Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft. […]
Category Archives: Bleeping Computer
Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. Except, the rumor has been quashed. […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. […]
The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. […]
Threat actors are attempting to exploit a critical authentication bypass flaw impacting Progress MOVEit Transfer, which the vendor disclosed yesterday. […]
The June 2024 optional update for Windows 11 is now available. The latest update, KB5039302, is for Windows 11 version 22H2 and newer and brings several new features and fixes. […]
The June 2024 optional update for Windows 10 is now available. Today’s update brings KB5039299 for Windows 10 version 22H2 and older, with up to nine bug fixes or changes. […]
A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. […]
A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites running them. […]
Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites. […]