βHackers use RMM tools to breach freighters and steal cargo shipments
Threat actors are targeting freight brokers and trucking carriers with malicious links and emails to deploy remote monitoring and management tools (RMMs) that enable them to hijack cargo and steal physical goods. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-rmm-tools-to-breach-freighters-and-steal-cargo-shipments/
Threat actors are targeting freight brokers and trucking carriers with malicious links and emails to deploy remote monitoring and management tools (RMMs) that enable them to hijack cargo and steal physical goods. [...]
https://www.bleepingcomputer.com/news/security/hackers-use-rmm-tools-to-breach-freighters-and-steal-cargo-shipments/
BleepingComputer
Hackers use RMM tools to breach freighters and steal cargo shipments
Threat actors are targeting freight brokers and trucking carriers with malicious links and emails to deploy remote monitoring and management tools (RMMs) that enable them to hijack cargo and steal physical goods.
π1
βUS cybersecurity experts indicted for BlackCat ransomware attacks
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the networks of five U.S. companies in BlackCat (ALPHV) ransomware attacks between May 2023 and November 2023. [...]
https://www.bleepingcomputer.com/news/security/us-cybersecurity-experts-indicted-for-blackcat-ransomware-attacks/
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the networks of five U.S. companies in BlackCat (ALPHV) ransomware attacks between May 2023 and November 2023. [...]
https://www.bleepingcomputer.com/news/security/us-cybersecurity-experts-indicted-for-blackcat-ransomware-attacks/
BleepingComputer
US cybersecurity experts indicted for BlackCat ransomware attacks
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the networks of five U.S. companies in BlackCat (ALPHV) ransomware attacks between May 2023 and November 2023.
π2π1
βMicrosoft: SesameOp malware abuses OpenAI Assistants API in attacks
Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. [...]
https://www.bleepingcomputer.com/news/security/microsoft-sesameop-malware-abuses-openai-assistants-api-in-attacks/
Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. [...]
https://www.bleepingcomputer.com/news/security/microsoft-sesameop-malware-abuses-openai-assistants-api-in-attacks/
BleepingComputer
Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks
Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel.
π₯2
βFake Solidity VSCode extension on Open VSX backdoors developers
A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel with the attacker. [...]
https://www.bleepingcomputer.com/news/security/fake-solidity-vscode-extension-on-open-vsx-backdoors-developers/
A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel with the attacker. [...]
https://www.bleepingcomputer.com/news/security/fake-solidity-vscode-extension-on-open-vsx-backdoors-developers/
BleepingComputer
Fake Solidity VSCode extension on Open VSX backdoors developers
A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel with the attacker.
π₯2π₯°1
βHacker steals over $120 million from Balancer DeFi crypto protocol
The Balancer Protocol announced that hackers had targeted its v2 pools, with losses reportedly estimated to be more than $128 million. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/hacker-steals-over-120-million-from-balancer-defi-crypto-protocol/
The Balancer Protocol announced that hackers had targeted its v2 pools, with losses reportedly estimated to be more than $128 million. [...]
https://www.bleepingcomputer.com/news/cryptocurrency/hacker-steals-over-120-million-from-balancer-defi-crypto-protocol/
BleepingComputer
Hacker steals over $120 million from Balancer DeFi crypto protocol
The Balancer Protocol announced that hackers had targeted its v2 pools, with losses reportedly estimated to be more than $128 million.
π4π€―1
βHackers exploit critical auth bypass flaw in JobMonster WordPress theme
Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator accounts under certain conditions. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-auth-bypass-flaw-in-jobmonster-wordpress-theme/
Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator accounts under certain conditions. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-auth-bypass-flaw-in-jobmonster-wordpress-theme/
BleepingComputer
Hackers exploit critical auth bypass flaw in JobMonster WordPress theme
Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator accounts under certain conditions.
β€1
βWindows 10 update bug triggers incorrect end-of-support alerts
βMicrosoft says the October 2025 updates trigger incorrect end-of-support warnings on Windows 10 systems with active security coverage or still under active support. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-update-bug-triggers-incorrect-end-of-support-alerts/
βMicrosoft says the October 2025 updates trigger incorrect end-of-support warnings on Windows 10 systems with active security coverage or still under active support. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-update-bug-triggers-incorrect-end-of-support-alerts/
BleepingComputer
Windows 10 update bug triggers incorrect end-of-support alerts
βMicrosoft says the October 2025 updates trigger incorrect end-of-support warnings on Windows 10 systems with active security coverage or still under active support.
