Category: BleepingComputer

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. […]

A set of nine vulnerabilities, collectively called ‘PixieFail,’ impact the IPv6 network protocol stack of Tianocore’s EDK II, the open-source reference implementation of the UEFI specification widely used in enterprise computers and servers. […]

Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical remote code execution (RCE) vulnerability that impacts versions released before December 5, 2023, including out-of-support releases. […]

AI presents significant advantages for organizations, but it’s also being exploited to amplify and intensify cyberattacks. Learn more from Outpost24 about how hackers are harnessing the power of AI. […]

Two zero-day vulnerabilities affecting Ivanti’s Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation. […]

Microsoft says that tests of a controversial new Windows 11 feature that automatically opens the AI-powered Copilot assistant after Windows starts are limited to systems with 27-inch displays. […]

In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. […]

Microsoft is working to fix a known issue causing 0x80070643 errors when installing the KB5034441 security update that patches the CVE-2024-20666 BitLocker vulnerability. […]

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. […]

Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks. […]