#bolhadev
@bolhadev.com
bot de tecnologia (use a hashtag #bolhadev)
Reposted by #bolhadev
Notícia da BleepingComputer
"Russian hackers abuse Hyper-V to hide malware in Linux VMs" #bolhasec
"Russian hackers abuse Hyper-V to hide malware in Linux VMs" #bolhasec
Russian hackers abuse Hyper-V to hide malware in Linux VMs
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malwa...
www.bleepingcomputer.com
November 21, 2025 at 11:30 AM
Notícia da BleepingComputer
"Russian hackers abuse Hyper-V to hide malware in Linux VMs" #bolhasec
"Russian hackers abuse Hyper-V to hide malware in Linux VMs" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Phishers abuse Google OAuth to spoof Google in DKIM replay attack" #bolhasec
"Phishers abuse Google OAuth to spoof Google in DKIM replay attack" #bolhasec
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google's systems, passing all verifications but pointing to a fraudulent page ...
www.bleepingcomputer.com
November 21, 2025 at 2:30 AM
Notícia da BleepingComputer
"Phishers abuse Google OAuth to spoof Google in DKIM replay attack" #bolhasec
"Phishers abuse Google OAuth to spoof Google in DKIM replay attack" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Unpatched flaw in OnePlus phones lets rogue apps text messages" #bolhasec
"Unpatched flaw in OnePlus phones lets rogue apps text messages" #bolhasec
Unpatched flaw in OnePlus phones lets rogue apps text messages
A vulnerability in multiple OnePlus OxygenOS versions allows any installed app to access SMS data and metadata without requiring permission or user interaction.
www.bleepingcomputer.com
November 21, 2025 at 1:30 AM
Notícia da BleepingComputer
"Unpatched flaw in OnePlus phones lets rogue apps text messages" #bolhasec
"Unpatched flaw in OnePlus phones lets rogue apps text messages" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Data Stolen in Eurofiber France Hack" #bolhasec
"Data Stolen in Eurofiber France Hack" #bolhasec
Data Stolen in Eurofiber France Hack
A threat actor exploited a vulnerability, exfiltrated data, and attempted to extort Eurofiber.
www.securityweek.com
November 21, 2025 at 12:30 AM
Notícia da SecurityWeek
"Data Stolen in Eurofiber France Hack" #bolhasec
"Data Stolen in Eurofiber France Hack" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Tycoon 2FA and the Collapse of Legacy MFA" #bolhasec
"Tycoon 2FA and the Collapse of Legacy MFA" #bolhasec
Attackers Now Bypass App-Based MFA, Hardware Biometrics Stop Them
Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a phishing kit targets it. Learn from Token Ring how biometric, phishing-proof...
www.bleepingcomputer.com
November 20, 2025 at 10:30 PM
Notícia da BleepingComputer
"Tycoon 2FA and the Collapse of Legacy MFA" #bolhasec
"Tycoon 2FA and the Collapse of Legacy MFA" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Windows 11 Store gets Ninite-style multi-app installer feature" #bolhasec
"Windows 11 Store gets Ninite-style multi-app installer feature" #bolhasec
Windows 11 Store gets Ninite-style multi-app installer feature
The Microsoft Store on the web now lets you create a multi-app install package on Windows 11 that installs multiple applications from a single installer.
www.bleepingcomputer.com
November 20, 2025 at 9:30 PM
Notícia da BleepingComputer
"Windows 11 Store gets Ninite-style multi-app installer feature" #bolhasec
"Windows 11 Store gets Ninite-style multi-app installer feature" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Dutch police seizes 250 servers used by “bulletproof hosting” service" #bolhasec
"Dutch police seizes 250 servers used by “bulletproof hosting” service" #bolhasec
Dutch police seizes 250 servers used by “bulletproof hosting” service
The police in the Netherlands have seized around 250 physical servers powering a bulletproof hosting service in the country used exclusively by cybercriminals for providing complete anonymity.
www.bleepingcomputer.com
November 20, 2025 at 8:30 PM
Notícia da BleepingComputer
"Dutch police seizes 250 servers used by “bulletproof hosting” service" #bolhasec
"Dutch police seizes 250 servers used by “bulletproof hosting” service" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Widespread Infostealer Campaign Targeting macOS Users" #bolhasec
"Widespread Infostealer Campaign Targeting macOS Users" #bolhasec
Widespread Infostealer Campaign Targeting macOS Users
Threat actors are impersonating known brands in a widespread campaign aimed at infecting macOS users with information stealer malware.