π1
βRussian hackers abuse Hyper-V to hide malware in Linux VMs
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malware. [...]
https://www.bleepingcomputer.com/news/security/russian-hackers-abuse-hyper-v-to-hide-malware-in-linux-vms/
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malware. [...]
https://www.bleepingcomputer.com/news/security/russian-hackers-abuse-hyper-v-to-hide-malware-in-linux-vms/
BleepingComputer
Russian hackers abuse Hyper-V to hide malware in Linux VMs
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malware.
π₯1
βThe Top 3 Browser Sandbox Threats That Slip Past Modern Security Tools
Attackers exploit web browsers' built-in behaviors to steal credentials, abuse extensions, and move laterall, slipping past traditional defenses. Learn from Keep Aware how browser-layer visibility and policy enforcement stop these hidden threats in real time. [...]
https://www.bleepingcomputer.com/news/security/the-top-3-browser-sandbox-threats-that-slip-past-modern-security-tools/
Attackers exploit web browsers' built-in behaviors to steal credentials, abuse extensions, and move laterall, slipping past traditional defenses. Learn from Keep Aware how browser-layer visibility and policy enforcement stop these hidden threats in real time. [...]
https://www.bleepingcomputer.com/news/security/the-top-3-browser-sandbox-threats-that-slip-past-modern-security-tools/
BleepingComputer
The Top 3 Browser Sandbox Threats That Slip Past Modern Security Tools
Attackers exploit web browsers' built-in behaviors to steal credentials, abuse extensions, and move laterall, slipping past traditional defenses. Learn from Keep Aware how browser-layer visibility and policy enforcement stop these hidden threats in real time.
β€1
βPolice arrests suspects linked to β¬600 million crypto fraud ring
European law enforcement authorities have arrested nine suspected money launderers who set up a cryptocurrency fraud network that stole over β¬600 million ($689 million) from victims across multiple countries. [...]
https://www.bleepingcomputer.com/news/security/european-police-dismantles-600-million-crypto-investment-fraud-ring/
European law enforcement authorities have arrested nine suspected money launderers who set up a cryptocurrency fraud network that stole over β¬600 million ($689 million) from victims across multiple countries. [...]
https://www.bleepingcomputer.com/news/security/european-police-dismantles-600-million-crypto-investment-fraud-ring/
BleepingComputer
Police arrests suspects linked to β¬600 million crypto fraud ring
European law enforcement authorities have arrested nine suspected money launderers who set up a cryptocurrency fraud network that stole over β¬600 million ($689 million) from victims across multiple countries.
π₯1
βMedia giant Nikkei reports data breach impacting 17,000 people
Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees and business partners. [...]
https://www.bleepingcomputer.com/news/security/media-giant-nikkei-reports-data-breach-impacting-17-000-people/
Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees and business partners. [...]
https://www.bleepingcomputer.com/news/security/media-giant-nikkei-reports-data-breach-impacting-17-000-people/
BleepingComputer
Media giant Nikkei reports data breach impacting 17,000 people
Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees and business partners.
π₯1
βData breach at major Swedish software supplier impacts 1.5 million
The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier MiljΓΆdata that exposed data belonging to 1.5 million people. [...]
https://www.bleepingcomputer.com/news/security/data-breach-at-major-swedish-software-supplier-impacts-15-million/
The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier MiljΓΆdata that exposed data belonging to 1.5 million people. [...]
https://www.bleepingcomputer.com/news/security/data-breach-at-major-swedish-software-supplier-impacts-15-million/
BleepingComputer
Data breach at major Swedish software supplier impacts 1.5 million
The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier MiljΓΆdata that exposed data belonging to 1.5 million people.
