WordPress security plugin exposes private data to site subscribers
The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on…
Category: Bleeping Computer
Canada says hacktivists breached water and energy facilities
The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial…
Microsoft fixes Media Creation Tool broken on some Windows PCs
Microsoft has confirmed that the Windows 11 Media Creation Tool (MCT) is working again on Windows 10 22H2 and Windows 11 25H2 systems. MCT is…
DNS outage impacts Azure and Microsoft 365 services
Microsoft is suffering an ongoing DNS outage affecting customers worldwide, preventing them from logging into company networks and accessing Microsoft Azure and Microsoft 365 services.…
PhantomRaven attack floods npm with credential-stealing packages
An active campaign named ‘PhantomRaven’ is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials. The activity…
Streamlining Patching and Vulnerability Remediation
For years, patch management has been one of the least glamorous yet most consequential aspects of IT operations. Vulnerabilities emerge daily, and while most administrators…
Microsoft fixes 0x800F081F errors causing Windows update failures
Microsoft has resolved a known issue that caused Windows updates to fail, leading to 0x800F081F errors on Windows 11 24H2 systems. In a service alert…
Windows 11 KB5067036 update rolls out Administrator Protection feature
Microsoft has released the KB5067036 preview cumulative update for Windows 11 24H2 and 25H2, which begins the rollout of the Administrator Protection cybersecurity feature and…
Python rejects $1.5M grant from U.S. govt. fearing ethical compromise
The Python Software Foundation (PSF) has withdrawn its $1.5 million grant proposal to the U.S. National Science Foundation (NSF) due to funding terms forcing a…
Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions
The Australian Competition and Consumer Commission (ACCC) is suing Microsoft for allegedly misleading 2.7 million Australians into paying for the Copilot AI assistant in the…
Advertising giant Dentsu reports data breach at subsidiary Merkle
Japanese advertising giant Dentsu has disclosed that its U.S.-based subsidiary Merkle suffered a cybersecurity incident that exposed staff and client data. The company states that…
CISA warns of two more actively exploited Dassault vulnerabilities
The Cybersecurity & Infrastructure Security Agency (CISA) warned today that attackers are actively exploiting two vulnerabilities in Dassault Systèmes’ DELMIA Apriso, a manufacturing operations management…