A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks.
BleepingComputer
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomi...
On Friday, the U.S. Federal Trade Commission (FTC) reported that the number of consumer complaints about unwanted telemarketing phone calls has dropped over 50% since 2021, continuing a trend that started three years ago.
BleepingComputer
FTC reports 50% drop in unwanted call complaints since 2021
On Friday, the U.S. Federal Trade Commission (FTC) reported that the number of consumer complaints about unwanted telemarketing phone calls has dro...
The Department of Justice has unsealed the indictment against two suspected Snowflake hackers, who breached more than 165 organizations using the services of the Snowflake cloud storage company.
BleepingComputer
US indicts Snowflake hackers who extorted $2.5 million from 3 victims
The Department of Justice has unsealed the indictment against two suspected Snowflake hackers, who breached more than 165 organizations using the s...
Amazon confirmed an employee data breach after a threat actor leaked on a hacking forum what they claimed was data stolen during the MOVEit data theft attacks in May 2023.
BleepingComputer
Amazon confirms employee data breach after vendor hack
Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hackin...
Hackers are targeting Windows machinesΒ using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them.
BleepingComputer
Hackers now use ZIP file concatenation to evade detection
Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without secu...
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers.
BleepingComputer
Malicious PyPI package with 37,000 downloads steals AWS keys
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services c...
Researchers have shown that it's possible to abuse OpenAI's real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to conduct financial scams with low to moderate success rates.
BleepingComputer
ChatGPT-4o can be used for autonomous voice-based scams
Researchers have shown that it's possible to abuse OpenAI's real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to conduct finan...
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang.
BleepingComputer
LA housing authority confirms breach claimed by Cactus ransomware
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cybe...
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by BleepingComputer.
BleepingComputer
LastPass warns of fake support centers trying to steal customer data
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone ...
qBittorrent has addressed a remote code execution flaw caused by the failure to validate SSL/TLS certificates in the application's DownloadManager, a component that manages downloads throughout the app.
BleepingComputer
qBittorrent fixes flaw exposing users to MitM attacks for 14 years
qBittorrent has addressed a remote code execution flaw caused by the failure to validate SSL/TLS certificates in the application's DownloadMan...