BolhaSec
@bolhasec.com
#bolhasec pra ser retweetado
@sushicomabacate.com
@sushicomabacate.com
Notícia da BleepingComputer
"Google links more Chinese hacking groups to React2Shell attacks" #bolhasec
"Google links more Chinese hacking groups to React2Shell attacks" #bolhasec
Google links more Chinese hacking groups to React2Shell attacks
Over the weekend, Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the maximum-severity "React2Shell" remote code execution vulnerability.
www.bleepingcomputer.com
December 17, 2025 at 2:30 PM
Notícia da BleepingComputer
"Google links more Chinese hacking groups to React2Shell attacks" #bolhasec
"Google links more Chinese hacking groups to React2Shell attacks" #bolhasec
Notícia da BleepingComputer
"Ransomware gangs turn to Shanya EXE packer to hide EDR killers" #bolhasec
"Ransomware gangs turn to Shanya EXE packer to hide EDR killers" #bolhasec
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR (endpoint detection and response) killing operations.
www.bleepingcomputer.com
December 17, 2025 at 1:30 PM
Notícia da BleepingComputer
"Ransomware gangs turn to Shanya EXE packer to hide EDR killers" #bolhasec
"Ransomware gangs turn to Shanya EXE packer to hide EDR killers" #bolhasec
Notícia da SecurityWeek
"OpenAI User Data Exposed in Mixpanel Hack" #bolhasec
"OpenAI User Data Exposed in Mixpanel Hack" #bolhasec
OpenAI User Data Exposed in Mixpanel Hack
OpenAI is informing some users that they may be impacted by a data breach at product analytics solutions provider Mixpanel.
www.securityweek.com
December 17, 2025 at 12:30 PM
Notícia da SecurityWeek
"OpenAI User Data Exposed in Mixpanel Hack" #bolhasec
"OpenAI User Data Exposed in Mixpanel Hack" #bolhasec
Notícia da SecurityWeek
"Chinese APT Mustang Panda Updates, Expands Arsenal" #bolhasec
"Chinese APT Mustang Panda Updates, Expands Arsenal" #bolhasec
Chinese APT Mustang Panda Updates, Expands Arsenal
The Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack.
www.securityweek.com
December 17, 2025 at 11:30 AM
Notícia da SecurityWeek
"Chinese APT Mustang Panda Updates, Expands Arsenal" #bolhasec
"Chinese APT Mustang Panda Updates, Expands Arsenal" #bolhasec
Notícia da BleepingComputer
"New LandFall spyware exploited Samsung zero-day via WhatsApp messages" #bolhasec
"New LandFall spyware exploited Samsung zero-day via WhatsApp messages" #bolhasec
New LandFall spyware exploited Samsung zero-day via WhatsApp messages
A threat actor exploited a zero-day vulnerability in Samsung's Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp.
www.bleepingcomputer.com
December 17, 2025 at 2:30 AM
Notícia da BleepingComputer
"New LandFall spyware exploited Samsung zero-day via WhatsApp messages" #bolhasec
"New LandFall spyware exploited Samsung zero-day via WhatsApp messages" #bolhasec
Notícia da BleepingComputer
"Barts Health NHS discloses data breach after Oracle zero-day hack" #bolhasec
"Barts Health NHS discloses data breach after Oracle zero-day hack" #bolhasec
Barts Health NHS discloses data breach after Oracle zero-day hack
Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a vulnerability in its Oracle E-business Suite software.
www.bleepingcomputer.com
December 17, 2025 at 1:30 AM
Notícia da BleepingComputer
"Barts Health NHS discloses data breach after Oracle zero-day hack" #bolhasec
"Barts Health NHS discloses data breach after Oracle zero-day hack" #bolhasec
Notícia da BleepingComputer
"Malicious Blender model files deliver StealC infostealing malware" #bolhasec
"Malicious Blender model files deliver StealC infostealing malware" #bolhasec
Malicious Blender model files deliver StealC infostealing malware
A Russian-linked campaign delivers the StealC V2 information stealer malware through malicious Blender files uploaded to 3D model marketplaces like CGTrader.
www.bleepingcomputer.com
December 17, 2025 at 12:30 AM
Notícia da BleepingComputer
"Malicious Blender model files deliver StealC infostealing malware" #bolhasec
"Malicious Blender model files deliver StealC infostealing malware" #bolhasec
Notícia da SecurityWeek
"QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability" #bolhasec
"QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability" #bolhasec
QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability
QNAP says its NetBak PC Agent is affected by a recently disclosed ASP.NET Core vulnerability that has the “highest ever” CVSS score.
www.securityweek.com
December 16, 2025 at 11:30 PM
Notícia da SecurityWeek
"QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability" #bolhasec
"QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability" #bolhasec
Notícia da SecurityWeek
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims
More than 1.6 Tb of data allegedly stolen from Cox was made public by the hackers.
www.securityweek.com
December 16, 2025 at 10:30 PM
Notícia da SecurityWeek
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
"Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims" #bolhasec
Notícia da BleepingComputer
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
CISA gives govt agencies 7 days to patch new Fortinet flaw
CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet's FortiWeb web application firewall, which was exploited in zero-day attacks.
www.bleepingcomputer.com
December 16, 2025 at 9:30 PM
Notícia da BleepingComputer
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
"CISA gives govt agencies 7 days to patch new Fortinet flaw" #bolhasec
Notícia da BleepingComputer
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
Microsoft: Windows 11 23H2 Home and Pro reach end of support
Microsoft has reminded customers today that systems running Home and Pro editions of Windows 11 23H2 have stopped receiving security updates.
www.bleepingcomputer.com
December 16, 2025 at 8:30 PM
Notícia da BleepingComputer
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
"Microsoft: Windows 11 23H2 Home and Pro reach end of support" #bolhasec
Notícia da BleepingComputer
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
Predator spyware uses new infection vector for zero-click attacks
The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed "Aladdin" that compromised specific targets when simply viewing a malicious advertisemen...
www.bleepingcomputer.com
December 16, 2025 at 7:30 PM
Notícia da BleepingComputer
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
"Predator spyware uses new infection vector for zero-click attacks" #bolhasec
Notícia da BleepingComputer
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
www.bleepingcomputer.com
December 16, 2025 at 6:30 PM
Notícia da BleepingComputer
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
Notícia da SecurityWeek
"Third DraftKings Hacker Pleads Guilty" #bolhasec
"Third DraftKings Hacker Pleads Guilty" #bolhasec
Third DraftKings Hacker Pleads Guilty
Nathan Austad pled guilty to launching a credential stuffing attack against the DraftKings betting website in November 2022.
www.securityweek.com
December 16, 2025 at 4:30 PM
Notícia da SecurityWeek
"Third DraftKings Hacker Pleads Guilty" #bolhasec
"Third DraftKings Hacker Pleads Guilty" #bolhasec
Notícia da SecurityWeek
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
Fluent Bit Vulnerabilities Expose Cloud Services to Takeover
Five vulnerabilities in the popular Fluent Bit open source tool could allow attackers to take over cloud environments, Oligo Security warns.
www.securityweek.com
December 16, 2025 at 3:30 PM
Notícia da SecurityWeek
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
"Fluent Bit Vulnerabilities Expose Cloud Services to Takeover" #bolhasec
Notícia da SecurityWeek
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
High-Severity Vulnerabilities Patched by Ivanti and Zoom
Enterprise software firms Ivanti and Zoom announced patches for multiple vulnerabilities in their products, including high-severity issues.
