BleepingComputer
@bleepingcomputer.com
Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July.
Logitech confirms data breach after Clop extortion attack
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July.
www.bleepingcomputer.com
November 14, 2025 at 10:18 PM
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July.
Anthropic reports that a Chinese state-sponsored threat group, tracked as GTG-1002, carried out a cyber-espionage operation that was largely automated through the abuse of the company's Claude Code AI model.
Anthropic claims of Claude AI-automated cyberattacks met with doubt
Anthropic reports that a Chinese state-sponsored threat group, tracked as GTG-1002, carried out a cyber-espionage operation that was largely automated through the abuse of the company's Claude Code AI model.
www.bleepingcomputer.com
November 14, 2025 at 6:31 PM
Anthropic reports that a Chinese state-sponsored threat group, tracked as GTG-1002, carried out a cyber-espionage operation that was largely automated through the abuse of the company's Claude Code AI model.
Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited.
Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks
Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited.
www.bleepingcomputer.com
November 14, 2025 at 5:00 PM
Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited.
UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom.
Checkout.com snubs hackers after data breach, to donate ransom instead
UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom.
www.bleepingcomputer.com
November 14, 2025 at 4:25 PM
UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom.
U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually.
US announces new strike force targeting Chinese crypto scammers
U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually.
www.bleepingcomputer.com
November 14, 2025 at 2:54 PM
U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually.
Google is backpedaling on its decision to introduce new identity verification rules for all developers, stating that it will also introduce accounts for limited app distribution and will allow users to install apps from unverified devs.
Google backpedals on new Android developer registration rules
Google is backpedaling on its decision to introduce new identity verification rules for all developers, stating that it will also introduce accounts for limited app distribution and will allow users to install apps from unverified devs.
www.bleepingcomputer.com
November 14, 2025 at 11:55 AM
Google is backpedaling on its decision to introduce new identity verification rules for all developers, stating that it will also introduce accounts for limited app distribution and will allow users to install apps from unverified devs.
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models.
ASUS warns of critical auth bypass flaw in DSL series routers
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models.
www.bleepingcomputer.com
November 14, 2025 at 9:52 AM
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models.
DoorDash has disclosed a data breach that hit the food delivery platform this October. Beginning yesterday evening, DoorDash, which serves millions of customers across the U.S., Canada, Australia, and New Zealand, started emailing those impacted by the newly disclosed security incident.
DoorDash hit by yet another data breach this October
DoorDash has disclosed a data breach that hit the food delivery platform this October. Beginning yesterday evening, DoorDash, which serves millions of customers across the U.S., Canada, Australia, and New Zealand, started emailing those impacted by the newly disclosed security incident.
www.bleepingcomputer.com
November 14, 2025 at 4:39 AM
DoorDash has disclosed a data breach that hit the food delivery platform this October. Beginning yesterday evening, DoorDash, which serves millions of customers across the U.S., Canada, Australia, and New Zealand, started emailing those impacted by the newly disclosed security incident.
A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication
Fortinet FortiWeb flaw with public PoC exploited to create admin users
A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication
www.bleepingcomputer.com
November 14, 2025 at 2:41 AM
A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks.
CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks.
www.bleepingcomputer.com
November 13, 2025 at 10:32 PM
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks.
A self-spreading package published on npm spams the registry by spawning new packages every every seven seconds, creating large volumes of junk.
New ‘IndonesianFoods’ worm floods npm with 100,000 packages
A self-spreading package published on npm spams the registry by spawning new packages every every seven seconds, creating large volumes of junk.
www.bleepingcomputer.com
November 13, 2025 at 10:07 PM
A self-spreading package published on npm spams the registry by spawning new packages every every seven seconds, creating large volumes of junk.
The ImunifyAV malware scanner for Linux server, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited to compromise the hosting environment.
RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk
The ImunifyAV malware scanner for Linux server, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited to compromise the hosting environment.
www.bleepingcomputer.com
November 13, 2025 at 7:04 PM
The ImunifyAV malware scanner for Linux server, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited to compromise the hosting environment.
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack.
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack.
www.bleepingcomputer.com
November 13, 2025 at 4:00 PM
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack.
Microsoft is rolling out a new Teams feature for Premium customers that will automatically block screenshots and recordings during meetings.
Microsoft rolls out screen capture prevention for Teams users
Microsoft is rolling out a new Teams feature for Premium customers that will automatically block screenshots and recordings during meetings.
www.bleepingcomputer.com
November 13, 2025 at 1:51 PM
Microsoft is rolling out a new Teams feature for Premium customers that will automatically block screenshots and recordings during meetings.
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
www.bleepingcomputer.com
November 13, 2025 at 12:06 PM
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation Endgame, an international action targeting cybercrime.
Police disrupts Rhadamanthys, VenomRAT, and Elysium malware operations
Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation Endgame, an international action targeting cybercrime.
www.bleepingcomputer.com
November 13, 2025 at 10:53 AM
Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation Endgame, an international action targeting cybercrime.
CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox firewalls, which allows attackers to gain remote code execution on compromised devices.
CISA warns of WatchGuard firewall flaw exploited in attacks
CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox firewalls, which allows attackers to gain remote code execution on compromised devices.
www.bleepingcomputer.com
November 13, 2025 at 10:04 AM
CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox firewalls, which allows attackers to gain remote code execution on compromised devices.
Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems.
Google sues to dismantle Chinese platform behind global toll scams
Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems.
www.bleepingcomputer.com
November 12, 2025 at 9:00 PM
Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems.
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden.
Windows 11 now supports 3rd-party apps for native passkey management
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden.
www.bleepingcomputer.com
November 12, 2025 at 6:18 PM
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden.
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame disrupted its activity in May.
DanaBot malware is back to infecting Windows after 6-month break
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame disrupted its activity in May.
www.bleepingcomputer.com
November 12, 2025 at 4:35 PM
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame disrupted its activity in May.
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates.
Microsoft fixes bug causing false Windows 10 end-of-support alerts
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates.
www.bleepingcomputer.com
November 12, 2025 at 3:29 PM
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates.
The UK has introduced new legislation to boost cybersecurity defenses for critical infrastructure against cyberattacks, linked to annual damages of nearly £15 billion ($19.6 billion).
New UK laws to strengthen critical infrastructure cyber defenses
The UK has introduced new legislation to boost cybersecurity defenses for critical infrastructure against cyberattacks, linked to annual damages of nearly £15 billion ($19.6 billion).
www.bleepingcomputer.com
November 12, 2025 at 2:09 PM
The UK has introduced new legislation to boost cybersecurity defenses for critical infrastructure against cyberattacks, linked to annual damages of nearly £15 billion ($19.6 billion).
Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ransomware attack in June 2024, which resulted in the theft of some patients' data.
Synnovis notifies of data breach after 2024 ransomware attack
Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ransomware attack in June 2024, which resulted in the theft of some patients' data.
www.bleepingcomputer.com
November 12, 2025 at 12:28 PM
Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ransomware attack in June 2024, which resulted in the theft of some patients' data.
Microsoft has resolved a known issue preventing users from quitting the Windows 11 Task Manager after installing the optional Windows 11 KB5067036 update.
Microsoft fixes Windows Task Manager bug affecting performance
Microsoft has resolved a known issue preventing users from quitting the Windows 11 Task Manager after installing the optional Windows 11 KB5067036 update.
www.bleepingcomputer.com
November 12, 2025 at 10:42 AM
Microsoft has resolved a known issue preventing users from quitting the Windows 11 Task Manager after installing the optional Windows 11 KB5067036 update.
The Rhadamanthys infostealer operation has been disrupted, with numerous "customers" of the malware-as-a-service reporting that they no longer have access to their servers.
Rhadamanthys infostealer disrupted as cybercriminals lose server access
The Rhadamanthys infostealer operation has been disrupted, with numerous "customers" of the malware-as-a-service reporting that they no longer have access to their servers.
www.bleepingcomputer.com
November 12, 2025 at 12:14 AM
The Rhadamanthys infostealer operation has been disrupted, with numerous "customers" of the malware-as-a-service reporting that they no longer have access to their servers.