Public exploits released for CitrixBleed 2 NetScaler flaw, patch now
Lawrence Abrams / bleepingcomputer - Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. [...]
Back to Top / Monday, July 7, 2025, 6:20 pm / permalink 9569 / 4 stories in 7 months
IT company Ingram Micro says ransomware targeted internal systems
therecord - Ingram Micro published a statement on Saturday saying it discovered “ransomware on certain of its internal systems,” which it immediately took offline.
Back to Top / Monday, July 7, 2025, 12:21 pm / permalink 9527 / 3 stories in 7 months
Ingram Micro suffers global outage as internal systems inaccessible
Lawrence Abrams / bleepingcomputer - IT giant Ingram Micro is experiencing a global outage that is impacting its websites and internal systems, with customers concerned that it may be a cyberattack after the company remains silent on the cause of the issues. [...]
Back to Top / Friday, July 4, 2025, 11:20 am / permalink 9410 / 2 stories in 8 months
Let's Encrypt makes free security certificates available for IP addresses
Ian Barker / betanews - We’re all familiar with the idea of TLS/SSL security certificates that verify the identity of a website and ensure trust and security on the web by confirming that the site you’re visiting is what it says it is. Usually these relate to the domain name of …
Back to Top / Thursday, July 3, 2025, 7:20 am / permalink 9327 / 2 stories in 8 months
Ransomware crew Hunters International shuts down, hands out keys to victims
Connor Jones / theregister - Don't let their kind words sway you – leaders are still up to no good Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor.…
Back to Top / Thursday, July 3, 2025, 7:20 am / permalink 9326 / 5 stories in 8 months
Apple Accuses Former Employee of Stealing Vision Pro Secrets
Hartley Charlton / macrumors - Apple is accusing one of its former engineers of stealing confidential design and development information related to the Apple Vision Pro headset and taking it to Snap, according to a lawsuit filed in California.Apple filed the complaint against Di Liu on…
Back to Top / Tuesday, July 1, 2025, 7:20 am / permalink 9188 / 9 stories in 8 months
Microsoft Authenticator is ending support for passwords
Emma Roth / theverge - Microsoft will soon no longer let you use its Authenticator app to store or autofill passwords. Starting in July, you won’t be able to autofill saved passwords using Authenticator, and you’ll have to use Microsoft Edge or another password management solut…
Back to Top / Monday, June 30, 2025, 7:20 pm / permalink 9175 / 3 stories in 8 months
Millions of Brother Printers Are Full of Hackable Bugs
Lucas Ropek / gizmodo - Don't let your printer get hijacked.
Back to Top / Monday, June 30, 2025, 8:20 am / permalink 9110 / 4 stories in 8 months
Android 16 can warn you if a stingray device is spying on you
Matthew Mountjoy / mobilesyrup - The new Android 16 update has a feature that will warn you when someone is using a fake and insecure network for malicious purposes. The attack utilizes a device known as a “stingray.” The attacker sets up the device near a target that they want to observ…
Back to Top / Friday, June 27, 2025, 4:21 pm / permalink 9020 / 2 stories in 8 months
Microsoft Evicts Antivirus From Windows Kernel After 2024 Crowdstrike Outage
Markus Kasanmascheff / winbuzzer - In response to the 2024 CrowdStrike crisis, Microsoft is overhauling Windows security by forcing antivirus software out of the kernel to boost stability. This major architectural shift, part of the 'Windows Resiliency Initiative,' redefines platform secur…
Back to Top / Friday, June 27, 2025, 12:21 pm / permalink 8995 / 4 stories in 8 months
Data spill in aisle 5: Grocery giant Ahold Delhaize says 2.2M affected after cyberattack
Connor Jones / theregister - Finance, health, and national identification details compromised Multinational grocery and retail megacorp Ahold Delhaize says upwards of 2.2 million people had their data compromised during its November cyberattack with personal, financial and health det…
Back to Top / Friday, June 27, 2025, 9:21 am / permalink 8981 / 2 stories in 8 months
Citrix warns of exploitation of Netscaler devices through new bugs
therecord - Citrix is sounding the alarm about vulnerabilities affecting Netscaler products that security researchers say are reminiscent of the widely exploited "Citrix Bleed" bug.
Back to Top / Wednesday, June 25, 2025, 4:20 pm / permalink 8839 / 3 stories in 8 months
WinRAR patches bug letting malware launch from extracted archives
Bill Toulas / bleepingcomputer - WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive. [...]
Back to Top / Wednesday, June 25, 2025, 12:20 pm / permalink 8802 / 3 stories in 8 months
Microsoft Pivots, Offers Free Windows 10 Updates after End-Of-Life Deadline with a Strategic Catch
Markus Kasanmascheff / winbuzzer - Microsoft is now offering free Extended Security Updates for Windows 10 users who sync their PC with the Windows Backup app, a strategic move to avert a security crisis and deepen integration with its cloud services ahead of the 2025 deadline.The post Mic…
Back to Top / Wednesday, June 25, 2025, 11:21 am / permalink 8796 / 3 stories in 8 months
SonicWall warns of trojanized NetExtender stealing VPN logins
Bill Toulas / bleepingcomputer - SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials. [...]
Back to Top / Tuesday, June 24, 2025, 4:20 pm / permalink 8741 / 3 stories in 8 months
Find My, Mail, Photos and iWork hit by iCloud outage
appleinsider - Apple's iCloud services are experiencing an outage, and impacted users are experiencing issues with iCloud Mail, Photos, and the iWork suite of apps.Some users are experiencing issues with iCloud services due to an ongoing outage.On Tuesday, users of iClo…
Back to Top / Tuesday, June 24, 2025, 4:20 pm / permalink 8740 / 3 stories in 8 months
Microsoft extends free Windows 10 security updates into 2026, with strings attached
Andrew Cunningham / arstechnica - End-of-support date isn’t changing, but extra year will be functionally free.
Back to Top / Tuesday, June 24, 2025, 1:21 pm / permalink 8718 / 7 stories in 8 months
Snyk acquires Invariant Labs to expand AI agent security capabilities
Duncan Riley / siliconangle - Cybersecurity company Snyk Ltd. today announced that it has acquired Invariant Labs AG, a Swiss artificial intelligence security research firm, for an undisclosed price. Spun off as a separate company from ETH Zurich university in 2024, Invariant Labs bui…
Back to Top / Tuesday, June 24, 2025, 9:20 am / permalink 8696 / 3 stories in 8 months
US bans WhatsApp from House of Representatives staff devices
Ram Iyer, Ivan Mehta / techcrunch - The U.S. government has banned WhatsApp from devices used by U.S. House of Representatives staff, saying the app poses potential security risks.
Back to Top / Tuesday, June 24, 2025, 7:20 am / permalink 8686 / 6 stories in 8 months
Aflac discloses breach amidst Scattered Spider insurance attacks
Sergiu Gatlan / bleepingcomputer - On Friday, American insurance giant Aflac disclosed that its systems were breached in a broader campaign targeting insurance companies across the United States by attackers who may have stolen personal and health information. [...]
Back to Top / Friday, June 20, 2025, 1:21 pm / permalink 8491 / 3 stories in 8 months