GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables. […] Source: BleepingComputer | Read More
Category Archives: Bleeping Computer
Exploit code is now available for a critical authentication bypass vulnerability in Fortra’s GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal. […] Source: BleepingComputer | Read More
Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27. […] Source: BleepingComputer | Read More
Security researchers have identified and analyzed new malware they call TinyTurla-NG and TurlaPower-NG used by the Russian hacker group Turla to maintain access to a target’s network and to steal sensitive data. […] Source: BleepingComputer | Read More
OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT. […] Source: BleepingComputer | Read More
Microsoft claims to have fixed Windows Metadata connection issues which continue to plague customers, causing problems for users trying to manage their printers and other hardware. […] Source: BleepingComputer | Read More
The FBI took down a botnet of small office/home office (SOHO) routers used by Russia’s Main Intelligence Directorate of the General Staff (GRU) in spearphishing and credential theft attacks targeting the United States and its allies. […] Source: BleepingComputer | Read More
The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. […] Source: BleepingComputer | Read More
A new iOS and Android trojan named ‘GoldPickaxe’ employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. […] Source: BleepingComputer | Read More
Microsoft warned today in an updated security advisory that a critical vulnerability in Exchange Server was exploited as a zero-day before being fixed during this month’s Patch Tuesday. […] Source: BleepingComputer | Read More