Posts

Showing posts from October, 2025

Windows 11 tests shared Bluetooth audio support, but only for AI PCs

If you have two headphones, speakers, earbuds, or any other Bluetooth hardware, you can now use both simultaneously on a Copilot+ PC. [...] https://www.bleepingcomputer.com/news/microsoft/windows-11-tests-shared-bluetooth-audio-support-but-only-for-ai-pcs/ Posted from: this blog via Microsoft Power Automate .

Windows 11 tests shared Bluetooth audio support, but only for AI PCs

If you have two headphones, speakers, earbuds, or any other Bluetooth hardware, you can now use both simultaneously on a Copilot+ PC. [...] https://www.bleepingcomputer.com/news/microsoft/windows-11-tests-shared-bluetooth-audio-support-but-only-for-ai-pcs/ Posted from: this blog via Microsoft Power Automate .

‘We got hacked’ emails threaten to leak University of Pennsylvania data

The University of Pennsylvania suffered a cybersecurity incident on Friday, where students and alumni received a series of offensive emails from various University email addresses, claiming that data was stolen in a breach. [...] https://www.bleepingcomputer.com/news/security/offensive-we-got-hacked-emails-sent-in-penn-security-incident/ Posted from: this blog via Microsoft Power Automate .

Microsoft Edge gets scareware sensor for faster scam detection

Microsoft is introducing a new scareware sensor for the Microsoft Edge web browser, which helps detect scam pages more quickly and ensures that Defender SmartScreen blocks them faster. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-gets-scareware-sensor-for-faster-scam-detection/ Posted from: this blog via Microsoft Power Automate .

Microsoft Edge gets scareware sensor for faster scam detection

Microsoft is introducing a new scareware sensor for the Microsoft Edge web browser, which helps detect scam pages more quickly and ensures that Defender SmartScreen blocks them faster. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-gets-scareware-sensor-for-faster-scam-detection/ Posted from: this blog via Microsoft Power Automate .

BPO giant Conduent confirms data breach impacts 10.5 million people

American business services giant Conduent has confirmed that a 2024 data breach has impacted over 10.5 million people, according to notifications filed with the US Attorney General's offices. [...] https://www.bleepingcomputer.com/news/security/bpo-giant-conduent-confirms-data-breach-impacts-105-million-people/ Posted from: this blog via Microsoft Power Automate .

WhatsApp adds passwordless chat backups on iOS and Android

WhatsApp is rolling out passkey-encrypted backups for iOS and Android devices, enabling users to encrypt their chat history using their fingerprint, face, or a screen lock code. [...] https://www.bleepingcomputer.com/news/security/whatsapp-adds-passwordless-chat-backups-on-ios-and-android/ Posted from: this blog via Microsoft Power Automate .

Ex-L3Harris exec guilty of selling cyber exploits to Russian broker

Peter Williams, a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to a Russian vulnerability exploit broker. [...] https://www.bleepingcomputer.com/news/security/ex-l3harris-exec-guilty-of-selling-cyber-exploits-to-russian-broker/ Posted from: this blog via Microsoft Power Automate .

Ex-L3Harris exec guilty of selling cyber exploits to Russian broker

Peter Williams, a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to a Russian vulnerability exploit broker. [...] https://www.bleepingcomputer.com/news/security/ex-l3harris-exec-guilty-of-selling-cyber-exploits-to-russian-broker/ Posted from: this blog via Microsoft Power Automate .

CISA and NSA share tips on securing Microsoft Exchange servers

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their networks against attacks. [...] https://www.bleepingcomputer.com/news/security/cisa-and-nsa-share-tips-on-securing-microsoft-exchange-servers/ Posted from: this blog via Microsoft Power Automate .

CISA and NSA share tips on securing Microsoft Exchange servers

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their networks against attacks. [...] https://www.bleepingcomputer.com/news/security/cisa-and-nsa-share-tips-on-securing-microsoft-exchange-servers/ Posted from: this blog via Microsoft Power Automate .

LinkedIn phishing targets finance execs with fake board invites

Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials. [...] https://www.bleepingcomputer.com/news/security/linkedin-phishing-targets-finance-execs-with-fake-board-invites/ Posted from: this blog via Microsoft Power Automate .

Rethinking identity security in the age of autonomous AI agents

AI agents now make decisions and access systems on their own, creating identity blind spots traditional tools can't see. Learn how Token Security brings identity-first security to agentic AI — making every agent verified, owned, and accountable. [...] https://www.bleepingcomputer.com/news/security/rethinking-identity-security-in-the-age-of-autonomous-ai-agents/ Posted from: this blog via Microsoft Power Automate .

Canada says hacktivists breached water and energy facilities

The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions. [...] https://www.bleepingcomputer.com/news/security/canada-says-hacktivists-breached-water-and-energy-facilities/ Posted from: this blog via Microsoft Power Automate .

Canada says hacktivists breached water and energy facilities

The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions. [...] https://www.bleepingcomputer.com/news/security/canada-says-hacktivists-breached-water-and-energy-facilities/ Posted from: this blog via Microsoft Power Automate .

Microsoft fixes Media Creation Tool broken on some Windows PCs

Microsoft has confirmed that the Windows 11 Media Creation Tool (MCT) is working again on Windows 10 22H2 and Windows 11 25H2 systems. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-media-creation-tool-broken-on-some-windows-pcs/ Posted from: this blog via Microsoft Power Automate .

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials. [...] https://www.bleepingcomputer.com/news/security/phantomraven-attack-floods-npm-with-credential-stealing-packages/ Posted from: this blog via Microsoft Power Automate .

Microsoft: DNS outage impacts Azure and Microsoft 365 services

Microsoft is investigating an ongoing DNS outage affecting customers worldwide, preventing them from accessing Microsoft Azure and Microsoft 365 services. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-dns-outage-impacts-azure-and-microsoft-365-services/ Posted from: this blog via Microsoft Power Automate .

Microsoft fixes 0x800F081F errors causing Windows update failures

Microsoft has resolved a known issue that caused Windows updates to fail, leading to 0x800F081F errors on Windows 11 24H2 systems. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-0x800f081f-errors-causing-windows-update-failures/ Posted from: this blog via Microsoft Power Automate .

Visibility Gaps: Streamlining Patching and Vulnerability Remediation

Hidden visibility gaps can turn unpatched systems into open doors. Action1 gives IT teams unified visibility and automated control to detect, prioritize, and remediate vulnerabilities before attackers exploit them. [...] https://www.bleepingcomputer.com/news/security/visibility-gaps-streamlining-patching-and-vulnerability-remediation/ Posted from: this blog via Microsoft Power Automate .

Microsoft: Copilot now lets you build apps, automate workflows

​Microsoft announced today a new Microsoft 365 Copilot agent called App Builder that can help users create and deploy apps "in minutes." [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-copilot-now-lets-you-build-apps-automate-workflows/ Posted from: this blog via Microsoft Power Automate .

Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions

The Australian Competition and Consumer Commission (ACCC) is suing Microsoft for allegedly misleading 2.7 million Australians into paying for the Copilot AI assistant in the Microsoft 365 service. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-sued-for-allegedly-tricking-millions-into-copilot-m365-subscriptions/ Posted from: this blog via Microsoft Power Automate .

Google Chrome to warn users before opening insecure HTTP sites

Google announced today that the Chrome web browser will start warning users by default before connecting to insecure HTTP public websites beginning with Chrome 154 in October 2026. [...] https://www.bleepingcomputer.com/news/google/google-chrome-to-warn-users-before-opening-insecure-http-sites/ Posted from: this blog via Microsoft Power Automate .

TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs

Academic researchers developed a side-channel attack called TEE.Fail, which allows extracting secrets from the trusted execution environment in the CPU, the highly secure area of a system, such as Intel's SGX and TDX, and AMD's SEV-SNP. [...] https://www.bleepingcomputer.com/news/security/teefail-attack-breaks-confidential-computing-on-intel-amd-nvidia-cpus/ Posted from: this blog via Microsoft Power Automate .

TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs

Academic researchers developed a side-channel attack called TEE.Fail, which allows extracting secrets from the trusted execution environment in the CPU, the highly secure area of a system, such as Intel's SGX and TDX, and AMD's SEV-SNP. [...] https://www.bleepingcomputer.com/news/security/teefail-attack-breaks-confidential-computing-on-intel-amd-nvidia-cpus/ Posted from: this blog via Microsoft Power Automate .

Google Chrome to warn users before opening insecure HTTP sites

Google announced today that the Chrome web browser will start warning users by default before connecting to insecure HTTP public websites beginning with Chrome 154 in October 2026. [...] https://www.bleepingcomputer.com/news/google/google-chrome-to-warn-users-before-opening-insecure-http-sites/ Posted from: this blog via Microsoft Power Automate .

BiDi Swap: The bidirectional text trick that makes fake URLs look real

Attackers are abusing bidirectional text to make fake URLs look real, reviving a decade-old browser flaw now fueling new phishing tricks. Varonis reveals how the "BiDi Swap" technique works and what organizations need to watch out for. [...] https://www.bleepingcomputer.com/news/security/bidi-swap-the-bidirectional-text-trick-that-makes-fake-urls-look-real/ Posted from: this blog via Microsoft Power Automate .

New Atroposia malware comes with a local vulnerability scanner

A new malware-as-a-service (MaaS) platform named Atroposia provides cybercriminals a remote access trojan that combines capabilities for persistent access, evasion, data theft, and local vulnerability scanning. [...] https://www.bleepingcomputer.com/news/security/new-atroposia-malware-comes-with-a-local-vulnerability-scanner/ Posted from: this blog via Microsoft Power Automate .

New Herodotus Android malware fakes human typing to avoid detection

A new Android malware family, Herodotus, uses random delay injection in its input routines to mimic human behavior on mobile devices and evade timing-based detection by security software. [...] https://www.bleepingcomputer.com/news/security/new-herodotus-android-malware-fakes-human-typing-to-avoid-detection/ Posted from: this blog via Microsoft Power Automate .

New Herodotus Android malware fakes human typing to avoid detection

A new Android malware family, Herodotus, uses random delay injection in its input routines to mimic human behavior on mobile devices and evade timing-based detection by security software. [...] https://www.bleepingcomputer.com/news/security/new-herodotus-android-malware-fakes-human-typing-to-avoid-detection/ Posted from: this blog via Microsoft Power Automate .

Italian spyware vendor linked to Chrome zero-day attacks

A zero-day vulnerability in Google Chrome exploited in Operation ForumTroll earlier this year delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber ​​Group acquired the infamous Hacking Team. [...] https://www.bleepingcomputer.com/news/security/italian-spyware-vendor-linked-to-chrome-zero-day-attacks/ Posted from: this blog via Microsoft Power Automate .

Google says everyone will be able to vibe code video games

Google AI Studio product lead teased that everyone will be able to vibe code video games by the end of the year. [...] https://www.bleepingcomputer.com/news/google/google-says-everyone-will-be-able-to-vibe-code-video-games/ Posted from: this blog via Microsoft Power Automate .

Microsoft: New policy removes pre-installed Microsoft Store apps

Microsoft now allows IT administrators to remove pre-installed Microsoft Store apps (also known as in-box apps) using a new app management policy. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-now-lets-admins-remove-pre-installed-microsoft-store-apps-via-policy/ Posted from: this blog via Microsoft Power Automate .

CISA orders feds to patch actively exploited Windows Server WSUS flaw

The Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its catalog of security flaws exploited in attacks. [...] https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-windows-server-wsus-flaw-exploited-in-attacks/ Posted from: this blog via Microsoft Power Automate .

Hackers steal Discord accounts with RedTiger-based infostealer

Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and payment information. [...] https://www.bleepingcomputer.com/news/security/hackers-steal-discord-accounts-with-redtiger-based-infostealer/ Posted from: this blog via Microsoft Power Automate .

New 'CoPhish' technique wraps OAuth phishing in Microsoft Copilot

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. [...] https://www.bleepingcomputer.com/news/security/new-cophish-technique-wraps-oauth-phishing-in-microsoft-copilot/ Posted from: this blog via Microsoft Power Automate .

Hackers launch mass attacks exploiting outdated WordPress plugins

A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE). [...] https://www.bleepingcomputer.com/news/security/hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins/ Posted from: this blog via Microsoft Power Automate .

Critical WSUS flaw in Windows Server now exploited in attacks

Attackers are now exploiting a critical-severity Windows Server Update Service (WSUS) vulnerability, which already has publicly available proof-of-concept exploit code. [...] https://www.bleepingcomputer.com/news/security/hackers-now-exploiting-critical-windows-server-wsus-flaw-in-attacks/ Posted from: this blog via Microsoft Power Automate .

Amazon: This week’s AWS outage caused by major DNS failure

Amazon says a major DNS failure was behind a massive AWS (Amazon Web Services) outage that took down many websites and online services on Monday. [...] https://www.bleepingcomputer.com/news/technology/amazon-this-weeks-aws-outage-caused-by-major-dns-failure/ Posted from: this blog via Microsoft Power Automate .

Fake LastPass death claims used to breach password vaults

LastPass is warning customers of a phishing campaign sending emails with an access request to the password vault as part of a legacy inheritance process. [...] https://www.bleepingcomputer.com/news/security/fake-lastpass-death-claims-used-to-breach-password-vaults/ Posted from: this blog via Microsoft Power Automate .

How to reduce costs with self-service password resets

Password resets account for nearly 40% of IT help desk calls, costing orgs time and money. Specops Software's uReset lets users securely reset passwords with flexible MFA options like Duo, Okta, and Yubikey while enforcing identity verification to stop misuse. [...] https://www.bleepingcomputer.com/news/security/how-to-reduce-costs-with-self-service-password-resets/ Posted from: this blog via Microsoft Power Automate .

Mozilla: New Firefox extensions must disclose data collection practices

Starting next month, Mozilla will require Firefox extension developers to disclose whether their add-ons collect or share user data with third parties. [...] https://www.bleepingcomputer.com/news/software/mozilla-new-firefox-extensions-must-disclose-data-collection-practices/ Posted from: this blog via Microsoft Power Automate .

Meet the new Clippy: Microsoft unveils Copilot's "Mico" avatar

Today, Microsoft introduced Mico, a new and more personal avatar for the AI-powered Copilot digital assistant, which the company describes as human-centered. [...] https://www.bleepingcomputer.com/news/microsoft/meet-the-new-clippy-microsoft-unveils-copilots-mico-avatar/ Posted from: this blog via Microsoft Power Automate .

CISA warns of Lanscope Endpoint Manager flaw exploited in attacks

The Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager. [...] https://www.bleepingcomputer.com/news/security/cisa-warns-of-lanscope-endpoint-manager-flaw-exploited-in-attacks/ Posted from: this blog via Microsoft Power Automate .

Microsoft disables File Explorer preview for downloads to block attacks

Microsoft says that the File Explorer (formerly Windows Explorer) now automatically blocks previews for files downloaded from the Internet to block credential theft attacks via malicious documents. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-preview-pane-for-downloads-to-block-ntlm-theft-attacks/ Posted from: this blog via Microsoft Power Automate .

Zero Trust Has a Blind Spot—Your AI Agents

AI agents now act, decide, and access systems on their own — creating new blind spots Zero Trust can't see. Token Security helps organizations govern AI identities so every agent's access, intent, and action are verified and accountable. [...] https://www.bleepingcomputer.com/news/security/zero-trust-has-a-blind-spot-your-ai-agents/ Posted from: this blog via Microsoft Power Automate .

North Korean Lazarus hackers targeted European defense companies

North Korean Lazarus hackers compromised three European companies in the defense sector through a coordinated Operation DreamJob campaign leveraging fake recruitment lures. [...] https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-targeted-european-defense-companies/ Posted from: this blog via Microsoft Power Automate .

Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000

Security researchers collected $792,750 in cash after exploiting 56​​​​​​​ unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. [...] https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/ Posted from: this blog via Microsoft Power Automate .

Hackers exploiting critical "SessionReaper" flaw in Adobe Magento

Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. [...] https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-sessionreaper-flaw-in-adobe-magento/ Posted from: this blog via Microsoft Power Automate .

TARmageddon flaw in abandoned Rust library enables RCE attacks

A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. [...] https://www.bleepingcomputer.com/news/security/tarmageddon-flaw-in-abandoned-rust-library-enables-rce-attacks/ Posted from: this blog via Microsoft Power Automate .

Meta launches new anti-scam tools for WhatsApp and Messenger

Meta has announced new tools to help WhatsApp and Messenger users protect themselves from potential scams and secure their accounts. [...] https://www.bleepingcomputer.com/news/security/meta-launches-new-anti-scam-tools-for-whatsapp-and-messenger/ Posted from: this blog via Microsoft Power Automate .

PhantomCaptcha ClickFix attack targets Ukraine war relief orgs

A spearphishing attack that lasted a single day targeted members of the Ukrainian regional government administration and organizations critical for the war relief effort in Ukraine, including the International Committee of the Red Cross, UNICEF, and various NGOs. [...] https://www.bleepingcomputer.com/news/security/phantomcaptcha-clickfix-attack-targets-ukraine-war-relief-orgs/ Posted from: this blog via Microsoft Power Automate .

Sharepoint ToolShell attacks targeted orgs across four continents

Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. [...] https://www.bleepingcomputer.com/news/security/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/ Posted from: this blog via Microsoft Power Automate .

Hackers exploit 34 zero-days on first day of Pwn2Own Ireland

On the first day of Pwn2Own Ireland 2025, security researchers exploited 34 unique zero-days and collected $522,500 in cash awards. [...] https://www.bleepingcomputer.com/news/security/hackers-exploit-34-zero-days-on-first-day-of-pwn2own-ireland/ Posted from: this blog via Microsoft Power Automate .

Russian hackers evolve malware pushed in "I am not a robot" captchas

The Russian state-backed Star Blizzard hacker group has ramped up operations with new, constantly evolving malware families (NoRobot, MaybeRobot) deployed in complex delivery chains that start with ClickFix social engineering attacks. [...] https://www.bleepingcomputer.com/news/security/russian-hackers-evolve-malware-pushed-in-i-am-not-a-robot-clickfix-attacks/ Posted from: this blog via Microsoft Power Automate .

Maximizing gateway security: Beyond the basic configuration

Gateways can do more than route traffic, they can also strengthen your entire security posture. Learn how NordLayer combines ZTNA, firewalls, and private gateways to secure hybrid teams and keep networks compliant. [...] https://www.bleepingcomputer.com/news/security/maximizing-gateway-security-beyond-the-basic-configuration/ Posted from: this blog via Microsoft Power Automate .

Microsoft fixes bug preventing users from opening classic Outlook

Microsoft has fixed a major bug preventing Microsoft 365 users from launching the classic Outlook email client on Windows systems. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-preventing-users-from-opening-classic-outlook/ Posted from: this blog via Microsoft Power Automate .

Windows 11 KB5070773 emergency update fixes Windows Recovery issues

Microsoft has released an emergency update to fix the Windows Recovery Environment (WinRE), which became unusable on systems with USB mice and keyboards after installing the October 2025 security updates. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-usb-issue-that-made-windows-recovery-unusable/ Posted from: this blog via Microsoft Power Automate .

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been installed an estimated 35,800 times. [...] https://www.bleepingcomputer.com/news/security/self-spreading-glassworm-malware-hits-openvsx-vs-code-registries/ Posted from: this blog via Microsoft Power Automate .

Microsoft fixes Windows Server Active Directory sync issues

Microsoft is rolling out a fix for Active Directory issues affecting some Windows Server 2025 systems after installing security updates released since September. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-server-active-directory-sync-issues/ Posted from: this blog via Microsoft Power Automate .

Microsoft warns of Windows smart card auth issues after October updates

Microsoft says the October 2025 Windows security updates are causing smart card authentication and certificate issues due to a change designed to strengthen the Windows Cryptographic Services. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-october-security-updates-cause-windows-smart-card-auth-issues/ Posted from: this blog via Microsoft Power Automate .

AWS outage crashes Amazon, PrimeVideo, Fortnite, Perplexity and more

AWS outage has taken down millions of websites, including Amazon.com, PrimeVideo, Perplexity AI, Canva and more. [...] https://www.bleepingcomputer.com/news/technology/aws-outage-crashes-amazon-primevideo-fortnite-perplexity-and-more/ Posted from: this blog via Microsoft Power Automate .

TikTok videos continue to push infostealers in ClickFix attacks

Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware. [...] https://www.bleepingcomputer.com/news/security/tiktok-videos-continue-to-push-infostealers-in-clickfix-attacks/ Posted from: this blog via Microsoft Power Automate .

OpenAI confirms GPT-6 is not shipping in 2025

OpenAI is not planning to ship GPT-6 this year, but that doesn't necessarily mean the company will not release new models. [...] https://www.bleepingcomputer.com/news/artificial-intelligence/openai-confirms-gpt-6-is-not-shipping-in-2025/ Posted from: this blog via Microsoft Power Automate .

Google ads for fake Homebrew, LogMeIn sites push infostealers

A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. [...] https://www.bleepingcomputer.com/news/security/google-ads-for-fake-homebrew-logmein-sites-push-infostealers/ Posted from: this blog via Microsoft Power Automate .

ConnectWise fixes Automate bug allowing AiTM update attacks

ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification. [...] https://www.bleepingcomputer.com/news/security/connectwise-fixes-automate-bug-allowing-aitm-update-attacks/ Posted from: this blog via Microsoft Power Automate .

American Airlines subsidiary Envoy confirms Oracle data theft attack

Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site. [...] https://www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/ Posted from: this blog via Microsoft Power Automate .

Microsoft lifts more safeguard holds blocking Windows 11 updates

Microsoft has removed two more compatibility holds preventing customers from installing Windows 11 24H2 via Windows Update. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-more-safeguard-holds-blocking-windows-11-updates/ Posted from: this blog via Microsoft Power Automate .

Europol dismantles SIM box operation renting numbers for cybercrime

European law enforcement in an operation codenamed 'SIMCARTEL' has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5 million euros in losses. [...] https://www.bleepingcomputer.com/news/security/europol-dismantles-sim-box-operation-renting-numbers-for-cybercrime/ Posted from: this blog via Microsoft Power Automate .

VMware Certification: Your Next Career Power Move

VMware certification isn't just about passing exams — it's about mastering systems, proving expertise, and your career. Gain hands-on labs, discounts, and mentorship with VMUG Advantage to reach your next goal faster. [...] https://www.bleepingcomputer.com/news/security/vmware-certification-your-next-career-power-move/ Posted from: this blog via Microsoft Power Automate .

Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections

Microsoft's October Windows 11 updates have broken the "localhost" functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly. [...] https://www.bleepingcomputer.com/news/microsoft/windows-11-updates-break-localhost-127001-http-2-connections/ Posted from: this blog via Microsoft Power Automate .

Auction giant Sotheby’s says data breach exposed customer information

Major international auction house Sotheby's is notifying customers of a data breach incident on its systems where threat actors stole sensitive information, including financial details. [...] https://www.bleepingcomputer.com/news/security/auction-giant-sothebys-says-data-breach-exposed-customer-information/ Posted from: this blog via Microsoft Power Automate .

Hackers exploit Cisco SNMP flaw to deploy rootkit on switches

Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access. [...] https://www.bleepingcomputer.com/news/security/hackers-exploit-cisco-snmp-flaw-to-deploy-rootkit-on-switches/ Posted from: this blog via Microsoft Power Automate .

Microsoft disrupts ransomware attacks targeting Teams users

Microsoft has disrupted a wave of Rhysida ransomware attacks in early October by revoking over 200 certificates used to sign malicious Teams installers. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-disrupts-ransomware-attacks-targeting-teams-users/ Posted from: this blog via Microsoft Power Automate .

Microsoft: Office 2016 and Office 2019 have reach end of support

​​​​​Microsoft reminded customers this week that Office 2016 and Office 2019 have reached the end of extended support on October 14, 2025. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2016-and-office-2019-have-reach-end-of-support/ Posted from: this blog via Microsoft Power Automate .

YouTube is down worldwide with playback error

YouTube is currently facing a global outage, with users reporting playback errors on both the website and mobile apps. [...] https://www.bleepingcomputer.com/news/google/youtube-is-down-worldwide-with-playback-error/ Posted from: this blog via Microsoft Power Automate .

YouTube is down worldwide with playback error

YouTube is currently facing a global outage, with users reporting playback errors on both the website and mobile apps. [...] https://www.bleepingcomputer.com/news/google/youtube-is-down-worldwide-with-playback-error/ Posted from: this blog via Microsoft Power Automate .

Capita to pay £14 million for data breach impacting 6.6 million people

The Information Commissioner's Office (ICO) in the UK has fined Capita, a provider of data-driven business process services, £14 million ($18.7 million) for a data breach incident in 2023 that exposed the personal information of 6.6 million people. [...] https://www.bleepingcomputer.com/news/security/capita-to-pay-14-million-for-data-breach-impacting-66-million-people/ Posted from: this blog via Microsoft Power Automate .

Fake LastPass, Bitwarden breach alerts lead to PC hijacks

An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. [...] https://www.bleepingcomputer.com/news/security/fake-lastpass-bitwarden-breach-alerts-lead-to-pc-hijacks/ Posted from: this blog via Microsoft Power Automate .

F5 releases BIG-IP patches for stolen security vulnerabilities

Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. [...] https://www.bleepingcomputer.com/news/security/f5-releases-big-ip-patches-for-stolen-security-vulnerabilities/ Posted from: this blog via Microsoft Power Automate .

Microsoft: Sept Windows Server updates cause Active Directory issues

Microsoft has confirmed that the September 2025 security updates are causing Active Directory issues on Windows Server 2025 systems. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2025-windows-server-updates-cause-active-directory-issues/ Posted from: this blog via Microsoft Power Automate .

Clothing giant MANGO discloses data breach exposing customer info

Spanish fashion retailer MANGO is sending notices of a data breach to its customers, warning that its marketing vendor suffered a compromise exposing personal data. [...] https://www.bleepingcomputer.com/news/security/clothing-giant-mango-discloses-data-breach-exposing-customer-info/ Posted from: this blog via Microsoft Power Automate .

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors. [...] https://www.bleepingcomputer.com/news/security/malicious-crypto-stealing-vscode-extensions-resurface-on-openvsx/ Posted from: this blog via Microsoft Power Automate .

Final Windows 10 Patch Tuesday update rolls out as support ends

In what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final free update for the operating system as it reaches the end of its support lifecycle. [...] https://www.bleepingcomputer.com/news/microsoft/final-windows-10-patch-tuesday-update-rolls-out-as-support-ends/ Posted from: this blog via Microsoft Power Automate .

New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content. [...] https://www.bleepingcomputer.com/news/security/new-android-pixnapping-attack-steals-mfa-codes-pixel-by-pixel/ Posted from: this blog via Microsoft Power Automate .

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. Get patching! [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-october-2025-patch-tuesday-fixes-6-zero-days-172-flaws/ Posted from: this blog via Microsoft Power Automate .

Windows 11 KB5066835 and KB5066793 updates released

Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities and issues. [...] https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5066835-and-kb5066793-updates-released/ Posted from: this blog via Microsoft Power Automate .

US seizes $15 billion in crypto from 'pig butchering' kingpin

The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. [...] https://www.bleepingcomputer.com/news/security/us-seizes-15-billion-in-crypto-from-pig-butchering-kingpin/ Posted from: this blog via Microsoft Power Automate .

Windows 11 KB5066835 and KB5066793 updates released

Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities and issues. [...] https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5066835-and-kb5066793-updates-released/ Posted from: this blog via Microsoft Power Automate .

Oracles silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...] https://www.bleepingcomputer.com/news/security/oracles-silently-fixes-zero-day-exploit-leaked-by-shinyhunters/ Posted from: this blog via Microsoft Power Automate .

Chinese hackers abuse geo-mapping tool for year-long persistence

Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a web shell. [...] https://www.bleepingcomputer.com/news/security/chinese-hackers-abuse-geo-mapping-tool-for-year-long-persistence/ Posted from: this blog via Microsoft Power Automate .

Microsoft restricts IE mode access in Edge after zero-day attacks

Microsoft is restricting access to Internet Explorer mode in Edge browser after learning that hackers are leveraging zero-day exploits in the Chakra JavaScript engine for access to target devices. [...] https://www.bleepingcomputer.com/news/security/microsoft-restricts-ie-mode-access-in-edge-after-zero-day-attacks/ Posted from: this blog via Microsoft Power Automate .

SimonMed says 1.2 million patients impacted in January data breach

U.S. medical imaging provider SimonMed Imaging is notifying more than 1.2 million individuals of a data breach that exposed their sensitive information. [...] https://www.bleepingcomputer.com/news/security/simonmed-says-12-million-patients-impacted-in-january-data-breach/ Posted from: this blog via Microsoft Power Automate .

Massive multi-country botnet targets RDP services in the US

A large-scale botnet is targeting Remote Desktop Protocol (RDP) services in the United States from more than 100,000 IP addresses. [...] https://www.bleepingcomputer.com/news/security/massive-multi-country-botnet-targets-rdp-services-in-the-us/ Posted from: this blog via Microsoft Power Automate .

SonicWall VPN accounts breached using stolen creds in widespread attacks

Researchers warn that threat actors have compromised more than a hundred SonicWall SSLVPN accounts in a large-scale campaign using stolen, valid credentials. [...] https://www.bleepingcomputer.com/news/security/sonicwall-vpn-accounts-breached-using-stolen-creds-in-widespread-attacks/ Posted from: this blog via Microsoft Power Automate .

Oracle releases emergency patch for new E-Business Suite flaw

Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers. [...] https://www.bleepingcomputer.com/news/security/oracle-releases-emergency-patch-for-new-e-business-suite-flaw/ Posted from: this blog via Microsoft Power Automate .

Meet Varonis Interceptor: AI-Native Email Security

AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis' new Interceptor platform uses multimodal AI — vision, language, and behavior models — to detect zero-hour attacks and stop them before they reach users. [...] https://www.bleepingcomputer.com/news/security/meet-varonis-interceptor-ai-native-email-security/ Posted from: this blog via Microsoft Power Automate .

Microsoft: Windows 11 Media Creation Tool broken on Windows 10 PCs

Microsoft says the latest version of the Windows 11 Media Creation Tool (MCT) no longer works correctly on Windows 10 22H2 computers. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-media-creation-tool-broken-on-windows-10-pcs/ Posted from: this blog via Microsoft Power Automate .

Spain dismantles “GXC Team” cybercrime syndicate, arrests leader

Spanish Guardia Civil have dismantled the "GXC Team" cybercrime syndicate and arrested its alleged leader, a 25-year-old Brazilian known as "GoogleXcoder." [...] https://www.bleepingcomputer.com/news/security/spain-dismantles-gxc-team-cybercrime-syndicate-arrests-leader/ Posted from: this blog via Microsoft Power Automate .

Windows 11 23H2 Home and Pro reach end of support in 30 days

Microsoft has reminded customers again today that systems running Home and Pro editions of Windows 11 23H2 will stop receiving security updates next month. [...] https://www.bleepingcomputer.com/news/microsoft/windows-11-23h2-home-and-pro-reach-end-of-support-in-30-days/ Posted from: this blog via Microsoft Power Automate .

Cybersecurity For Dummies, 3rd Edition eBook FREE for a Limited Time

In today's hyper-connected world, cyber threats are more sophisticated and frequent than ever - ransomware, data breaches, and social engineering scams, targeting everyone from individuals to Fortune 500 companies. Right now, you can grab "Cybersecurity For Dummies, 3rd Edition" - a $29.99 value - completely FREE for a limited time. [...] https://www.bleepingcomputer.com/news/security/cybersecurity-for-dummies-3rd-edition-ebook-free-for-a-limited-time/ Posted from: this blog via Microsoft Power Automate .

Google Chrome to revoke notification access for inactive sites

Google is updating the Chrome web browser to automatically revoke notification permissions for websites that haven't been visited recently, to reduce alert overload. [...] https://www.bleepingcomputer.com/news/google/google-chrome-to-revoke-notification-access-for-inactive-sites/ Posted from: this blog via Microsoft Power Automate .

Copilot on Windows can now connect to email, create Office docs

Microsoft has upgraded its AI-powered Copilot digital assistant to connect to email accounts and generate Office documents from prompt outputs. [...] https://www.bleepingcomputer.com/news/microsoft/copilot-on-windows-can-now-connect-to-email-create-office-docs/ Posted from: this blog via Microsoft Power Automate .

Hackers now use Velociraptor DFIR tool in ransomware attacks

Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. [...] https://www.bleepingcomputer.com/news/security/hackers-now-use-velociraptor-dfir-tool-in-ransomware-attacks/ Posted from: this blog via Microsoft Power Automate .

Microsoft Defender mistakenly flags SQL Server as end-of-life

​Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to incorrectly tag SQL Server software as end-of-life. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-mistakenly-flags-sql-server-as-end-of-life/ Posted from: this blog via Microsoft Power Automate .

RondoDox botnet targets 56 n-day flaws in worldwide attacks

A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions. [...] https://www.bleepingcomputer.com/news/security/rondodox-botnet-targets-56-n-day-flaws-in-worldwide-attacks/ Posted from: this blog via Microsoft Power Automate .

Microsoft: Windows Backup now available for enterprise users

Microsoft announced this week the general availability of Windows Backup for Organizations, a new enterprise-grade backup tool that helps simplify backups and makes the transition to Windows 11 easier. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-backup-now-available-for-enterprise-users/ Posted from: this blog via Microsoft Power Automate .

From infostealer to full RAT: dissecting the PureRAT attack chain

Researchers map a campaign that escalated from a Python infostealer to a full PureRAT backdoor — loaders, evasions, and TLS-pinned C2. Join Huntress Labs' Tradecraft Tuesday for deep technical walkthroughs and live IOC guidance on the latest cybersecurity topics. [...] https://www.bleepingcomputer.com/news/security/from-infostealer-to-full-rat-dissecting-the-purerat-attack-chain/ Posted from: this blog via Microsoft Power Automate .

Hackers claim Discord breach exposed data of 5.5 million users

Discord says they will not be negotiating with threat actors who claim to have stolen the data of 5.5 million unique users from the company's Zendesk support system instance, including government IDs and partial payment information for some people. [...] https://www.bleepingcomputer.com/news/security/hackers-claim-discord-breach-exposed-data-of-55-million-users/ Posted from: this blog via Microsoft Power Automate .

Qilin ransomware claims Asahi brewery attack, leaks data

The Qilin ransomware group has claimed responsibility for the attack at Japanese beer maker Asahi, adding the company to its extortion page on the dark web yesterday. [...] https://www.bleepingcomputer.com/news/security/qilin-ransomware-claims-asahi-brewery-attack-leaks-data/ Posted from: this blog via Microsoft Power Automate .

Microsoft enables Exchange Online auto-archiving by default

Microsoft is enabling threshold-based auto-archiving by default in Exchange Online to prevent email flow issues caused by mailboxes filling up faster than expected. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-enables-exchange-online-auto-archiving-by-default-to-fight-overflowing-mailboxes/ Posted from: this blog via Microsoft Power Automate .

Crimson Collective hackers target AWS cloud instances for data theft

The 'Crimson Collective' threat group has been targeting AWS (Amazon Web Services) cloud environments for the past weeks, to steal data and extort companies. [...] https://www.bleepingcomputer.com/news/security/crimson-collective-hackers-target-aws-cloud-instances-for-data-theft/ Posted from: this blog via Microsoft Power Automate .

Hackers exploit auth bypass in Service Finder WordPress theme

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. [...] https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-in-service-finder-wordpress-theme/ Posted from: this blog via Microsoft Power Automate .

