Solana Pump.fun tool DogWifTool compromised to drain wallets

DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]

https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/

 New Aquabotv3 botnet malware targets Mitel command injection flaw

A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]

https://www.bleepingcomputer.com/news/security/new-aquabotv3-botnet-malware-targets-mitel-command-injection-flaw/

 Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics

A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI's safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...]

https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/

 Police seizes Cracked and Nulled hacking forum servers, arrests suspects

Europol and German law enforcement confirmed the arrest of two suspects and the seizure of 17 servers in Operation Talent, which took down Cracked and Nulled, two of the largest hacking forums with over 10 million users. [...]

https://www.bleepingcomputer.com/news/security/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects/

 Microsoft lifts Windows 11 update block for PCs with gaming issues

Microsoft has removed a safeguard hold that prevented devices with Auto HDR enabled from installing the Windows 11 2024 Update due to gaming issues. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-windows-11-update-block-for-pcs-with-gaming-issues/

 New Syncjacking attack hijacks devices using Chrome extensions

A new attack called 'Browser Syncjacking' demonstrates the possibility of using a seemingly benign Chrome extension to take over a victim's device through the browser. [...]

https://www.bleepingcomputer.com/news/security/new-syncjacking-attack-hijacks-devices-using-chrome-extensions/

 Major GitHub outage affects pull requests and other services

​GitHub is mitigating an ongoing incident causing problems with multiple services, including performing pull requests, creating or viewing issues, and even viewing repositories and commits. [...]

https://www.bleepingcomputer.com/news/technology/major-github-outage-affects-pull-requests-and-other-services/

 The Advantages of Cloud-Based Remote Desktop versus RDP over VPN

Remote work is now an essential part of many businesses, requiring organizations to rethink how they provide secure and efficient access to corporate resources. Learn from TruGrid about the advantages of cloud-based RDP versus RDP over VPN, especially in the context of security, performance, and cost-effectiveness. [...]

https://www.bleepingcomputer.com/news/security/the-advantages-of-cloud-based-remote-desktop-versus-rdp-over-vpn/

 DeepSeek exposes database with over 1 million chat records

DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information. [...]

https://www.bleepingcomputer.com/news/security/deepseek-exposes-database-with-over-1-million-chat-records/

 Ransomware attack disrupts New York blood donation giant

​The New York Blood Center (NYBC), one of the world's largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments. [...]

https://www.bleepingcomputer.com/news/security/ransomware-attack-disrupts-new-york-blood-donation-giant/

 Google blocked 2.36 million risky Android apps from Play Store in 2024

Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...]

https://www.bleepingcomputer.com/news/security/google-blocked-236-million-risky-android-apps-from-play-store-in-2024/

 Backdoor found in two healthcare patient monitors, linked to IP in China

The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device. [...]

https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/

 KuCoin to pay nearly $300 million in penalties after guilty plea

KuCoin's operator, PEKEN Global Limited, pleaded guilty to operating an unlicensed money-transmitting business and agreed to pay $297 million in penalties to settle charges in the U.S. [...]

https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-to-pay-nearly-300-million-in-penalties-after-guilty-plea/

 Police dismantles HeartSender cybercrime marketplace network

​Law enforcement authorities in the United States and the Netherlands have seized 39 domains and associated servers used by the HeartSender phishing gang operating out of Pakistan. [...]

https://www.bleepingcomputer.com/news/security/police-dismantles-heartsender-cybercrime-marketplace-network/

 US healthcare provider data breach impacts 1 million patients

Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients that their personal and health information was stolen in an October breach. [...]

https://www.bleepingcomputer.com/news/security/us-healthcare-provider-data-breach-impacts-1-million-patients/

 Mizuno USA says hackers stayed in its network for two months

​Mizuno USA, a subsidiary of Mizuno Corporation, one of the world's largest sporting goods manufacturers, confirmed in data breach notification letters that unknown attackers stole files from its network between August and October 2024. [...]

https://www.bleepingcomputer.com/news/security/mizuno-usa-says-hackers-stayed-in-its-network-for-two-months/

 Globe Life data breach may impact an additional 850,000 clients

Insurance giant Globe Life finished the investigation into the data breach it suffered last June and says that the incident may have impacted an additional 850,000 customers. [...]

https://www.bleepingcomputer.com/news/security/globe-life-data-breach-may-impact-an-additional-850-000-clients/

 Indian tech giant Tata Technologies hit by ransomware attack

Tata Technologies Ltd. had to suspend some of its IT services following a ransomware attack that impacted the company network. [...]

https://www.bleepingcomputer.com/news/security/indian-tech-giant-tata-technologies-hit-by-ransomware-attack/

 Microsoft improves text contrast for all Windows Chromium browsers

​Microsoft says it improved the contrast of text rendered in all Chromium-based web browsers on Windows, making it more readable on some displays. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-improves-text-contrast-for-all-windows-chromium-browsers/

 Google says hackers abuse Gemini AI to empower their attacks

Multiple state-sponsored groups are experimenting with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets. [...]

https://www.bleepingcomputer.com/news/security/google-says-hackers-abuse-gemini-ai-to-empower-their-attacks/