bleepingcomputer | Technologies

Telegram-канал bleepingcomputer - BleepingComputer

1131

Latest news and stories from BleepingComputer.com From a bleeping computer to a working computer.

Subscribe to a channel

BleepingComputer

Oracles silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]

https://www.bleepingcomputer.com/news/security/oracles-silently-fixes-zero-day-exploit-leaked-by-shinyhunters/

Читать полностью…

BleepingComputer

Security firms debate CVE credit in overlapping vulnerability reports

FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs' reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding over disclosure process. [...]

https://www.bleepingcomputer.com/news/security/security-firms-debate-cve-credit-in-overlapping-vulnerability-reports/

Читать полностью…

BleepingComputer

Secure Boot bypass risk on nearly 200,000 Linux Framework sytems

Around 200,000 Linux computer systems from American computer maker Framework were shipped with signed UEFI shell components that could be exploited to bypass Secure Boot protections. [...]

https://www.bleepingcomputer.com/news/security/secure-boot-bypass-risk-on-nearly-200-000-linux-framework-sytems/

Читать полностью…

BleepingComputer

Microsoft restricts IE mode access in Edge after zero-day attacks

Microsoft is restricting access to Internet Explorer mode in Edge browser after learning that hackers are leveraging zero-day exploits in the Chakra JavaScript engine for access to target devices. [...]

https://www.bleepingcomputer.com/news/security/microsoft-restricts-ie-mode-access-in-edge-after-zero-day-attacks/

Читать полностью…

BleepingComputer

Massive multi-country botnet targets RDP services in the US

A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States from more than 100,000 IP addresses. [...]

https://www.bleepingcomputer.com/news/security/massive-multi-country-botnet-targets-rdp-services-in-the-us/

Читать полностью…

BleepingComputer

Microsoft investigates outage affecting Microsoft 365 apps

Microsoft is investigating an ongoing incident that is preventing some customers from accessing Microsoft 365 applications. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-outage-affecting-microsoft-365-apps/

Читать полностью…

BleepingComputer

Meet Varonis Interceptor: AI-Native Email Security

AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis' new Interceptor platform uses multimodal AI — vision, language, and behavior models — to detect zero-hour attacks and stop them before they reach users. [...]

https://www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/

Читать полностью…

BleepingComputer

Harvard investigating breach linked to Oracle zero-day exploit

Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle's E-Business Suite servers. [...]

https://www.bleepingcomputer.com/news/security/harvard-investigating-breach-linked-to-oracle-zero-day-exploit/

Читать полностью…

BleepingComputer

Spain dismantles “GXC Team” cybercrime syndicate, arrests leader

Spanish Guardia Civil have dismantled the "GXC Team" cybercrime syndicate and arrested its alleged leader, a 25-year-old Brazilian known as "GoogleXcoder." [...]

https://www.bleepingcomputer.com/news/security/spain-dismantles-gxc-team-cybercrime-syndicate-arrests-leader/

Читать полностью…

BleepingComputer

Hackers exploiting zero-day in Gladinet file sharing software

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploiting-zero-day-in-gladinet-file-sharing-software/

Читать полностью…

BleepingComputer

Google Chrome to revoke notification access for inactive sites

Google is updating the Chrome web browser to automatically revoke notification permissions for websites that haven't been visited recently, to reduce alert overload. [...]

https://www.bleepingcomputer.com/news/google/google-chrome-to-revoke-notification-access-for-inactive-sites/

Читать полностью…

BleepingComputer

Copilot on Windows can now connect to email, create Office docs

Microsoft has upgraded its AI-powered Copilot digital assistant to connect to email accounts and generate Office documents from prompt outputs. [...]

https://www.bleepingcomputer.com/news/microsoft/copilot-on-windows-can-now-connect-to-email-create-office-docs/

Читать полностью…

BleepingComputer

FBI takes down BreachForums portal used for Salesforce extortion

The FBI has seized last night all domains for the BreachForums hacking forum operated by the ShinyHunters group mostly as a portal for leaking corporate data stolen in attacks from ransomware and extortion gangs. [...]

https://www.bleepingcomputer.com/news/security/fbi-takes-down-breachforums-portal-used-for-salesforce-extortion/

Читать полностью…

BleepingComputer

Microsoft: Hackers target universities in “payroll pirate” attacks

A cybercrime gang tracked as Storm-2657 has been targeting university employees in the United States to hijack salary payments in "pirate payroll" attacks since March 2025. [...]

https://www.bleepingcomputer.com/news/security/hackers-target-university-hr-employees-in-payroll-pirate-attacks/

Читать полностью…

BleepingComputer

Microsoft Defender mistakenly flags SQL Server as end-of-life

​Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to incorrectly tag SQL Server software as end-of-life. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-mistakenly-flags-sql-server-as-end-of-life/

