Ghanain man pleads guilty to role in $100 million fraud ring
A Ghanaian national pleaded guilty to his role in a massive fraud ring that stole over $100 million from victims across the United States through…
Category: Bleeping Computer
Microsoft 365 Backup to add file-level restore for faster recovery
Microsoft will soon begin rolling out a significant upgrade to Microsoft 365 Backup to speed up recovery by allowing administrators to restore individual files and…
Fake Claude Code install guides push infostealers in InstallFix attacks
Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext…
Hackers abusing AI at every stage of cyberattacks
Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects…
Termite ransomware breaches linked to ClickFix CastleRAT attacks
Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.…
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the…
Cognizant TriZetto breach exposes health data of 3.4 million patients
TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that…
Chinese state hackers target telcos with new malware toolkit
A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge devices. According…
Previously harmless Google API keys now expose Gemini AI data
Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. Researchers…
Trend Micro warns of critical Apex One code execution flaws
Japanese cybersecurity software firm Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. Apex…
European DYI chain ManoMano data breach impacts 38 million customers
DIY store chain ManoMano is notifying customers of a data breach that was caused by hackers compromising a third-party service provider. The company confirmed to…
Critical Juniper Networks PTX flaw allows full router takeover
A critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could allow an unauthenticated attacker to execute…