π₯1
βMicrosoft removing Defender Application Guard from Office
Microsoft plans to remove Defender Application Guard from Office by December 2027, starting with the February 2026 release of Office version 2602. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-removing-defender-application-guard-from-office/
Microsoft plans to remove Defender Application Guard from Office by December 2027, starting with the February 2026 release of Office version 2602. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-removing-defender-application-guard-from-office/
BleepingComputer
Microsoft removing Defender Application Guard from Office
Microsoft plans to remove Defender Application Guard from Office by December 2027, starting with the February 2026 release of Office version 2602.
β€1
βMalicious Android apps on Google Play downloaded 42 million times
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. [...]
https://www.bleepingcomputer.com/news/security/malicious-android-apps-on-google-play-downloaded-42-million-times/
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. [...]
https://www.bleepingcomputer.com/news/security/malicious-android-apps-on-google-play-downloaded-42-million-times/
BleepingComputer
Malicious Android apps on Google Play downloaded 42 million times
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler.
π₯1
βApache OpenOffice disputes data breach claims by ransomware gang
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. [...]
https://www.bleepingcomputer.com/news/security/apache-openoffice-disputes-data-breach-claims-by-ransomware-gang/
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. [...]
https://www.bleepingcomputer.com/news/security/apache-openoffice-disputes-data-breach-claims-by-ransomware-gang/
BleepingComputer
Apache OpenOffice disputes data breach claims by ransomware gang
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents.
π₯1
βHackers exploit WordPress plugin Post SMTP to hijack admin accounts
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-post-smtp-to-hijack-admin-accounts/
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts. [...]
https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-post-smtp-to-hijack-admin-accounts/
BleepingComputer
Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
π1
βMicrosoft: October Windows updates trigger BitLocker recovery
Microsoft has warned that some systems may boot into BitLocker recovery after installing the October 2025 Windows security updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-october-windows-updates-trigger-bitlocker-recovery/
Microsoft has warned that some systems may boot into BitLocker recovery after installing the October 2025 Windows security updates. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-october-windows-updates-trigger-bitlocker-recovery/
BleepingComputer
Microsoft: October Windows updates trigger BitLocker recovery
Microsoft has warned that some systems may boot into BitLocker recovery after installing the October 2025 Windows security updates.
π2π1π₯±1π€¨1
βUS sanctions North Korean bankers linked to cybercrime, IT worker fraud
The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT worker schemes. [...]
https://www.bleepingcomputer.com/news/security/us-treasury-sanctions-north-korean-bankers-linked-to-cybercrime-it-worker-fraud/
The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT worker schemes. [...]
https://www.bleepingcomputer.com/news/security/us-treasury-sanctions-north-korean-bankers-linked-to-cybercrime-it-worker-fraud/
BleepingComputer
US sanctions North Korean bankers linked to cybercrime, IT worker fraud
The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT worker schemes.
β€1
βPolice busts credit card fraud rings with 4.3 million victims
International authorities have dismantled three massive credit card fraud and money laundering networks, linked to losses exceeding β¬300 million ($344 million) and affecting over 4.3 million cardholders across 193 countries. [...]
https://www.bleepingcomputer.com/news/security/europol-credit-card-fraud-rings-stole-eur-300-million-from-43-million-cardholders/
International authorities have dismantled three massive credit card fraud and money laundering networks, linked to losses exceeding β¬300 million ($344 million) and affecting over 4.3 million cardholders across 193 countries. [...]
https://www.bleepingcomputer.com/news/security/europol-credit-card-fraud-rings-stole-eur-300-million-from-43-million-cardholders/
BleepingComputer
Police busts credit card fraud rings with 4.3 million victims
International authorities have dismantled three massive credit card fraud and money laundering networks, linked to losses exceeding β¬300 million ($344 million) and affecting over 4.3 million cardholders across 193 countries.
β€1
βGoogle warns of new AI-powered malware families deployed in the wild
Google's Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language models (LLMs) during execution. [...]
https://www.bleepingcomputer.com/news/security/google-warns-of-new-ai-powered-malware-families-deployed-in-the-wild/
Google's Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language models (LLMs) during execution. [...]
https://www.bleepingcomputer.com/news/security/google-warns-of-new-ai-powered-malware-families-deployed-in-the-wild/
BleepingComputer
Google warns of new AI-powered malware families deployed in the wild
Google's Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language models (LLMs) during execution.
β€2π₯°1