Latest news and stories from BleepingComputer.com
Heroku admits to customer database hack after OAuth token theft
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers' hashed and salted passwords from "a database." [...]
Heroku admits to customer database hack after OAuth token theft
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers' hashed and salted passwords from "a database." [...]
BleepingComputer
Heroku admits that customer credentials were stolen in cyberattack
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to e…
🔥1
Latest news and stories from BleepingComputer.com
Heroku admits that customer credentials were stolen in cyberattack
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers' hashed and salted passwords from "a database." [...]
Heroku admits that customer credentials were stolen in cyberattack
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers' hashed and salted passwords from "a database." [...]
BleepingComputer
Heroku admits that customer credentials were stolen in cyberattack
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to e…
👏3
Latest news and stories from BleepingComputer.com
Tor project upgrades network speed performance with new system
The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. [...]
Tor project upgrades network speed performance with new system
The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. [...]
BleepingComputer
Tor project upgrades network speed performance with new system
The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network.
🔥2
Latest news and stories from BleepingComputer.com
New NetDooka malware spreads via poisoned search results
A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install (PPI) malware distribution service, allowing threat actors full access to an infected device. [...]
New NetDooka malware spreads via poisoned search results
A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install (PPI) malware distribution service, allowing threat actors full access to an infected device. [...]
BleepingComputer
New NetDooka malware spreads via poisoned search results
A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install (PPI) malware distribution service, allowing threat actors full access to an infected device.
Latest news and stories from BleepingComputer.com
Google fixes actively exploited Android kernel vulnerability
Google has released the second part of the May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability. [...]
Google fixes actively exploited Android kernel vulnerability
Google has released the second part of the May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability. [...]
BleepingComputer
Google fixes actively exploited Android kernel vulnerability
Google has released the second part of the May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability.
Latest news and stories from BleepingComputer.com
Microsoft, Apple, and Google to support FIDO passwordless logins
Microsoft, Apple, and Google announced today plans to support a common passwordless sign-in standard (known as passkeys) developed by the World Wide Web Consortium (W3C) and the FIDO Alliance. [...]
Microsoft, Apple, and Google to support FIDO passwordless logins
Microsoft, Apple, and Google announced today plans to support a common passwordless sign-in standard (known as passkeys) developed by the World Wide Web Consortium (W3C) and the FIDO Alliance. [...]
BleepingComputer
Microsoft, Apple, and Google to support FIDO passwordless logins
Microsoft, Apple, and Google announced today plans to support a common passwordless sign-in standard (known as passkeys) developed by the World Wide Web Consortium (W3C) and the FIDO Alliance.
Latest news and stories from BleepingComputer.com
FTC to force ISP to deploy fiber for 60K users to match speed claims
The Federal Trade Commission (FTC) today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "lying" to its customers and support its high-speed internet claims. [...]
FTC to force ISP to deploy fiber for 60K users to match speed claims
The Federal Trade Commission (FTC) today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "lying" to its customers and support its high-speed internet claims. [...]
BleepingComputer
FTC to force ISP to deploy fiber for 60K users to match speed claims
The Federal Trade Commission (FTC) today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "lying" to its customers and support its high-speed internet claims.
Latest news and stories from BleepingComputer.com
NIST updates guidance for defending against supply-chain attacks
The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks. [...]
NIST updates guidance for defending against supply-chain attacks
The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks. [...]
BleepingComputer
NIST updates guidance for defending against supply-chain attacks
The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks.
Latest news and stories from BleepingComputer.com
Ukraine’s IT Army is disrupting Russia's alcohol distribution
Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia. [...]
Ukraine’s IT Army is disrupting Russia's alcohol distribution
Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia. [...]
BleepingComputer
Ukraine’s IT Army is disrupting Russia's alcohol distribution
Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia.
👏3
Latest news and stories from BleepingComputer.com
White House: Prepare for cryptography-cracking quantum computers
President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement a set of measures that would mitigate risks posed by quantum computers to US national cyber security. [...]
White House: Prepare for cryptography-cracking quantum computers
President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement a set of measures that would mitigate risks posed by quantum computers to US national cyber security. [...]
BleepingComputer
White House: Prepare for cryptography-cracking quantum computers
President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement a set of measures that would mitigate risks posed by quantum computers to US national cyber security.
Latest news and stories from BleepingComputer.com
New Raspberry Robin worm uses Windows Installer to drop malware
Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives. [...]
New Raspberry Robin worm uses Windows Installer to drop malware
Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives. [...]
BleepingComputer
New Raspberry Robin worm uses Windows Installer to drop malware
Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives.
Latest news and stories from BleepingComputer.com
Google Docs crashes on seeing "And. And. And. And. And."
A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. BleepingComputer was able to reproduce the issue last night and reached out to Google. [...]
Google Docs crashes on seeing "And. And. And. And. And."
A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. BleepingComputer was able to reproduce the issue last night and reached out to Google. [...]
BleepingComputer
Google Docs crashes on seeing "And. And. And. And. And."
A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. BleepingComputer was able to reproduce the issue last night and reached out to Google.
Latest news and stories from BleepingComputer.com
SheetJS ditches npm registry over 2FA requirement and 'legal matters'
In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. [...]
SheetJS ditches npm registry over 2FA requirement and 'legal matters'
In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. [...]
BleepingComputer
SheetJS ditches npm registry over 2FA requirement and 'legal matters'
In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets…
Latest news and stories from BleepingComputer.com
QNAP fixes critical QVR remote command execution vulnerability
QNAP has released several security advisories today to alert its customers about various fixes for flaws affecting its products. The one that stands out is a critical RCE (remote code execution) in QVR. [...]
QNAP fixes critical QVR remote command execution vulnerability
QNAP has released several security advisories today to alert its customers about various fixes for flaws affecting its products. The one that stands out is a critical RCE (remote code execution) in QVR. [...]
BleepingComputer
QNAP fixes critical QVR remote command execution vulnerability
QNAP has released several security advisories today to alert its customers about various fixes for flaws affecting its products. The one that stands out is a critical RCE (remote code execution) in QVR.
Latest news and stories from BleepingComputer.com
NVIDIA fined for failure to disclose cryptomining sales boost
The U.S. Securities and Exchange Commission (SEC) announced Friday that it settled charges against multinational tech firm NVIDIA for "inadequate disclosures" of cryptomining's impact on its gaming business. [...]
NVIDIA fined for failure to disclose cryptomining sales boost
The U.S. Securities and Exchange Commission (SEC) announced Friday that it settled charges against multinational tech firm NVIDIA for "inadequate disclosures" of cryptomining's impact on its gaming business. [...]
BleepingComputer
NVIDIA fined for failure to disclose cryptomining sales boost
The U.S. Securities and Exchange Commission (SEC) announced Friday that it settled charges against multinational tech firm NVIDIA for "inadequate disclosures" of cryptomining's impact on its gaming business.
Latest news and stories from BleepingComputer.com
US sanctions Bitcoin laundering service used by North Korean hackers
The US Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge. [...]
US sanctions Bitcoin laundering service used by North Korean hackers
The US Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge. [...]
BleepingComputer
US sanctions Bitcoin laundering service used by North Korean hackers
The US Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge.
Latest news and stories from BleepingComputer.com
US agricultural machinery maker AGCO hit by ransomware attack
AGCO, a leading US-based agricultural machinery producer, has announced it was hit by a ransomware attack impacting some of its production facilities. [...]
US agricultural machinery maker AGCO hit by ransomware attack
AGCO, a leading US-based agricultural machinery producer, has announced it was hit by a ransomware attack impacting some of its production facilities. [...]
BleepingComputer
US agricultural machinery maker AGCO hit by ransomware attack
AGCO, a leading US-based agricultural machinery producer, has announced it was hit by a ransomware attack impacting some of its production facilities.
Latest news and stories from BleepingComputer.com
Ferrari subdomain hijacked to push fake Ferrari NFT collection
One of Ferrari's subdomains was hijacked yesterday to host a scam promoting fake Ferrari NFT collection, according to researchers. The Ethereum wallet associated with the cryptocurrency scam appears to have collected a few hundred dollars before the hacked subdomain was shut down. [...]
Ferrari subdomain hijacked to push fake Ferrari NFT collection
One of Ferrari's subdomains was hijacked yesterday to host a scam promoting fake Ferrari NFT collection, according to researchers. The Ethereum wallet associated with the cryptocurrency scam appears to have collected a few hundred dollars before the hacked subdomain was shut down. [...]
BleepingComputer
Ferrari subdomain hijacked to push fake Ferrari NFT collection
One of Ferrari's subdomains was hijacked yesterday to host a scam promoting fake Ferrari NFT collection, according to researchers. The Ethereum wallet associated with the cryptocurrency scam appears to have collected a few hundred dollars before the hacked…
Latest news and stories from BleepingComputer.com
npm package with 1.4M weekly downloads ditches npmjs.com for own CDN
In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. [...]
npm package with 1.4M weekly downloads ditches npmjs.com for own CDN
In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. [...]
BleepingComputer
npm package with 1.4M weekly downloads ditches npmjs.com for own CDN
In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets…
Latest news and stories from BleepingComputer.com
Xbox is down worldwide with users unable to play games
Microsoft says the Xbox Live services are currently down in a major outage, impacting customers worldwide and preventing them from launching or buying games. [...]
Xbox is down worldwide with users unable to play games
Microsoft says the Xbox Live services are currently down in a major outage, impacting customers worldwide and preventing them from launching or buying games. [...]
BleepingComputer
Xbox is down worldwide with users unable to play games
Microsoft says the Xbox Live services are currently down in a major outage, impacting customers worldwide and preventing them from launching or buying games.
Latest news and stories from BleepingComputer.com
The Week in Ransomware - May 6th 2022 - An evolving landscape
Ransomware operations continue to evolve, with new groups appearing and others quietly shutting down their operations or rebranding as new groups. [...]
The Week in Ransomware - May 6th 2022 - An evolving landscape
Ransomware operations continue to evolve, with new groups appearing and others quietly shutting down their operations or rebranding as new groups. [...]
BleepingComputer
The Week in Ransomware - May 6th 2022 - An evolving landscape
Ransomware operations continue to evolve, with new groups appearing and others quietly shutting down their operations or rebranding as new groups.