BleepingComputer
@bleepingcomputer.com
Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices.
APT37 hackers abuse Google Find Hub in Android data-wiping attacks
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices.
www.bleepingcomputer.com
November 11, 2025 at 12:46 AM
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices.
Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting.
Mozilla Firefox gets new anti-fingerprinting defenses
Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting.
www.bleepingcomputer.com
November 10, 2025 at 10:26 PM
Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting.
A new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users' credentials.
Quantum Route Redirect PhaaS targets Microsoft 365 users worldwide
A new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users' credentials.
www.bleepingcomputer.com
November 10, 2025 at 9:29 PM
A new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users' credentials.
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Yanluowang initial access broker pleaded guilty to ransomware attacks
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022.
www.bleepingcomputer.com
November 10, 2025 at 8:21 PM
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
CISA ordered federal agencies to patch a critical vulnerability exploited in zero-day attacks to deploy LandFall spyware on Samsung devices running WhatsApp.
CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered federal agencies to patch a critical vulnerability exploited in zero-day attacks to deploy LandFall spyware on Samsung devices running WhatsApp.
www.bleepingcomputer.com
November 10, 2025 at 8:00 PM
CISA ordered federal agencies to patch a critical vulnerability exploited in zero-day attacks to deploy LandFall spyware on Samsung devices running WhatsApp.
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
www.bleepingcomputer.com
November 10, 2025 at 6:32 PM
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
The Windows Start menu is getting its first major redesign since 2021 and will be rolled out to everyone with the November 11 Patch Tuesday update.
How to use new Windows 11 Start menu, now rolling out
The Windows Start menu is getting its first major redesign since 2021 and will be rolled out to everyone with the November 11 Patch Tuesday update.
www.bleepingcomputer.com
November 9, 2025 at 11:30 PM
The Windows Start menu is getting its first major redesign since 2021 and will be rolled out to everyone with the November 11 Patch Tuesday update.
OpenAI is preparing the GPT-5.1 family for public rollout. This includes GPT-5.1 (base), GPT-5.1 Reasoning, and GPT-5.1 Pro for those who pay a $200 monthly subscription.
OpenAI plans to release GPT-5.1, GPT-5.1 Reasoning, and GPT-5.1 Pro
OpenAI is preparing the GPT-5.1 family for public rollout. This includes GPT-5.1 (base), GPT-5.1 Reasoning, and GPT-5.1 Pro for those who pay a $200 monthly subscription.
www.bleepingcomputer.com
November 8, 2025 at 10:30 PM
OpenAI is preparing the GPT-5.1 family for public rollout. This includes GPT-5.1 (base), GPT-5.1 Reasoning, and GPT-5.1 Pro for those who pay a $200 monthly subscription.
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices.
Malicious NuGet packages drop disruptive 'time bombs'
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices.
www.bleepingcomputer.com
November 7, 2025 at 8:54 PM
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices.
Microsoft is testing a faster version of Quick Machine Recovery (QMR) and updated Smart App Control (SAC), allowing users to toggle it without requiring a Windows clean install.
Microsoft testing faster Quick Machine Recovery in Windows 11
Microsoft is testing a faster version of Quick Machine Recovery (QMR) and updated Smart App Control (SAC), allowing users to toggle it without requiring a Windows clean install.
www.bleepingcomputer.com
November 7, 2025 at 7:46 PM
Microsoft is testing a faster version of Quick Machine Recovery (QMR) and updated Smart App Control (SAC), allowing users to toggle it without requiring a Windows clean install.
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition.
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition.
www.bleepingcomputer.com
November 7, 2025 at 6:24 PM
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition.
A threat actor exploited a zero-day vulnerability in Samsung's Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp.
New LandFall spyware exploited Samsung zero-day via WhatsApp messages
A threat actor exploited a zero-day vulnerability in Samsung's Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp.
www.bleepingcomputer.com
November 7, 2025 at 6:23 PM
A threat actor exploited a zero-day vulnerability in Samsung's Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp.
Cisco warned this week that two vulnerabilities, which have been exploited in zero-day attacks, are now being abused to force ASA and FTD firewalls into reboot loops.
Cisco: Actively exploited firewall flaws now abused for DoS attacks
Cisco warned this week that two vulnerabilities, which have been exploited in zero-day attacks, are now being abused to force ASA and FTD firewalls into reboot loops.
www.bleepingcomputer.com
November 7, 2025 at 3:44 PM
Cisco warned this week that two vulnerabilities, which have been exploited in zero-day attacks, are now being abused to force ASA and FTD firewalls into reboot loops.
