The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the emails appear trustworthy and bypassing email security platforms.
BleepingComputer
Microsoft 365 Admin portal abused to send sextortion emails
The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the emails appear trustworthy and bypassing email security platforms.
A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions.
BleepingComputer
Security plugin flaw in millions of WordPress sites gives admin access
A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly &#03...
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks.
BleepingComputer
Botnet exploits GeoVision zero-day to install Mirai malware
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomi...
On Friday, the U.S. Federal Trade Commission (FTC) reported that the number of consumer complaints about unwanted telemarketing phone calls has dropped over 50% since 2021, continuing a trend that started three years ago.
BleepingComputer
FTC reports 50% drop in unwanted call complaints since 2021
On Friday, the U.S. Federal Trade Commission (FTC) reported that the number of consumer complaints about unwanted telemarketing phone calls has dro...
The Department of Justice has unsealed the indictment against two suspected Snowflake hackers, who breached more than 165 organizations using the services of the Snowflake cloud storage company.
BleepingComputer
US indicts Snowflake hackers who extorted $2.5 million from 3 victims
The Department of Justice has unsealed the indictment against two suspected Snowflake hackers, who breached more than 165 organizations using the s...
Amazon confirmed an employee data breach after a threat actor leaked on a hacking forum what they claimed was data stolen during the MOVEit data theft attacks in May 2023.
BleepingComputer
Amazon confirms employee data breach after vendor hack
Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hackin...
Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them.
BleepingComputer
Hackers now use ZIP file concatenation to evade detection
Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without secu...
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers.
BleepingComputer
Malicious PyPI package with 37,000 downloads steals AWS keys
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services c...
Researchers have shown that it's possible to abuse OpenAI's real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to conduct financial scams with low to moderate success rates.
BleepingComputer
ChatGPT-4o can be used for autonomous voice-based scams
Researchers have shown that it's possible to abuse OpenAI's real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to conduct finan...
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang.
BleepingComputer
LA housing authority confirms breach claimed by Cactus ransomware
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cybe...