BolhaSec
@bolhasec.com
#bolhasec pra ser retweetado
@sushicomabacate.com
@sushicomabacate.com
Notícia da BleepingComputer
"Windows 11 Build 26220.7051 released with “Ask Copilot” feature" #bolhasec
"Windows 11 Build 26220.7051 released with “Ask Copilot” feature" #bolhasec
Windows 11 Build 26220.7051 released with “Ask Copilot” feature
Windows 11 Build 26220.7051 is now rolling out to testers in the Windows Insider Program, and there are at least three new features, including Ask Copilot in the taskbar.
www.bleepingcomputer.com
November 12, 2025 at 1:30 AM
Notícia da BleepingComputer
"Windows 11 Build 26220.7051 released with “Ask Copilot” feature" #bolhasec
"Windows 11 Build 26220.7051 released with “Ask Copilot” feature" #bolhasec
Notícia da SecurityWeek
"Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks" #bolhasec
"Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks" #bolhasec
Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks
Software supply chain security firm JFrog has disclosed the details of a critical vulnerability affecting a popular React Native NPM package.
www.securityweek.com
November 12, 2025 at 12:30 AM
Notícia da SecurityWeek
"Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks" #bolhasec
"Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks" #bolhasec
Notícia da SecurityWeek
"Russian Government Hackers Caught Buying Passwords from Cybercriminals" #bolhasec
"Russian Government Hackers Caught Buying Passwords from Cybercriminals" #bolhasec
Russian Government Hackers Caught Buying Passwords from Cybercriminals
Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks.
www.securityweek.com
November 11, 2025 at 11:30 PM
Notícia da SecurityWeek
"Russian Government Hackers Caught Buying Passwords from Cybercriminals" #bolhasec
"Russian Government Hackers Caught Buying Passwords from Cybercriminals" #bolhasec
Notícia da SecurityWeek
"Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases" #bolhasec
"Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases" #bolhasec
Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases
Zico Kolter leads a panel at OpenAI that has the authority to halt the ChatGPT maker’s release of new AI systems if it finds them unsafe.
www.securityweek.com
November 11, 2025 at 10:30 PM
Notícia da SecurityWeek
"Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases" #bolhasec
"Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases" #bolhasec
Notícia da BleepingComputer
"Windows "inetpub" security fix can be abused to block future updates" #bolhasec
"Windows "inetpub" security fix can be abused to block future updates" #bolhasec
Windows "inetpub" security fix can be abused to block future updates
A recent Windows security update that creates an 'inetpub' folder has introduced a new weakness allowing attackers to prevent the installation of future updates.
www.bleepingcomputer.com
November 11, 2025 at 9:30 PM
Notícia da BleepingComputer
"Windows "inetpub" security fix can be abused to block future updates" #bolhasec
"Windows "inetpub" security fix can be abused to block future updates" #bolhasec
Notícia da BleepingComputer
"Ransomware profits drop as victims stop paying hackers" #bolhasec
"Ransomware profits drop as victims stop paying hackers" #bolhasec
Ransomware profits drop as victims stop paying hackers
The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers' demands.
www.bleepingcomputer.com
November 11, 2025 at 8:30 PM
Notícia da BleepingComputer
"Ransomware profits drop as victims stop paying hackers" #bolhasec
"Ransomware profits drop as victims stop paying hackers" #bolhasec
Notícia da SecurityWeek
"CISA Warns of CWP Vulnerability Exploited in the Wild" #bolhasec
"CISA Warns of CWP Vulnerability Exploited in the Wild" #bolhasec
CISA Warns of CWP Vulnerability Exploited in the Wild
CISA warns that CVE-2025-48703, a critical vulnerability affecting the Control Web Panel (CWP), has been exploited in the wild.
www.securityweek.com
November 11, 2025 at 7:30 PM
Notícia da SecurityWeek
"CISA Warns of CWP Vulnerability Exploited in the Wild" #bolhasec
"CISA Warns of CWP Vulnerability Exploited in the Wild" #bolhasec
Notícia da BleepingComputer
"APT37 hackers abuse Google Find Hub in Android data-wiping attacks" #bolhasec
"APT37 hackers abuse Google Find Hub in Android data-wiping attacks" #bolhasec
APT37 hackers abuse Google Find Hub in Android data-wiping attacks
North Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices.
www.bleepingcomputer.com
November 11, 2025 at 6:30 PM
Notícia da BleepingComputer
"APT37 hackers abuse Google Find Hub in Android data-wiping attacks" #bolhasec
"APT37 hackers abuse Google Find Hub in Android data-wiping attacks" #bolhasec
Notícia da BleepingComputer
"Mozilla: New Firefox extensions must disclose data collection practices" #bolhasec
"Mozilla: New Firefox extensions must disclose data collection practices" #bolhasec
Mozilla: New Firefox extensions must disclose data collection practices
Starting next month, Mozilla will require Firefox extension developers to disclose whether their add-ons collect or share user data with third parties.
