CISA warns of critical CentOS Web Panel bug exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP).…
Category: Bleeping Computer
SonicWall says state-sponsored hackers behind September security breach
SonicWall’s investigation into the September security breach that exposed customers’ firewall configuration backup files concludes that state-sponsored hackers were behind the attack. The network security company…
Windows 11 Store gets Ninite-style multi-app installer feature
The Microsoft Store on the web now lets you create a multi-app install package on Windows 11 that installs multiple applications from a single installer.…
UK carriers to block spoofed phone numbers in fraud crackdown
Under a new partnership with the government aimed at combating fraud, Britain’s largest mobile carriers have committed to upgrading their networks to eliminate scammers’ ability…
University of Pennsylvania confirms data stolen in cyberattack
The University of Pennsylvania has confirmed that a hacker breached numerous internal systems related to the university’s development and alumni activities and stole data in a cyberattack. …
Are you navigating with faulty instruments?
Picture this: you’re at the helm of a sophisticated avionics suite, trusting every gauge and blinking light. Your flight plan is impeccable, air traffic control…
Police busts credit card fraud rings with 4.3 million victims
International authorities have dismantled three massive credit card fraud and money laundering networks, linked to losses exceeding €300 million ($344 million) and affecting over 4.3…
US sanctions North Korean bankers linked to cybercrime, IT worker fraud
The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT…
October Windows updates trigger BitLocker recovery
Microsoft has warned that some systems may boot into BitLocker recovery after installing the October 2025 Windows security updates. BitLocker is a Windows security feature…
Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by…
Apache OpenOffice disputes data breach claims by ransomware gang
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB…
Malicious Android apps on Google Play downloaded 42 million times
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from…