Bleeping Computer.

Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities and issues. [...]

The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. [...]

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]

Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities. [...]

FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs' reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding over disclosure process. [...]

AI assistants are no longer just helping — they're acting. Autonomous agents now open tickets, fix incidents, and make decisions faster than humans can monitor. As "Shadow AI" spreads, learn from Token Security why orgs must govern these agents like powerful new identities before oversight disappears. [...]

Around 200,000 Linux computer systems from American computer maker Framework were shipped with signed UEFI shell components that could be exploited to bypass Secure Boot protections. [...]

Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a web shell. [...]

Microsoft is restricting access to Internet Explorer mode in Edge browser after learning that hackers are leveraging zero-day exploits in the Chakra JavaScript engine for access to target devices. [...]

U.S. medical imaging provider SimonMed Imaging is notifying more than 1.2 million individuals of a data breach that exposed their sensitive information. [...]

A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States from more than 100,000 IP addresses. [...]

Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials. [...]

Microsoft is investigating an ongoing incident that is preventing some customers from accessing Microsoft 365 applications. [...]

Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers. [...]

AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis' new Interceptor platform uses multimodal AI — vision, language, and behavior models — to detect zero-hour attacks and stop them before they reach users. [...]

Microsoft says the latest version of the Windows 11 Media Creation Tool (MCT) no longer works correctly on Windows 10 22H2 computers. [...]

Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle's E-Business Suite servers. [...]

An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer "Inflation Refunds" in an attempt to steal victims' personal and financial data. [...]

Spanish Guardia Civil have dismantled the "GXC Team" cybercrime syndicate and arrested its alleged leader, a 25-year-old Brazilian known as "GoogleXcoder." [...]