Welcome to our blog!

A security researcher discovered a flaw in Cloudflare's content delivery network (CDN), which could expose a person's general location by simply sending them an image on platforms like Signal and Discord. [...] from...

Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware. [...] from...

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. [...] from https://www.bleepingcomputer.com/news/security/cisco-warns-of-denial-of-service-flaw-with-poc-exploit-code/

The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they stole the personal data of 62.4 million students and 9.5 million teachers. [...] from...

American business services giant and government contractor Conduent confirmed today that a recent outage resulted from what it described as a "cyber security incident." [...] from...

Microsoft says Windows 11 24H2 has entered the broad deployment phase and is now available to all seekers via Windows Update. [...] from https://www.bleepingcomputer.com/news/microsoft/microsoft-expands-windows-11-24h2-rollout-to-eligible-windows-10-pcs/

South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company's VPN installer to deploy the custom 'SlowStepper' malware. [...] from...

Creating a custom password-exclusion list can help prevent employees from using passwords that are likely to be guessed. Learn from Specops Software on using AI to generate password dictionary for securing your organization's credentials. [...] from...

On the first day of Pwn2Own Automotive 2025, security researchers exploited 16 unique zero-days and collected $382,750 in cash awards. [...] from https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/

The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. [...] from...

Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. [...] from...

​Microsoft has announced that Game Assist, its recently unveiled in-game browser, is now also available in preview for Microsoft Edge Stable users. [...] from...

Bitbucket is investigating a massive outage affecting Atlassian Bitbucket Cloud customers worldwide, with the company saying its cloud services are "hard down." [...] from...

​A high-severity vulnerability in the 7-Zip file archiver allows attackers to bypass the Mark of the Web (MotW) Windows security feature and execute code on users' computers when extracting malicious files from nested archives. [...] from...

Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. [...] from...

AI SPERA announced today that it has partnered with education platform OnTheHub to provide its integrated cybersecurity solution, Criminal IP, to students and educational institutions. [...] from...

​Microsoft has reminded admins that Exchange 2016 and Exchange 2019 will reach the end of extended support in October and shared guidance for those who need to decommission outdated servers. [...] from...

Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company's developer environments. [...] from...