Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days
Today is Microsoft’s September 2025 Patch Tuesday, which includes security updates for 81 flaws, including two publicly disclosed…
Kosovo hacker pleads guilty to running BlackDB cybercrime marketplace
Kosovo national Liridon Masurica has pleaded guilty to running BlackDB.cc, a cybercrime marketplace that has been active since 2018. Kosovar…
US charges admin of LockerGoga, MegaCortex, Nefilim ransomware
The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the…
Adobe patches critical SessionReaper flaw in Magento eCommerce platform
Adobe is warning of a critical vulnerability (CVE-2025-54236) in its Commerce and Magento Open Source platforms that researchers call…
How External Attack Surface Management helps enterprises manage cyber risk
Every day, businesses spin up new digital services (websites, APIs, and cloud instances) and it can be for security teams to keep track.…
Microsoft: Anti-spam bug blocks links in Exchange Online, Teams
Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams…
SAP fixes maximum severity NetWeaver command execution flaw
SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the…
Plex tells users to reset passwords after new data breach
Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal…
TamperedChef infostealer delivered through fraudulent PDF Editor
Threat actors have been using multiple websites promoted through Google ads to distribute a convincing PDF editing app that delivers an…
WhatsApp patches vulnerability exploited in zero-day attacks
WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. The…
Microsoft to enforce MFA for Azure resource management in October
Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure…
Google warns Salesloft breach impacted some Workspace accounts
Google now reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to…
Malware devs abuse Anthropic’s Claude AI to build ransomware
Anthropic’s Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop…
Passwordstate dev urges users to patch auth bypass vulnerability
Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity…
Police seize VerifTools fake ID marketplace servers, domains
The FBI and the Dutch Police have shut down the VerifTools marketplace for fraudulent identity documents after seizing servers in…
MATLAB dev says ransomware gang stole data of 10,000 people
MathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over…
Shadow IT Is Expanding Your Attack Surface. Here’s Proof
Shadow IT – the systems your security team doesn’t know about – is a persistent challenge. Policies may ban them, but…
TransUnion suffers data breach impacting over 4.4 million people
Update: Story updated with confirmation that this was another Salesforce data theft attack and the types of data stolen. Consumer credit…
Experimental PromptLock ransomware uses AI to encrypt, steal data
Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows,…
FreePBX servers hacked via zero-day, emergency fix released
The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the…
IT system supplier cyberattack impacts 200 municipalities in Sweden
A cyberattack on Miljödata, an IT systems supplier for roughly 80% of Sweden’s municipal systems, has caused accessibility problems…
Global Salt Typhoon hacking campaigns linked to Chinese tech firms
The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and partners from over a dozen countries have…
Over 28,000 Citrix devices vulnerable to new exploited RCE flaw
More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already…
Why zero trust is never 'done' and is an ever-evolving process
Picture this scenario: Six months after celebrating their “zero trust transformation,” a financial services firm gets hit with a…
Healthcare Services Group data breach impacts 624,000 people
The Healthcare Services Group (HSGI) is alerting more than 600,000 individuals that their personal information was exposed in a security…
Google to verify all Android devs to protect users from malware
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from…
Storm-0501 hackers shift to ransomware attacks in the cloud
Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to…
Google to verify all Android devs to block malware on Google Play
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from…
Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks
Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as…
Silk Typhoon hackers hijack network captive portals in diplomat attacks
State-sponsored hackers linked to the Silk Typhoon activity cluster targeted diplomats by hijacking web traffic to redirect to a…
Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
Update: Story updated with further information. Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from…
Nevada closes state offices as cyberattack disrupts IT systems
Nevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and…
CISA warns of actively exploited Git code execution flaw
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the…
Beyond GDPR security training: Turning regulation into opportunity
By Eirik Salmi, System Analyst at Passwork Even though 88% of businesses spend over €1 million on GDPR compliance and 40% invest up to…
Nissan confirms design studio data breach claimed by Qilin ransomware
Nissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its…
Farmers Insurance data breach impacts 1.1M people after Salesforce attack
U.S. insurance giant Farmers Insurance has disclosed a data breach impacting 1.1 million customers, with BleepingComputer learning that the…
Auchan retailer data breach impacts hundreds of thousands of customers
French retailer Auchan is informing that some sensitive data associated with loyalty accounts of several hundred thousand of its customers was…
Surge in coordinated scans targets Microsoft RDP auth servers
Internet intelligence firm GreyNoise reports that it has recorded a significant spike in scanning activity consisting of nearly 1,971 IP…
New AI attack hides data-theft prompts in downscaled images
Researchers have developed a novel attack that steals user data by injecting malicious prompts in images processed by AI systems before…
Malicious Android apps with 19M installs removed from Google Play
Seventy-seven malicious Android apps with more than 19 million installs were delivering multiple malware families to Google Play users.…
Critical Docker Desktop flaw lets attackers hijack Windows hosts
A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if…
Defending against malware persistence techniques with Wazuh
Malware persistence techniques enable attackers to maintain access to compromised endpoints despite system reboots, credential changes, or…