www.bleepingcomputer.com
November 11, 2025 at 5:30 PM
Notícia da BleepingComputer
"Mozilla: New Firefox extensions must disclose data collection practices" #bolhasec
"Mozilla: New Firefox extensions must disclose data collection practices" #bolhasec
Notícia da BleepingComputer
"Penn hacker claims to have stolen 1.2 million donor records in data breach" #bolhasec
"Penn hacker claims to have stolen 1.2 million donor records in data breach" #bolhasec
Penn hacker claims to have stolen 1.2 million donor records in data breach
A hacker has taken responsibility for last week's University of Pennsylvania "We got hacked" email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and inter...
www.bleepingcomputer.com
November 11, 2025 at 4:30 PM
Notícia da BleepingComputer
"Penn hacker claims to have stolen 1.2 million donor records in data breach" #bolhasec
"Penn hacker claims to have stolen 1.2 million donor records in data breach" #bolhasec
Notícia da BleepingComputer
"Auction giant Sotheby’s says data breach exposed financial information" #bolhasec
"Auction giant Sotheby’s says data breach exposed financial information" #bolhasec
Auction giant Sotheby’s says data breach exposed financial information
Major international auction house Sotheby's is notifying individuals of a data breach incident on its systems where threat actors stole sensitive information, including financial details.
www.bleepingcomputer.com
November 11, 2025 at 3:30 PM
Notícia da BleepingComputer
"Auction giant Sotheby’s says data breach exposed financial information" #bolhasec
"Auction giant Sotheby’s says data breach exposed financial information" #bolhasec
Notícia da BleepingComputer
"Over 16,000 Fortinet devices compromised with symlink backdoor" #bolhasec
"Over 16,000 Fortinet devices compromised with symlink backdoor" #bolhasec
Over 16,000 Fortinet devices compromised with symlink backdoor
Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices.
www.bleepingcomputer.com
November 11, 2025 at 2:30 PM
Notícia da BleepingComputer
"Over 16,000 Fortinet devices compromised with symlink backdoor" #bolhasec
"Over 16,000 Fortinet devices compromised with symlink backdoor" #bolhasec
Notícia da BleepingComputer
"Microsoft: Exchange 2016 and 2019 have reached end of support" #bolhasec
"Microsoft: Exchange 2016 and 2019 have reached end of support" #bolhasec
Microsoft: Exchange 2016 and 2019 have reached end of support
Microsoft has reminded that Exchange Server 2016 and 2019 reached the end of support and advised IT administrators to upgrade servers to Exchange Server SE or migrate to Exchange Online.
www.bleepingcomputer.com
November 11, 2025 at 1:30 PM
Notícia da BleepingComputer
"Microsoft: Exchange 2016 and 2019 have reached end of support" #bolhasec
"Microsoft: Exchange 2016 and 2019 have reached end of support" #bolhasec
Notícia da SecurityWeek
"Many Malware Campaigns Linked to Proton66 Network" #bolhasec
"Many Malware Campaigns Linked to Proton66 Network" #bolhasec
Many Malware Campaigns Linked to Proton66 Network
Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN.
www.securityweek.com
November 11, 2025 at 12:30 PM
Notícia da SecurityWeek
"Many Malware Campaigns Linked to Proton66 Network" #bolhasec
"Many Malware Campaigns Linked to Proton66 Network" #bolhasec
Notícia da BleepingComputer
"Microsoft: DNS outage impacts Azure and Microsoft 365 services" #bolhasec
"Microsoft: DNS outage impacts Azure and Microsoft 365 services" #bolhasec
Microsoft: DNS outage impacts Azure and Microsoft 365 services
Microsoft is suffering an ongoing DNS outage affecting customers worldwide, preventing them from logging into company networks and accessing Microsoft Azure and Microsoft 365 services.
www.bleepingcomputer.com
November 11, 2025 at 11:30 AM
Notícia da BleepingComputer
"Microsoft: DNS outage impacts Azure and Microsoft 365 services" #bolhasec
"Microsoft: DNS outage impacts Azure and Microsoft 365 services" #bolhasec
Notícia da BleepingComputer
"Microsoft Edge gets scareware sensor for faster scam detection" #bolhasec
"Microsoft Edge gets scareware sensor for faster scam detection" #bolhasec
Microsoft Edge gets scareware sensor for faster scam detection
Microsoft is introducing a new scareware sensor for the Microsoft Edge web browser, which helps detect scam pages more quickly and ensures that Defender SmartScreen blocks them faster.
