Category: BleepingComputer

Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data. […]

OpenAI’s next foundational and state-of-the-art model, GPT-5, is still on its way after a delay. OpenAI won’t tell us the release date for now. […]

A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed “CitrixBleed 2,” was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks. […]

VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. […]

The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk. […]

Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company’s advertising platforms. […]

A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems. […]

Cryptocurrency exchange BigONE announced that it suffered a security breach, in which hackers stole various digital assets valued at $27 million. […]

The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks. […]

A critical vulnerability (CVE-2025-20337) in Cisco’s Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. […]