Security News

Filter by:

New info-stealer malware infects software pirates via fake cracks sites

A new information-stealing malware named 'RisePro' is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install (PPI) malware distribution service. [...]
Bleepingcomputer 24 Dec 2022 449 Views

Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

​Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges. [...]
Bleepingcomputer 23 Dec 2022 800 Views

DuckDuckGo now blocks Google sign-in pop-ups on all sites

DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it perceives as an annoyance and a privacy risk for its users. [...]
Bleepingcomputer 23 Dec 2022 557 Views

Lastpass: Hackers stole customer vault data in cloud storage breach

LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident. [...]
Bleepingcomputer 23 Dec 2022 544 Views

GodFather Android malware targets 400 banks, crypto exchanges

An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over 400 online banking sites and cryptocurrency exchanges.
Bleepingcomputer 22 Dec 2022 607 Views

Zerobot malware now spreads by exploiting Apache vulnerabilities

The Zerobot botnet has been upgraded to infect new devices by exploiting security vulnerabilities affecting Internet-exposed and unpatched Apache servers.
Bleepingcomputer 22 Dec 2022 662 Views

Ransomware gang uses new Microsoft Exchange exploit to breach servers

Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code execution (RCE) on vulnerable servers through Outlook Web Access (OWA). [...]
Bleepingcomputer 21 Dec 2022 692 Views

Malicious ‘SentinelOne’ PyPI package steals data from developers

Threat actors have published a malicious Python package on PyPI, named 'SentinelOne,' that pretends to be the legitimate SDK client for the trusted American cybersecurity firm but, in reality, steals data from developers.
Bleepingcomputer 20 Dec 2022 639 Views

Restaurant CRM platform ‘SevenRooms’ confirms breach after data for sale

Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum.
Bleepingcomputer 20 Dec 2022 731 Views

Glupteba malware is back in action after Google disruption

The Glupteba malware botnet has sprung back into action, infecting devices worldwide after its operation was disrupted by Google almost a year ago. [...]
Bleepingcomputer 18 Dec 2022 604 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY