Microsoft fixes Windows Server 2025 blue screen, install issues
Microsoft has fixed several known issues that caused Blue Screen of Death (BSOD) and installation issues on Windows Server 2025...
Read more →Category: Bleeping Computer
Marks & Spencer confirms a cyberattack as customers face delayed orders
Source: Marks & Spencer Marks & Spencer (M&S) has disclosed that it is responding to a cyberattack over the past...
Read more →
Active! Mail RCE flaw exploited in attacks on Japanese orgs
An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. Active! mail...
Read more →
Windows 10 KB5055612 preview update fixes a GPU bug in WSL2
Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for...
Read more →
Hackers abuse Zoom remote control feature for crypto-theft attacks
A hacking group dubbed ‘Elusive Comet’ targets cryptocurrency users in social engineering attacks that exploit Zoom’s remote control feature to...
Read more →
SK Telecom warns customer USIM data exposed in malware attack
South Korea’s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related...
Read more →
Ripple’s recommended XRP library xrpl.js hacked to steal wallets
The recommended Ripple cryptocurrency NPM JavaScript library named “xrpl.js” was compromised to steal XRP wallet seeds and private keys and...
Read more →
Cookie-Bite attack PoC uses Chrome extension to steal session tokens
A proof-of-concept attack called “Cookie-Bite” uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor...
Read more →
Microsoft Entra account lockouts caused by user token logging mishap
Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged...
Read more →
State-sponsored hackers embrace ClickFix social engineering tactic
ClickFix attacks are gaining traction among threat actors, with multiple advanced persistent threat (APT) groups from North Korea, Iran, and...
Read more →
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered...
Read more →
WordPress ad-fraud plugins generated 1.4 billion ad requests per day
A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that...
Read more →