploited by ransomware gangs
CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ransomware attacks. While the vulnerability (tracked…
Google says Search AI Mode will know everything about you
Google wants ‘AI mode’ on Search to be as personal as possible, and it’ll soon tap into services like Gmail or Drive to know more…
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. According to Arctic Wolf…
Ukrainian extradited from Ireland on Conti ransomware charges
A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could…
OpenAI confirms GPT-5 is now better at handling mental and emotional distress
OpenAI confirmed that it shipped an update on October 5, which allows GPT-5 to better handle sensitive conversations. After the update, GPT will automatically recognize…
LinkedIn phishing targets finance execs with fake board invites
Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials. The campaign…
CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers
On Thursday, CISA warned U.S. government agencies to secure their systems against attacks exploiting a high-severity vulnerability in Broadcom’s VMware Aria Operations and VMware Tools…
Massive surge of NFC relay malware steals Europeans’ credit cards
Near-Field Communication (NFC) relay malware has grown massively popular in Eastern Europe, with researchers discovering over 760 malicious Android apps using the technique to steal…
BPO giant Conduent confirms data breach impacts 10.5 million people
American business services giant Conduent has confirmed that a 2024 data breach has impacted over 10.5 million people, according to notifications filed with the US Attorney…