www.securityweek.com
November 20, 2025 at 7:30 PM
Notícia da SecurityWeek
"Widespread Infostealer Campaign Targeting macOS Users" #bolhasec
"Widespread Infostealer Campaign Targeting macOS Users" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation" #bolhasec
"Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation" #bolhasec
Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation
The cash infusion brings Chainguard’s total funding to about $612 million since launching in 2021 and prices the company at $3.5 billion.
www.securityweek.com
November 20, 2025 at 5:30 PM
Notícia da SecurityWeek
"Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation" #bolhasec
"Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Cisco Webex bug lets hackers gain code execution via meeting links" #bolhasec
"Cisco Webex bug lets hackers gain code execution via meeting links" #bolhasec
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.
www.bleepingcomputer.com
November 20, 2025 at 4:30 PM
Notícia da BleepingComputer
"Cisco Webex bug lets hackers gain code execution via meeting links" #bolhasec
"Cisco Webex bug lets hackers gain code execution via meeting links" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS" #bolhasec
"MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS" #bolhasec
MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS
MITRE announced on Tuesday that its ATT&CK framework has been updated to version 18, with significant changes in several sections.
www.securityweek.com
November 20, 2025 at 3:30 PM
Notícia da SecurityWeek
"MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS" #bolhasec
"MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Armis Raises $435 Million in Pre-IPO Funding Round at $6.1 Billion Valuation" #bolhasec
"Armis Raises $435 Million in Pre-IPO Funding Round at $6.1 Billion Valuation" #bolhasec
Armis Raises $435 Million in Pre-IPO Funding Round at $6.1 Billion Valuation
Armis announced that it has raised $435 million in a pre-IPO funding round that values the company at $6.1 billion.
www.securityweek.com
November 20, 2025 at 2:30 PM
Notícia da SecurityWeek
"Armis Raises $435 Million in Pre-IPO Funding Round at $6.1 Billion Valuation" #bolhasec
"Armis Raises $435 Million in Pre-IPO Funding Round at $6.1 Billion Valuation" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Police busts credit card fraud rings with 4.3 million victims" #bolhasec
"Police busts credit card fraud rings with 4.3 million victims" #bolhasec
Police busts credit card fraud rings with 4.3 million victims
International authorities have dismantled three massive credit card fraud and money laundering networks, linked to losses exceeding €300 million ($344 million) and affecting over 4.3 million cardholde...
www.bleepingcomputer.com
November 20, 2025 at 1:30 PM
Notícia da BleepingComputer
"Police busts credit card fraud rings with 4.3 million victims" #bolhasec
"Police busts credit card fraud rings with 4.3 million victims" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"OpenAI rolls out GPT Codex Alpha with early access to new models" #bolhasec
"OpenAI rolls out GPT Codex Alpha with early access to new models" #bolhasec
OpenAI rolls out GPT Codex Alpha with early access to new models
OpenAI's Codex is already making waves in the vibe coding vertical, and it's now set to get even better.
www.bleepingcomputer.com
November 20, 2025 at 12:30 PM
Notícia da BleepingComputer
"OpenAI rolls out GPT Codex Alpha with early access to new models" #bolhasec
"OpenAI rolls out GPT Codex Alpha with early access to new models" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"CISA tags SonicWall VPN flaw as actively exploited in attacks" #bolhasec
"CISA tags SonicWall VPN flaw as actively exploited in attacks" #bolhasec
CISA tags SonicWall VPN flaw as actively exploited in attacks
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability.
www.bleepingcomputer.com
November 20, 2025 at 11:30 AM
Notícia da BleepingComputer
"CISA tags SonicWall VPN flaw as actively exploited in attacks" #bolhasec
"CISA tags SonicWall VPN flaw as actively exploited in attacks" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Microsoft Teams to let users report messages wrongly flagged as threats" #bolhasec
"Microsoft Teams to let users report messages wrongly flagged as threats" #bolhasec
Microsoft Teams to let users report messages wrongly flagged as threats
Microsoft says that Teams users will be able to report false-positive threat alerts triggered by messages incorrectly flagged as malicious.