www.securityweek.com
December 16, 2025 at 2:30 PM
Notícia da SecurityWeek
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
"High-Severity Vulnerabilities Patched by Ivanti and Zoom" #bolhasec
Notícia da SecurityWeek
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
Ransomware Attack Disrupts Local Emergency Alert System Across US
A ransomware attack targeting a third-party emergency alert system used across the US has resulted in a data breach and disruptions.
www.securityweek.com
December 16, 2025 at 1:30 PM
Notícia da SecurityWeek
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
"Ransomware Attack Disrupts Local Emergency Alert System Across US" #bolhasec
Notícia da SecurityWeek
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
Trump Signs Executive Order to Block State AI Regulations
President Trump signed an executive order aimed at blocking states from crafting their own regulations for artificial intelligence (AI).
www.securityweek.com
December 16, 2025 at 12:30 PM
Notícia da SecurityWeek
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
"Trump Signs Executive Order to Block State AI Regulations" #bolhasec
Notícia da BleepingComputer
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
F5 says hackers stole undisclosed BIG-IP flaws, source code
U.S. cybersecurity company F5 disclosed that nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code.
www.bleepingcomputer.com
December 16, 2025 at 2:30 AM
Notícia da BleepingComputer
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
"F5 says hackers stole undisclosed BIG-IP flaws, source code" #bolhasec
Notícia da SecurityWeek
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City
Hackers working for Russian intelligence attacked an American engineering company this fall, cybersecurity services firm Artic Wolf says.
www.securityweek.com
December 16, 2025 at 1:30 AM
Notícia da SecurityWeek
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
"Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City" #bolhasec
Notícia da BleepingComputer
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
Hacker steals over $120 million from Balancer DeFi crypto protocol
The Balancer Protocol announced that hackers had targeted its v2 pools, with losses reportedly estimated to be more than $128 million.
www.bleepingcomputer.com
December 16, 2025 at 12:30 AM
Notícia da BleepingComputer
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
"Hacker steals over $120 million from Balancer DeFi crypto protocol" #bolhasec
Notícia da BleepingComputer
"Cloudflare hit by outage affecting global network services" #bolhasec
"Cloudflare hit by outage affecting global network services" #bolhasec
Cloudflare hit by outage affecting Global Network services
Cloudflare is investigating an outage affecting its global network services, with users encountering "internal server error" messages when attempting to access affected websites and online platforms.
www.bleepingcomputer.com
December 15, 2025 at 11:30 PM
Notícia da BleepingComputer
"Cloudflare hit by outage affecting global network services" #bolhasec
"Cloudflare hit by outage affecting global network services" #bolhasec
Notícia da BleepingComputer
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
Maintaining enterprise IT hygiene using Wazuh SIEM/XDR
Poor IT hygiene, such as unused accounts, outdated software, and risky extensions, creates hidden exposure in your infrastructure. Wazuh, the open-source XDR and SIEM, shows how continuous inventory m...
www.bleepingcomputer.com
December 15, 2025 at 10:30 PM
Notícia da BleepingComputer
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
"Maintaining enterprise IT hygiene using Wazuh SIEM/XDR" #bolhasec
Notícia da BleepingComputer
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
Russia blocks FaceTime and Snapchat for alleged use by terrorists
Russian telecommunications watchdog Roskomnadzor has blocked access to Apple's FaceTime video conferencing platform and the Snapchat instant messaging service, claiming they're being used to coordinat...
www.bleepingcomputer.com
December 15, 2025 at 9:30 PM
Notícia da BleepingComputer
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
"Russia blocks FaceTime and Snapchat over use in terrorist attacks" #bolhasec
Notícia da BleepingComputer
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec
AI is accelerating cyberattacks. Is your network prepared?
AI-driven attacks now automate reconnaissance, generate malware variants, and evade detection at a speed that overwhelms traditional defenses. Corelight explains how network detection and response (ND...
www.bleepingcomputer.com
December 15, 2025 at 8:30 PM
Notícia da BleepingComputer
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec
"AI is accelerating cyberattacks. Is your network prepared?" #bolhasec