Bleeping Computer.

Microsoft has released the optional KB5041587 preview cumulative update for Windows 11 23H2 and 22H2, which adds sharing to Android devices and fixes multiple File Explorer issues. [...]

Notion has announced it will exit the Russian market and is terminating all workspaces and accounts identified linked to users in the country. [...]

The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks. [...]

SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, and Windows Server systems. [...]

Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. [...]

External Attack Surface Management (EASM) coupled with Penetration Testing as a Service (PTaaS) can help find those blind spots and hidden assets exposed on your network. Learn more from Outpost24 about how combining EASM and PTaaS can help reveal these hidden pitfalls. [...]

​A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. [...]

The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks. [...]

Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. [...]

Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. [...]

Microsoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quarantine. [...]

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) has imposed a fine of  €290,000,000 ($325 million) on Uber Technologies Inc. and Uber B.V. over GDPR violations. [...]

Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. [...]

SonicWall's SonicOS is vulnerable to a critical access control flaw that could allow attackers to gain access unauthorized access to resources or cause the firewall to crash. [...]

ThreatLocker has created a list of the top 15 actions to secure an organization if employing a remote or hybrid workforce. Learn more in this free e-book from ThreatLocker. [...]

The Seattle-Tacoma International Airport has confirmed that a cyberattack is likely behind the ongoing IT systems outage that disrupted reservation check-in systems and delayed flights over the weekend. [...]

An audit from the Department of Justice's Office of the Inspector General (OIG) identified "significant weaknesses" in FBI's inventory management and disposal of electronic storage media containing sensitive and classified information. [...]

A stealthy Linux malware named 'sedexp' has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework. [...]

The American Radio Relay League (ARRL) paid a $1 million ransom for a decryptor that helped restore systems encrypted in a May ransomware attack [...]

Microsoft shared a workaround for Linux boot issues triggered by August security updates on dual-boot systems with Secure Boot enabled [...]