Security News

Filter by:

WooCommerce admins targeted by fake security patches that hijack sites

A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a "critical patch" that adds a Wordpress backdoor to the site. [...]
Bleepingcomputer 26 Apr 2025 1170 Views

NFC-Powered Android Malware Enables Instant Cash-Outs

Researchers at security vendor Cleafy detailed a malware known as "SuperCard X" that uses the NFC reader on a victim's own phone to steal credit card funds instantly.
Dark Reading 25 Apr 2025 6878 Views

Hackers abuse Zoom remote control feature for crypto-theft attacks

A hacking group dubbed 'Elusive Comet' targets cryptocurrency users in social engineering attacks that exploit Zoom's remote control feature to trick users into granting them access to their machines. [...]
Bleepingcomputer 23 Apr 2025 1336 Views

ASUS Urges Users to Patch AiCloud Router Vuln Immediately

The vulnerability is only found in the vendor's router series and can be triggered by an attacker using a crafted request — all of which helps make it a highly critical vulnerability with a 9.2 CVSS score.
Dark Reading 22 Apr 2025 7953 Views

State-sponsored hackers embrace ClickFix social engineering tactic

ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia utilizing the tactic to breach networks. [...]
Bleepingcomputer 20 Apr 2025 1185 Views

Widespread Microsoft Entra lockouts tied to new security feature rollout

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID's "leaked credentials" detection app called MACE. [...]
Bleepingcomputer 20 Apr 2025 1238 Views

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. [...]
Bleepingcomputer 19 Apr 2025 1165 Views

FBI: Scammers pose as FBI IC3 employees to 'help' recover lost funds

The FBI warns that scammers posing as FBI IC3 employees are offering to "help" fraud victims recover money lost to other scammers. [...]
Bleepingcomputer 19 Apr 2025 1124 Views

New Android malware steals your credit cards for NFC relay attacks

A new malware-as-a-service (MaaS) platform named 'SuperCard X' has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data. [...]
Bleepingcomputer 19 Apr 2025 1091 Views

SonicWall SMA VPN devices targeted in attacks since January

A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arctic Wolf. [...]
Bleepingcomputer 18 Apr 2025 1025 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY