Self-spreading GlassWorm malware hits OpenVSX, VS Code registries
A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been…
Category: Bleeping Computer
Microsoft fixes Windows Server Active Directory sync issues
Microsoft is rolling out a fix for Active Directory issues affecting some Windows Server 2025 systems after installing security updates released since September. As Redmond…
Microsoft warns of Windows smart card auth issues after October updates
Microsoft says the October 2025 Windows security updates are causing smart card authentication and certificate issues due to a change designed to strengthen the Windows…
AWS outage crashes Amazon, PrimeVideo, Fortnite, Perplexity and more
AWS outage has taken down millions of websites, including Amazon.com, PrimeVideo, Perplexity AI, Canva and more. The outage started approx 30 minutes ago and it’s…
Experian fined $3.2 million for mass-collecting personal data
Experian Netherlands has been fined EUR 2.7 million ($3.2 million) for multiple violations of the General Data Protection Regulation (GDPR) The Dutch Data Protection Authority (AP)…
TikTok videos continue to push infostealers in ClickFix attacks
Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware. ISC Handler Xavier…
OpenAI confirms GPT-6 is not shipping in 2025
OpenAI is not planning to ship GPT-6 this year, but that doesn’t necessarily mean the company will not release new models. OpenAI currently has several…
Google ads for fake Homebrew, LogMeIn sites push infostealers
A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. The…
American Airlines subsidiary Envoy confirms Oracle data theft attack
Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion…
ConnectWise fixes Automate bug allowing AiTM update attacks
ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and…
Europol dismantles SIM box operation renting numbers for cybercrime
European law enforcement in an operation codenamed ‘SIMCARTEL’ has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5…
Microsoft lifts more safeguard holds blocking Windows 11 updates
Microsoft has removed two more compatibility holds preventing customers from installing Windows 11 24H2 via Windows Update. The first safeguard hold was added in April…