Google is planning to ship two new models. One is Gemini 3, which is optimised for coding and regular use, and the second is Nano Banano 2 for generating realistic images.
Leak confirms Google Gemini 3 Pro and Nano Banana 2 could launch soon
Google is planning to ship two new models. One is Gemini 3, which is optimised for coding and regular use, and the second is Nano Banano 2 for generating realistic images.
www.bleepingcomputer.com
November 7, 2025 at 1:06 PM
Google is planning to ship two new models. One is Gemini 3, which is optimised for coding and regular use, and the second is Nano Banano 2 for generating realistic images.
The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data.
U.S. Congressional Budget Office hit by suspected foreign cyberattack
The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data.
www.bleepingcomputer.com
November 7, 2025 at 12:22 AM
The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data.
A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.
AI-Slop ransomware test sneaks on to VS Code marketplace
A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.
www.bleepingcomputer.com
November 6, 2025 at 9:53 PM
A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.
A very transparent technical report from the Nevada state government describes the steps a ransomware gang used to breach their network and deploy ransomware, setting an example for cybersecurity disclosures.
www.bleepingcomputer.com/news/securit...
#nevada #ransomware #technicalanalysis
www.bleepingcomputer.com/news/securit...
#nevada #ransomware #technicalanalysis
www.bleepingcomputer.com
November 6, 2025 at 7:23 PM
A very transparent technical report from the Nevada state government describes the steps a ransomware gang used to breach their network and deploy ransomware, setting an example for cybersecurity disclosures.
www.bleepingcomputer.com/news/securit...
#nevada #ransomware #technicalanalysis
www.bleepingcomputer.com/news/securit...
#nevada #ransomware #technicalanalysis
Cisco has patched a critical vulnerability in the Unified Contact Center Express (UCCX) software, which could enable attackers to execute commands with root privileges.
Critical Cisco UCCX flaw lets attackers run commands as root
Cisco has patched a critical vulnerability in the Unified Contact Center Express (UCCX) software, which could enable attackers to execute commands with root privileges.
www.bleepingcomputer.com
November 6, 2025 at 1:31 PM
Cisco has patched a critical vulnerability in the Unified Contact Center Express (UCCX) software, which could enable attackers to execute commands with root privileges.
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine's education, government, and the grain sector, the country's main revenue source.
Sandworm hackers use data wipers to disrupt Ukraine's grain sector
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine's education, government, and the grain sector, the country's main revenue source.
www.bleepingcomputer.com
November 6, 2025 at 10:01 AM
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine's education, government, and the grain sector, the country's main revenue source.
The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware.
Gootloader malware is back with new tricks after 7-month break
The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware.
www.bleepingcomputer.com
November 5, 2025 at 9:53 PM
The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware.
Hyundai AutoEver America is notifying individuals that hackers breached the company's IT environment and gained access to personal information.
Hyundai AutoEver America data breach exposes SSNs, drivers licenses
Hyundai AutoEver America is notifying individuals that hackers breached the company's IT environment and gained access to personal information.
www.bleepingcomputer.com
November 5, 2025 at 9:19 PM
Hyundai AutoEver America is notifying individuals that hackers breached the company's IT environment and gained access to personal information.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP).
CISA warns of critical CentOS Web Panel bug exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP).
www.bleepingcomputer.com
November 5, 2025 at 6:26 PM
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP).
The Microsoft Store on the web now lets you create a multi-app install package on Windows 11 that installs multiple applications from a single installer.
Windows 11 Store gets Ninite-style multi-app installer feature
The Microsoft Store on the web now lets you create a multi-app install package on Windows 11 that installs multiple applications from a single installer.
www.bleepingcomputer.com
November 5, 2025 at 5:28 PM
The Microsoft Store on the web now lets you create a multi-app install package on Windows 11 that installs multiple applications from a single installer.
SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack.
SonicWall says state-sponsored hackers behind security breach in September
SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack.
www.bleepingcomputer.com
November 5, 2025 at 5:13 PM
SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack.
Britain's largest carriers have committed to upgrading their mobile networks to eliminate scammers' ability to spoof phone numbers within a year.
UK carriers to block spoofed phone numbers in fraud crackdown
Britain's largest carriers have committed to upgrading their mobile networks to eliminate scammers' ability to spoof phone numbers within a year.
www.bleepingcomputer.com
November 5, 2025 at 4:34 PM
Britain's largest carriers have committed to upgrading their mobile networks to eliminate scammers' ability to spoof phone numbers within a year.