RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk
The ImunifyAV malware scanner for Linux servers, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited…
Category: Bleeping Computer
How to protect your service accounts
Kerberoasting attacks remain an enduring headache for IT professionals, allowing hackers to escalate privileges and reach the highest levels of your Active Directory (AD) environment.…
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data…
Microsoft rolls out screen capture prevention for Teams users
Microsoft is rolling out a new Teams feature for Premium customers that will automatically block screenshots and recordings during meetings. Microsoft announced the feature in…
Popular Android-based photo frames download malware on boot
Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time. Mobile security company Quokka conducted…
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned U.S. federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. Tracked as CVE-2025-20362 and…
Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations
Law enforcement authorities from nine countries have taken down over 1,000 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the…
CISA warns of WatchGuard firewall flaw exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has warned government agencies to patch an actively exploited vulnerability impacting WatchGuard Firebox firewalls. Remote attackers can…
Google sues to dismantle Chinese phishing platform behind US toll scams
Google has filed a lawsuit to dismantle “Lighthouse”, a phishing-as-a-service (PhaaS) platform used by cybercriminals worldwide to steal credit card information through SMS phishing (“smishing”)…
Google sues to dismantle Chinese platform behind global toll scams
Google has filed a lawsuit to dismantle “Lighthouse”, a phishing-as-a-service (PhaaS) platform used by cybercriminals worldwide to steal credit card information through SMS phishing (“smishing”)…
Windows 11 now supports 3rd-party apps for native passkey management
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden.…
DanaBot malware is back to infecting Windows after 6-month break
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement’s Operation Endgame disrupted its activity in May. According to…