Category: BleepingComputer

​Microsoft has discovered a new remote access trojan (RAT) that employs “sophisticated techniques” to avoid detection, ensure persistence, and extract sensitive information data. […]

OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. […]

A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. […]

​Microsoft says the March 2025 Windows cumulative updates automatically and mistakenly remove the AI-powered Copilot digital assistant from some Windows 10 and Windows 11 systems. […]

A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. […]

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. […]

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. […]

Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. […]

A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. […]

Microsoft says it partially mitigated a week-long Exchange Online outage causing delays or failures when sending or receiving email messages. […]