Piecing Together the Puzzle: A Qilin Ransomware Investigation
Written by Lindsey O’Donnell-Welch, Ben Folland, Harlan Carvey of Huntress Labs. A big part of a security analyst’s everyday role is figuring out what actually…
Category: Bleeping Computer
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a…
WhatsApp API flaw let researchers scrape 3.5 billion accounts
Researchers compiled a list of 3.5 billion WhatsApp mobile phone numbers and associated personal information by abusing a contact-discovery API that lacked rate limiting. The…
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in…
Nvidia confirms October Windows updates cause gaming issues
Nvidia has confirmed that last month’s security updates are causing gaming performance issues on Windows 11 24H2 and Windows 11 25H2 systems. To address these problems,…
Grafana warns of max severity admin spoofing vulnerability
Grafana Labs is warning of a maximum severity vulnerability (CVE-2025-41115) in its Enterprise product that can be exploited to treat new users as administrators or…
Out-of-band update fixes Windows 11 hotpatch install loop
Microsoft has released the KB5072753 out-of-band cumulative update to fix a known issue causing the November 2025 KB5068966 hotpatch update to reinstall on Windows 11 systems…
‘Scattered Spider’ teens plead not guilty to UK transport hack
Two British teenagers have denied charges related to an investigation into the breach of Transport for London (TfL) in August 2024, which caused millions of…
CrowdStrike catches insider feeding information to hackers
American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with unnamed threat actors. However, the company noted that its…
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack…
Avast Makes AI-Driven Scam Defense Available for Free Worldwide
Driven by a commitment to make cutting-edge scam protection available to everyone, Avast, a leader in digital security and privacy and part of Gen, has…
Hacker claims to steal 2.3TB data from Italian rail group, Almaviva
Data from Italy’s national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization’s IT services provider, Almaviva. The hacker…