US drug testing firm DISA says data breach impacts 3.3 million people
DISA Global Solutions, a leading US background screening and drug and alcohol testing firm, has suffered a data breach impacting 3.3 million people. [...]
Bleeping Computer.
Anthropic's Claude 3.7 Sonnet is here and results are insane
2 months 1 week ago
Anthropic has started rolling out Claude 3.7 Sonnet, the company's most advanced model and the first hybrid reasoning model it has shipped. [...]
Mayank Parmar
Orange Group confirms breach after hacker leaks company documents
2 months 1 week ago
A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider. [...]
Ionut Ilascu
OpenAI bans ChatGPT accounts used by North Korean hackers
2 months 1 week ago
OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. [...]
Sergiu Gatlan
Russia warns financial sector of major IT service provider hack
2 months 1 week ago
Russia's National Coordination Center for Computer Incidents (NKTsKI) is warning organizations in the country's credit and financial sector about a breach at LANIT, a major Russian IT service and software provider. [...]
Bill Toulas
Microsoft tests ad-supported Office apps for Windows users
2 months 1 week ago
Microsoft has released ad-supported versions of its Office desktop apps, which have limited features but allow Windows users to edit their documents. [...]
Sergiu Gatlan
Australia bans all Kaspersky products on government systems
2 months 1 week ago
The Australian government has banned all Kaspersky Lab products and web services from its systems and devices following an analysis that claims the company poses a significant security risk to the country. [...]
Bill Toulas
Botnet targets Basic Auth in Microsoft 365 password spray attacks
2 months 1 week ago
A massive botnet of over 130,000 compromised devices is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide, attempting to confirm credentials. [...]
Bill Toulas
North Korean hackers linked to $1.5 billion ByBit crypto heist
2 months 1 week ago
Over the weekend, blockchain security companies and experts have linked North Korea's Lazarus hacking group to the theft of over $1.5 billion from cryptocurrency exchange Bybit. [...]
Sergiu Gatlan
Exploits for unpatched Parallels Desktop flaw give root on Macs
2 months 1 week ago
Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices. [...]
Bill Toulas
Google Cloud introduces quantum-safe digital signatures in KMS
2 months 1 week ago
Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. [...]
Bill Toulas
Beware: PayPal "New Address" feature abused to send phishing emails
2 months 1 week ago
An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers [...]
Lawrence Abrams
Fake CS2 tournament streams used to steal crypto, Steam accounts
2 months 1 week ago
Threat actors are exploiting major Counter-Strike 2 (CS2) competitions, like IEM Katowice 2025 and PGL Cluj-Napoca 2025, to defraud gamers and steal their Steam accounts and cryptocurrency. [...]
Bill Toulas
Google Chrome disables uBlock Origin for some in Manifest v3 rollout
2 months 2 weeks ago
Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. [...]
Mayank Parmar
SpyLend Android malware downloaded 100,000 times from Google Play
2 months 2 weeks ago
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. [...]
Bill Toulas
Hacker steals record $1.46 billion from Bybit ETH cold wallet
2 months 2 weeks ago
Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets. [...]
Sergiu Gatlan
CISA flags Craft CMS code injection flaw as exploited in attacks
2 months 2 weeks ago
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. [...]
Bill Toulas
Apple pulls iCloud end-to-end encryption feature in the UK
2 months 2 weeks ago
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers' encrypted cloud data. [...]
Sergiu Gatlan
Apiiro unveils free scanner to detect malicious code merges
2 months 2 weeks ago
Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. [...]
Bill Toulas
Black Basta ransomware gang's internal chat logs leak online
2 months 2 weeks ago
An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. [...]
Sergiu Gatlan
Checked
1 hour 37 minutes ago
BleepingComputer - All Stories
Bleeping Computer. feed