www.bleepingcomputer.com
November 11, 2025 at 2:30 AM
Notícia da BleepingComputer
"Microsoft Edge gets scareware sensor for faster scam detection" #bolhasec
"Microsoft Edge gets scareware sensor for faster scam detection" #bolhasec
Notícia da BleepingComputer
"Chinese hackers target Russian govt with upgraded RAT malware" #bolhasec
"Chinese hackers target Russian govt with upgraded RAT malware" #bolhasec
Chinese hackers target Russian govt with upgraded RAT malware
Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware.
www.bleepingcomputer.com
November 11, 2025 at 1:30 AM
Notícia da BleepingComputer
"Chinese hackers target Russian govt with upgraded RAT malware" #bolhasec
"Chinese hackers target Russian govt with upgraded RAT malware" #bolhasec
Notícia da SecurityWeek
"Researchers Hack ChatGPT Memories and Web Search Features" #bolhasec
"Researchers Hack ChatGPT Memories and Web Search Features" #bolhasec
Researchers Hack ChatGPT Memories and Web Search Features
Rsearchers recently discovered seven new ChatGPT vulnerabilities and attack techniques that can be exploited for data theft.
www.securityweek.com
November 11, 2025 at 12:30 AM
Notícia da SecurityWeek
"Researchers Hack ChatGPT Memories and Web Search Features" #bolhasec
"Researchers Hack ChatGPT Memories and Web Search Features" #bolhasec
Notícia da BleepingComputer
"Apple fixes two zero-days exploited in targeted iPhone attacks" #bolhasec
"Apple fixes two zero-days exploited in targeted iPhone attacks" #bolhasec
Apple fixes two zero-days exploited in targeted iPhone attacks
Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an "extremely sophisticated attack" against specific targets' iPhones.
www.bleepingcomputer.com
November 10, 2025 at 11:30 PM
Notícia da BleepingComputer
"Apple fixes two zero-days exploited in targeted iPhone attacks" #bolhasec
"Apple fixes two zero-days exploited in targeted iPhone attacks" #bolhasec
Notícia da BleepingComputer
"SimonMed says 1.2 million patients impacted in January data breach" #bolhasec
"SimonMed says 1.2 million patients impacted in January data breach" #bolhasec
SimonMed says 1.2 million patients impacted in January data breach
U.S. medical imaging provider SimonMed Imaging is notifying more than 1.2 million individuals of a data breach that exposed their sensitive information.
www.bleepingcomputer.com
November 10, 2025 at 10:30 PM
Notícia da BleepingComputer
"SimonMed says 1.2 million patients impacted in January data breach" #bolhasec
"SimonMed says 1.2 million patients impacted in January data breach" #bolhasec
Notícia da BleepingComputer
"Microsoft warns of Windows smart card auth issues after October updates" #bolhasec
"Microsoft warns of Windows smart card auth issues after October updates" #bolhasec
Microsoft warns of Windows smart card auth issues after October updates
Microsoft says the October 2025 Windows security updates are causing smart card authentication and certificate issues due to a change designed to strengthen the Windows Cryptographic Services.
www.bleepingcomputer.com
November 10, 2025 at 9:30 PM
Notícia da BleepingComputer
"Microsoft warns of Windows smart card auth issues after October updates" #bolhasec
"Microsoft warns of Windows smart card auth issues after October updates" #bolhasec
Notícia da BleepingComputer
"Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections" #bolhasec
"Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections" #bolhasec
Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections
Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly.
www.bleepingcomputer.com
November 10, 2025 at 8:30 PM
Notícia da BleepingComputer
"Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections" #bolhasec
"Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections" #bolhasec
Notícia da SecurityWeek
"Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm" #bolhasec
"Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm" #bolhasec
Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm
Payment solutions company KioSoft took a long time to address a serious vulnerability affecting some of its NFC-based cards.
www.securityweek.com
November 10, 2025 at 6:30 PM
Notícia da SecurityWeek
"Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm" #bolhasec
"Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm" #bolhasec
Notícia da BleepingComputer
"Hackers exploit 34 zero-days on first day of Pwn2Own Ireland" #bolhasec
"Hackers exploit 34 zero-days on first day of Pwn2Own Ireland" #bolhasec
Hackers exploit 34 zero-days on first day of Pwn2Own Ireland
On the first day of Pwn2Own Ireland 2025, security researchers exploited 34 unique zero-days and collected $522,500 in cash awards.
www.bleepingcomputer.com
November 10, 2025 at 5:30 PM
Notícia da BleepingComputer
"Hackers exploit 34 zero-days on first day of Pwn2Own Ireland" #bolhasec
"Hackers exploit 34 zero-days on first day of Pwn2Own Ireland" #bolhasec