BleepingComputer

🛡️ bleepingcomputer_at_infosec.exchange@momostr.pink

npub1pkrn...6763

Breaking technology news, security guides, and tutorials that help you get the most from your computer. Feel free to send us story tips at press@bleepingcomputer.com. Sometimes a bot, sometimes not. Website: https://www.bleepingcomputer.com/ Twitter: https://twitter.com/BleepinComputer

BleepingComputer 4 days ago

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable FortiGate firewalls.

BleepingComputer

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-fact...

BleepingComputer 2 weeks ago

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more than 50,000 downloads, to monitor browser activity and plant a backdoor.

BleepingComputer

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more than 50,000...

BleepingComputer 2 weeks ago

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and steal system configuration files.

BleepingComputer

Hackers exploit newly patched Fortinet auth bypass flaws

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and stea...

BleepingComputer 2 weeks ago

An email scam is abusing abusing PayPal's "Subscriptions" billing feature to send legitimate PayPal emails that contain fake purchase notifications embedded in the Customer service URL field.

BleepingComputer

Beware: PayPal subscriptions abused to send fake purchase emails

An email scam is abusing abusing PayPal's "Subscriptions" billing feature to send legitimate PayPal emails that contain fake purchase notifica...

BleepingComputer 3 weeks ago

American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that could allow attackers to execute code remotely.

BleepingComputer

Ivanti warns of critical Endpoint Manager code execution flaw

American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that cou...

BleepingComputer 3 weeks ago

Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions.

BleepingComputer

Portugal updates cybercrime law to exempt security researchers

Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under...

BleepingComputer 4 weeks ago

Cloudflare is down, as websites are crashing with a 500 Internal Server Error.

BleepingComputer

Cloudflare down, websites offline with 500 Internal Server Error

Cloudflare is down, as websites are crashing with a 500 Internal Server Error. Cloudflare is investigating the reports.

BleepingComputer 4 weeks ago

Microsoft is investigating and working to resolve a known issue that prevents customers from downloading Microsoft 365 desktop apps from the Microsoft 365 homepage.

BleepingComputer

Microsoft 365 license check bug blocks desktop app downloads

Microsoft is investigating and working to resolve a known issue that prevents customers from downloading Microsoft 365 desktop apps from the Mic...

BleepingComputer 4 weeks ago

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions during the registration process.

BleepingComputer

Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for Elementor plugin for WordPre...

BleepingComputer 4 weeks ago

Microsoft warns that Windows 11 updates released since August may cause the password sign-in option to disappear from the lock screen options.

BleepingComputer

Microsoft: Windows updates make password login option invisible

Microsoft warned users that Windows 11 updates released since August may cause the password sign-in option to disappear from the lock screen option...

Load More → Loading...