Category: BleepingComputer

Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) vulnerability. […]

A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities. […]

Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploit kit. […]

Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints. […]

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks. […]

A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times. […]

Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber’s upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. […]

The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. […]

Google has fixed the fourth Chrome vulnerability exploited in zero-day attacks since the start of the year. […]

Google announced that the AI-powered Google Drive ransomware detection feature has reached general availability and is now enabled by default for all paying users. […]