Читать полностью…

BleepingComputer

Microsoft warns that Windows 10 reaches end of support today

Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-that-windows-10-reaches-end-of-support-today/

Читать полностью…

BleepingComputer

When AI Agents Join the Teams: The Hidden Security Shifts No One Expects

AI assistants are no longer just helping — they're acting. Autonomous agents now open tickets, fix incidents, and make decisions faster than humans can monitor. As "Shadow AI" spreads, learn from Token Security why orgs must govern these agents like powerful new identities before oversight disappears. [...]

https://www.bleepingcomputer.com/news/security/when-ai-agents-join-the-teams-the-hidden-security-shifts-no-one-expects/

Читать полностью…

BleepingComputer

Chinese hackers abuse geo-mapping tool for year-long persistence

Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a web shell. [...]

https://www.bleepingcomputer.com/news/security/chinese-hackers-abuse-geo-mapping-tool-for-year-long-persistence/

Читать полностью…

BleepingComputer

SimonMed says 1.2 million patients impacted in January data breach

U.S. medical imaging provider SimonMed Imaging is notifying more than 1.2 million individuals of a data breach that exposed their sensitive information. [...]

https://www.bleepingcomputer.com/news/security/simonmed-says-12-million-patients-impacted-in-january-data-breach/

Читать полностью…

BleepingComputer

SonicWall VPN accounts breached using stolen creds in widespread attacks

Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials. [...]

https://www.bleepingcomputer.com/news/security/sonicwall-vpn-accounts-breached-using-stolen-creds-in-widespread-attacks/

Читать полностью…

BleepingComputer

Oracle releases emergency patch for new E-Business Suite flaw

Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers. [...]

https://www.bleepingcomputer.com/news/security/oracle-releases-emergency-patch-for-new-e-business-suite-flaw/

Читать полностью…

BleepingComputer

Microsoft: Windows 11 Media Creation Tool broken on Windows 10 PCs

Microsoft says the latest version of the Windows 11 Media Creation Tool (MCT) no longer works correctly on Windows 10 22H2 computers. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-media-creation-tool-broken-on-windows-10-pcs/

Читать полностью…

BleepingComputer

Fake 'Inflation Refund' texts target New Yorkers in new scam

An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer "Inflation Refunds" in an attempt to steal victims' personal and financial data. [...]

https://www.bleepingcomputer.com/news/security/fake-inflation-refund-texts-target-new-yorkers-in-new-scam/

Читать полностью…

BleepingComputer

Windows 11 23H2 Home and Pro reach end of support in 30 days

Microsoft has reminded customers again today that systems running Home and Pro editions of Windows 11 23H2 will stop receiving security updates next month. [...]

https://www.bleepingcomputer.com/news/microsoft/windows-11-23h2-home-and-pro-reach-end-of-support-in-30-days/

Читать полностью…

BleepingComputer

Cybersecurity For Dummies, 3rd Edition eBook FREE for a Limited Time

In today's hyper-connected world, cyber threats are more sophisticated and frequent than ever - ransomware, data breaches, and social engineering scams, targeting everyone from individuals to Fortune 500 companies. Right now, you can grab "Cybersecurity For Dummies, 3rd Edition" - a $29.99 value - completely FREE for a limited time. [...]

https://www.bleepingcomputer.com/news/security/cybersecurity-for-dummies-3rd-edition-ebook-free-for-a-limited-time/

Читать полностью…

BleepingComputer

Apple now offers $2 million for zero-click RCE vulnerabilities

Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and introducing a more transparent reward structure. [...]

https://www.bleepingcomputer.com/news/security/apple-now-offers-2-million-for-zero-click-rce-vulnerabilities/

Читать полностью…

BleepingComputer

From Lab to Leadership: How VMware Certification Transformed My Career

From lab work to leadership — VMware certification can transform your IT career. Learn from VMware User Group (VMUG) how the VMUG Advantage can help you build real skills, gain confidence, and join a global IT community. [...]

https://www.bleepingcomputer.com/news/security/from-lab-to-leadership-how-vmware-certification-transformed-my-career/

Читать полностью…

BleepingComputer

New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube

A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google Photos, TikTok, and YouTube. [...]

https://www.bleepingcomputer.com/news/security/new-android-spyware-clayrat-imitates-whatsapp-tiktok-youtube/

Читать полностью…

BleepingComputer

Hackers now use Velociraptor DFIR tool in ransomware attacks

Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. [...]

https://www.bleepingcomputer.com/news/security/hackers-now-use-velociraptor-dfir-tool-in-ransomware-attacks/

Читать полностью…

BleepingComputer

RondoDox botnet targets 56 n-day flaws in worldwide attacks

A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions. [...]

https://www.bleepingcomputer.com/news/security/rondodox-botnet-targets-56-n-day-flaws-in-worldwide-attacks/

Читать полностью…
Subscribe to a channel