www.bleepingcomputer.com
November 20, 2025 at 2:30 AM
Notícia da BleepingComputer
"Microsoft Teams to let users report messages wrongly flagged as threats" #bolhasec
"Microsoft Teams to let users report messages wrongly flagged as threats" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"SonicWall VPN accounts breached using stolen creds in widespread attacks" #bolhasec
"SonicWall VPN accounts breached using stolen creds in widespread attacks" #bolhasec
SonicWall VPN accounts breached using stolen creds in widespread attacks
Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials.
www.bleepingcomputer.com
November 20, 2025 at 1:30 AM
Notícia da BleepingComputer
"SonicWall VPN accounts breached using stolen creds in widespread attacks" #bolhasec
"SonicWall VPN accounts breached using stolen creds in widespread attacks" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Toys “R” Us Canada warns customers' info leaked in data breach" #bolhasec
"Toys “R” Us Canada warns customers' info leaked in data breach" #bolhasec
Toys “R” Us Canada warns customers' info leaked in data breach
Toys "R" Us Canada has sent notices of a data breach to customers informing them of a security incident where threat actors leaked customer records they had previously stolen from its systems.
www.bleepingcomputer.com
November 20, 2025 at 12:30 AM
Notícia da BleepingComputer
"Toys “R” Us Canada warns customers' info leaked in data breach" #bolhasec
"Toys “R” Us Canada warns customers' info leaked in data breach" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
www.bleepingcomputer.com
November 19, 2025 at 11:30 PM
Notícia da BleepingComputer
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
"CISA warns feds to fully patch actively exploited Cisco flaws" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Amazon: This week’s AWS outage caused by major DNS failure" #bolhasec
"Amazon: This week’s AWS outage caused by major DNS failure" #bolhasec
Amazon: This week’s AWS outage caused by major DNS failure
Amazon says a major DNS failure was behind a massive AWS (Amazon Web Services) outage that took down many websites and online services on Monday.
www.bleepingcomputer.com
November 19, 2025 at 10:30 PM
Notícia da BleepingComputer
"Amazon: This week’s AWS outage caused by major DNS failure" #bolhasec
"Amazon: This week’s AWS outage caused by major DNS failure" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Popular JavaScript library expr-eval vulnerable to RCE flaw" #bolhasec
"Popular JavaScript library expr-eval vulnerable to RCE flaw" #bolhasec
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
www.bleepingcomputer.com
November 19, 2025 at 9:30 PM
Notícia da BleepingComputer
"Popular JavaScript library expr-eval vulnerable to RCE flaw" #bolhasec
"Popular JavaScript library expr-eval vulnerable to RCE flaw" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"China Accuses US of Cyberattack on National Time Center" #bolhasec
"China Accuses US of Cyberattack on National Time Center" #bolhasec
China Accuses US of Cyberattack on National Time Center
China accused the National Security Agency of carrying out cyberattacks on its national time center.
www.securityweek.com
November 19, 2025 at 8:30 PM
Notícia da SecurityWeek
"China Accuses US of Cyberattack on National Time Center" #bolhasec
"China Accuses US of Cyberattack on National Time Center" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit" #bolhasec
"Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit" #bolhasec
Google Sues Chinese Cybercriminals Behind 'Lighthouse' Phishing Kit
Google announced that it has filed a lawsuit against the Chinese Smishing Triad cybercrime group over its Lighthouse phishing kit.
www.securityweek.com
November 19, 2025 at 7:30 PM
Notícia da SecurityWeek
"Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit" #bolhasec
"Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Thunderbird adds native support for Microsoft Exchange accounts" #bolhasec
"Thunderbird adds native support for Microsoft Exchange accounts" #bolhasec
Thunderbird adds native support for Microsoft Exchange accounts
Thunderbird 145 has been released with full native support for Microsoft Exchange email via the Exchange Web Services (EWS) protocol.
www.bleepingcomputer.com
November 19, 2025 at 6:30 PM
Notícia da BleepingComputer
"Thunderbird adds native support for Microsoft Exchange accounts" #bolhasec
"Thunderbird adds native support for Microsoft Exchange accounts" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000" #bolhasec
"Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000" #bolhasec
Pwn2Own Day 2: Hackers exploit 22 zero-days for $267,500
Security researchers collected $267,500 in cash after exploiting 22 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition.
www.bleepingcomputer.com
November 19, 2025 at 5:30 PM
Notícia da BleepingComputer
"Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000" #bolhasec
"Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000" #bolhasec