Security Archives - Page 5 of 230

Chris Goettl, CLFS, Common Log File System, CVE-2025-26671, CVE-2025-27480, CVE-2025-27482, CVE-2025-29824, Ivanti, Krebs, Latest Warnings, Microsoft, News, Satnam Narang, Security, Security Tools, The Coming Storm, Time to Patch, Windows, Windows Remote Desktop Services

Patch Tuesday, April 2025 Edition

Posted on April 8, 2025 by [email protected]

08
Apr

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users. The zero-day […]

Continue reading →

Bleeping Computer, CryptoCurrency, News, Security

Fake Microsoft Office add-in tools push malware via SourceForge

Posted on April 8, 2025 by [email protected]

Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both mine and steal cryptocurrency. […]

Continue reading →

Bleeping Computer, Microsoft, News, Security

Microsoft: Windows CLFS zero-day exploited by ransomware gang

Posted on April 8, 2025 by [email protected]

Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims’ systems. […]

Continue reading →

Bleeping Computer, Microsoft, News, Security

Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws

Posted on April 8, 2025 by [email protected]

Today is Microsoft’s April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. […]

Continue reading →

Bleeping Computer, News, Security

Hackers lurked in Treasury OCC’s systems since June 2023 breach

Posted on April 8, 2025 by [email protected]

Unknown attackers who breached the Treasury’s Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails. […]

Continue reading →

Bleeping Computer, News, Security

WhatsApp flaw can let attackers run malicious code on Windows PCs

Posted on April 8, 2025 by [email protected]

Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices. […]

Continue reading →

Bleeping Computer, News, Security

New Mirai botnet behind surge in TVT DVR exploitation

Posted on April 8, 2025 by [email protected]

A significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for vulnerable devices. […]

Continue reading →

Bleeping Computer, Cloud, News, Security

AWS rolls out ML-KEM to secure TLS from quantum threats

Posted on April 8, 2025 by [email protected]

Amazon Web Services (AWS) has added support for the ML-KEM post-quantum key encapsulation mechanism to AWS Key Management Service (KMS), AWS Certificate Manager (ACM), and AWS Secrets Manager, making TLS connections more secure. […]

Continue reading →

Bleeping Computer, Microsoft, News, Security

EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher

Posted on April 7, 2025 by [email protected]

EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. […]

Continue reading →

Artificial Intelligence, Bleeping Computer, CryptoCurrency, Legal, News, Security

Six arrested for AI-powered investment scams that stole $20 million

Posted on April 7, 2025 by [email protected]

Spain’s police arrested six individuals behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to lure people. […]

Continue reading →

Login