BleepingComputer
11.2K subscribers
41 photos
25K links
Latest news and stories from BleepingComputer.com

From a bleeping computer to a working computer.
Download Telegram
β€ŠGoogle Gemini CLI abused as a hacking agent, malware botnet operator

A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to operate a small-scale botnet. [...]

https://www.bleepingcomputer.com/news/security/google-gemini-cli-abused-as-a-hacking-agent-malware-botnet-operator/
πŸ”₯1😁1
β€ŠZoom warns of critical account takeover vulnerability

Zoom is warning of a critical vulnerability in its desktop client and software development kit for Windows that could be exploited by an unauthenticated party to hijack accounts. [...]

https://www.bleepingcomputer.com/news/security/zoom-warns-of-critical-account-takeover-vulnerability/
πŸŽ‰1πŸ’―1
β€ŠDutch police bust investment fraud ring stealing over €100 million

The Dutch Police announced the arrest of multiple individuals suspected of being part of an international investment fraud scheme estimated to have tens of thousands of victims. [...]

https://www.bleepingcomputer.com/news/security/dutch-police-bust-investment-fraud-ring-stealing-over-100-million/
❀2
β€ŠRussian hackers trojanize WebEx, Zoom apps to push Starland malware

A financially motivated Russian threat actor tracked as UAT-11795 is using trojanized software to steal credentials and cryptocurrency by deploying a new backdoor called Starland RAT. [...]

https://www.bleepingcomputer.com/news/security/russian-hackers-trojanize-webex-zoom-apps-to-push-starland-malware/
❀1πŸ‘€1
β€ŠCISA orders feds to patch actively exploited Oracle flaw by Saturday

CISA has ordered federal agencies to secure their systems by Saturday against ongoing attacks exploiting a critical vulnerability in the Oracle E-Business Suite financial application. [...]

https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-oracle-flaw-by-saturday/
πŸŽ‰1😍1
β€ŠAI Agents Broke the Security Playbook. Here's What Replaces It.

Traditional security workflows were built for environments that changed at human speed. Token Security explains why AI agents require a new approach: building on a live identity foundation while giving security teams the flexibility to create workflows tailored to their own environments. [...]

https://www.bleepingcomputer.com/news/security/ai-agents-broke-the-security-playbook-heres-what-replaces-it/
β€ŠNew OkoBot framework deploys 20 payloads to steal data, crypto

A new malicious framework called OkoBot is delivering more than 20 payloads in attacks focused on stealing cryptocurrency wallet seed phrases, credentials, and other sensitive data. [...]

https://www.bleepingcomputer.com/news/security/new-okobot-framework-deploys-20-payloads-to-steal-data-crypto/
❀1
β€ŠClaude Chrome extension flaw lets malicious extensions trigger AI actions

A flaw in Anthropic's Claude for Chrome browser extension could allow a malicious extension to trigger predefined AI actions by simulating user clicks, potentially allowing it to abuse Claude's access to connected services such as Gmail, Google Docs, Google Calendar, and Salesforce. [...]

https://www.bleepingcomputer.com/news/security/claude-chrome-extension-flaw-lets-malicious-extensions-trigger-ai-actions/
β€ŠCoca-Cola says Fairlife ransomware attack halts US dairy production

The Coca-Cola Company disclosed today that a ransomware attack impacting its Fairlife dairy subsidiary has disrupted operations, temporarily suspending production of Fairlife products across the United States. [...]

https://www.bleepingcomputer.com/news/security/coca-cola-says-fairlife-ransomware-attack-halts-us-dairy-production/
β€ŠInside the Search for "Clean" Residential Proxies for Carding

Residential proxies are no longer the silver bullet they once were for carding. Flare explains why cybercriminals increasingly seek "clean" residential proxies and combine them with browser fingerprints, device profiles, and other identity signals to evade modern fraud detection. [...]

https://www.bleepingcomputer.com/news/security/inside-the-search-for-clean-residential-proxies-for-carding/