Category: BleepingComputer

CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. […]

Law enforcement authorities in Europe have arrested five suspects linked to a cryptocurrency investment fraud ring that stole over €100 million ($118 million) from more than 100 victims. […]

Identity Governance doesn’t have to be complex or costly. tenfold’s free Community Edition helps orgs (up to 150 users) streamline onboarding, access reviews & M365 permissions — all with a no-code IGA platform. […]

SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication. […]

SonicWall has released a firmware update that can help customers remove rootkit malware deployed in attacks targeting SMA 100 series devices. […]

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale incidents recently. […]

Newly discovered npm package ‘fezbox’ employs QR codes to hide a second-stage payload to steal cookies from a user’s web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a compromised machine. […]

The disruptions over the weekend at several major European airports were caused by a ransomware attack targeting the check-in and boarding systems. […]

​A vulnerability in the American Archive of Public Broadcasting’s website allowed downloading of protected and private media for years, with the flaw quietly patched this month. […]

Automotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers’ data after gaining access to a third-party service provider’s platform. […]