Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company's firewall software.
BleepingComputer
Cisco warns of ASA firewall zero-days exploited in attacks
Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company's firew...
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack.
BleepingComputer
VC giant Insight Partners warns thousands after ransomware breach
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen...
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed 'Shai-Hulud' started yesterday with the compromise of the @npub1xgx7...xa3d/tinycolor npm package, and has now expanded to CrowdStrike's npm namespace.
BleepingComputer
Self-propagating supply chain attack hits 187 npm packages
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign d...
Next month, Microsoft will begin automatically installing the Microsoft 365 Copilot app on Windows devices that have the Microsoft 365 desktop client apps.
BleepingComputer
Microsoft to force install the Microsoft 365 Copilot app in October
Next month, Microsoft will begin automatically installing the Microsoft 365 Copilot app on Windows devices outside the European Economic Area (EEA)...
The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but attackers made little profit off it.
BleepingComputer
Hackers left empty-handed after massive NPM supply-chain attack
The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but attackers made litt...
Google plans to make it easier for users to access AI mode by allowing them to set it as the default, replacing the traditional blue links.
BleepingComputer
Google to make it easier to access AI Mode as default
Google plans to make it easier for users to access AI mode by allowing them to set it as the default, replacing the traditional blue links.
Threat actors are using Grok, X's built-in AI assistant, to bypass link posting restrictions that the platform introduced to reduce malicious advertising.
BleepingComputer
Threat actors abuse X’s Grok AI to spread malicious links
Threat actors are using Grok, X's built-in AI assistant, to bypass link posting restrictions that the platform introduced to reduce malicious ...
Hackers tried to steal $130 million from Evertec's Brazilian subsidiary Sinqia S.A.after gaining unauthorized access to its environment on the central bank's real-time payment system (Pix).
BleepingComputer
Hackers breach fintech firm in attempted $130M bank heist
Hackers tried to steal $130 million from Evertec's Brazilian subsidiary Sinqia S.A.after gaining unauthorized access to its environment on the...
Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default.
BleepingComputer
Microsoft Word will save your files to the cloud by default
Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default.
Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focusing on cloud-based encryption, data theft, and extortion.
BleepingComputer
Storm-0501 hackers shift to ransomware attacks in the cloud
Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focu...