Fake CS2 tournament streams used to steal crypto, Steam accounts

Threat actors are exploiting major Counter-Strike 2 (CS2) competitions, like IEM Katowice 2025 and PGL Cluj-Napoca 2025, to defraud gamers and steal their Steam accounts and cryptocurrency. [...]

https://www.bleepingcomputer.com/news/security/fake-cs2-tournament-streams-used-to-steal-crypto-steam-accounts/

 Beware: PayPal "New Address" feature abused to send phishing emails

An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers [...]

https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/

 Google Cloud introduces quantum-safe digital signatures in KMS

Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. [...]

https://www.bleepingcomputer.com/news/security/google-cloud-introduces-quantum-safe-digital-signatures-in-kms/

 Exploits for unpatched Parallels Desktop flaw give root on Macs

Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices. [...]

https://www.bleepingcomputer.com/news/security/exploits-for-unpatched-parallels-desktop-flaw-give-root-on-macs/

 North Korean hackers linked to $1.5 billion ByBit crypto heist

​Over the weekend, blockchain security companies and experts have linked North Korea's Lazarus hacking group to the theft of over $1.5 billion from cryptocurrency exchange Bybit. [...]

https://www.bleepingcomputer.com/news/security/north-korean-hackers-linked-to-15-billion-bybit-crypto-heist/

 Botnet targets Basic Auth in Microsoft 365 password spray attacks

A massive botnet of over 130,000 compromised devices is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide, attempting to confirm credentials. [...]

https://www.bleepingcomputer.com/news/security/botnet-targets-basic-auth-in-microsoft-365-password-spray-attacks/

 Australia bans all Kaspersky products on government systems

The Australian government has banned all Kaspersky Lab products and web services from its systems and devices following an analysis that claims the company poses a significant security risk to the country. [...]

https://www.bleepingcomputer.com/news/security/australia-bans-all-kaspersky-products-on-government-systems/

 Microsoft launches ad-supported Office apps for Windows users

Microsoft has released ad-supported versions of its Office desktop apps, which have limited features but allow Windows users to edit their documents for free. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-sneaks-out-ad-supported-office-apps-for-windows-users/

 Russia warns financial sector of major IT service provider hack

Russia's National Coordination Center for Computer Incidents (NKTsKI) is warning organizations in the country's credit and financial sector about a breach at LANIT, a major Russian IT service and software provider. [...]

https://www.bleepingcomputer.com/news/security/russia-warns-financial-sector-of-major-it-service-provider-hack/

 OpenAI bans ChatGPT accounts used by North Korean hackers

OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. [...]

https://www.bleepingcomputer.com/news/security/openai-bans-chatgpt-accounts-used-by-north-korean-hackers/

 Orange Group confirms breach after hacker leaks company documents

A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider. [...]

https://www.bleepingcomputer.com/news/security/orange-group-confirms-breach-after-hacker-leaks-company-documents/

 Anthropic's Claude 3.7 Sonnet is here and results are insane

Anthropic has started rolling out Claude 3.7 Sonnet, the company's most advanced model and the first hybrid reasoning model it has shipped. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/anthropics-claude-37-sonnet-is-here-and-results-are-insane/

 US drug testing firm says data breach impacted 3.3 million people

DISA Global Solutions, a leading US background screening and drug and alcohol testing firm, has suffered a data breach impacting 3.3 million people. [...]

https://www.bleepingcomputer.com/news/security/disa-global-says-data-breach-impacted-33-million-people/

 New Auto-Color Linux backdoor targets North American govts, universities

A previously undocumented Linux backdoor dubbed 'Auto-Color' was observed in attacks between November and December 2024, targeting universities and government organizations in North America and Asia. [...]

https://www.bleepingcomputer.com/news/security/new-auto-color-linux-backdoor-targets-north-american-govts-universities/

 Windows 10 KB5052077 update fixes broken SSH connections

​​Microsoft has released the optional KB5052077 preview cumulative update for Windows 10 22H2 with nine bug fixes and changes, including a fix for a longstanding known issue that breaks SSH connections. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5052077-update-fixes-broken-ssh-connections/

 GitVenom attacks abuse hundreds of GitHub repos to steal crypto

A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and credentials. [...]

https://www.bleepingcomputer.com/news/security/gitvenom-attacks-abuse-hundreds-of-github-repos-to-steal-crypto/

 Microsoft fixes Entra ID authentication issue caused by DNS change

Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company's Seamless SSO and Microsoft Entra Connect Sync. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-entra-id-authentication-issue-caused-by-dns-change/

 Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers

Mozilla has renewed its promise to continue supporting Manifest V2 extensions alongside Manifest V3, giving users the freedom to use the extensions they want in their browser. [...]

https://www.bleepingcomputer.com/news/security/firefox-continues-manifest-v2-support-as-chrome-disables-mv2-ad-blockers/

 Have I Been Pwned adds 284M accounts stolen by infostealer malware

​The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel. [...]

https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-284m-accounts-stolen-by-infostealer-malware/

 Windows 11 24H2 upgrades now blocked for some AutoCAD users

Microsoft has introduced a new Windows 11 24H2 upgrade block for systems with AutoCAD 2022, addressing compatibility issues that prevent the program from launching. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-24h2-upgrades-now-blocked-for-some-autocad-users/

 Windows 11 KB5052093 update released with 33 changes and fixes

Microsoft has released the February 2025 preview cumulative update for Windows 11 24H2, with 33 improvements and fixes for multiple issues, including SSH and File Explorer bugs and the volume jumping to 100% when waking the PC from sleep. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5052093-update-released-with-33-changes-and-fixes/