London police arrests suspects linked to nursery breach, child doxing

The UK Metropolitan Police has arrested two suspects following an investigation into the doxing of children online after a ransomware attack on a chain of London-based nurseries. [...] https://www.bleepingcomputer.com/news/security/london-police-arrests-suspects-linked-to-nursery-breach-child-doxing/ Posted from: this blog via Microsoft Power Automate .

Salesforce refuses to pay ransom over widespread data theft attacks

Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company's customers this year. [...] https://www.bleepingcomputer.com/news/security/salesforce-refuses-to-pay-ransom-over-widespread-data-theft-attacks/ Posted from: this blog via Microsoft Power Automate .

Clop exploited Oracle zero-day for data theft since early August

The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike. [...] https://www.bleepingcomputer.com/news/security/oracle-zero-day-exploited-in-clop-data-theft-attacks-since-early-august/ Posted from: this blog via Microsoft Power Automate .

North Korean hackers stole over $2 billion in crypto this year

North Korean hackers have stolen an estimated $2 billion worth of cryptocurrency assets in 2025, marking the largest annual total on record. [...] https://www.bleepingcomputer.com/news/cryptocurrency/north-korean-hackers-stole-over-2-billion-in-crypto-this-year/ Posted from: this blog via Microsoft Power Automate .

Electronics giant Avnet confirms breach, says stolen data unreadable

Electronic components distributor Avnet confirmed in a statement for BleepingComputer that it suffered a data breach but noted that the stolen data is unreadable without proprietary tools. [...] https://www.bleepingcomputer.com/news/security/electronics-giant-avnet-confirms-breach-says-stolen-data-unreadable/ Posted from: this blog via Microsoft Power Automate .

Microsoft kills more Microsoft Account bypasses in Windows 11

Microsoft is removing more methods that help users create local Windows accounts and bypass the Microsoft account requirement when installing Windows 11. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-blocks-more-tricks-to-skip-microsoft-account-setup-in-windows-11/ Posted from: this blog via Microsoft Power Automate .

Redefining Security Validation with AI-Powered Breach and Attack Simulation

Security teams are drowning in threat intel — but AI is changing that. AI-powered Breach and Attack Simulation turns new threats into real, testable scenarios in minutes — delivering proof that your defenses work, not just assumptions. Join the BAS Summit 2025 to see how AI redefines security validation. [...] https://www.bleepingcomputer.com/news/security/redefining-security-validation-with-ai-powered-breach-and-attack-simulation/ Posted from: this blog via Microsoft Power Automate .

Google's new AI bug bounty program pays up to $30,000 for flaws

This week, Google has launched an AI Vulnerability Reward Program dedicated to security researchers who find and report flaws in the company's AI systems. [...] https://www.bleepingcomputer.com/news/google/googles-new-ai-bug-bounty-program-pays-up-to-30-000-for-flaws/ Posted from: this blog via Microsoft Power Automate .

Redis warns of critical flaw impacting thousands of instances

The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. [...] https://www.bleepingcomputer.com/news/security/redis-warns-of-max-severity-flaw-impacting-thousands-of-instances/ Posted from: this blog via Microsoft Power Automate .

LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data

LinkedIn has filed a lawsuit against Delaware company ProAPIs Inc. and its founder and CTO, Rehmat Alam, for allegedly scraping legitimate data through more than a million fake accounts. [...] https://www.bleepingcomputer.com/news/legal/linkedin-sues-proapis-for-using-1m-fake-accounts-to-scrape-user-data/ Posted from: this blog via Microsoft Power Automate .

The role of Artificial Intelligence in today’s cybersecurity landscape

AI is transforming cybersecurity—from detecting phishing and insider threats to accelerating response. See how Waziuh, the open-source XDR and SIEM, integrates AI to turn raw security data into actionable insights and smarter threat hunting. [...] https://www.bleepingcomputer.com/news/security/the-role-of-artificial-intelligence-in-todays-cybersecurity-landscape/ Posted from: this blog via Microsoft Power Automate .

Steam and Microsoft warn of Unity flaw exposing gamers to attacks

A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. [...] https://www.bleepingcomputer.com/news/security/steam-and-microsoft-warn-of-unity-flaw-exposing-gamers-to-attacks/ Posted from: this blog via Microsoft Power Automate .

XWorm malware resurfaces with ransomware module, over 35 plugins

New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project last year. [...] https://www.bleepingcomputer.com/news/security/xworm-malware-resurfaces-with-ransomware-module-over-35-plugins/ Posted from: this blog via Microsoft Power Automate .

Oracle patches EBS zero-day exploited in Clop data theft attacks

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. [...] https://www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/ Posted from: this blog via Microsoft Power Automate .

Hackers exploited Zimbra flaw as zero-day using iCalendar files

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in zero-day attacks at the beginning of the year. [...] https://www.bleepingcomputer.com/news/security/hackers-exploited-zimbra-flaw-as-zero-day-using-icalendar-files/ Posted from: this blog via Microsoft Power Automate .

ParkMobile pays... $1 each for 2021 data breach that hit 22 million

ParkMobile has finally wrapped up a class action lawsuit over the platform's 2021 data breach that hit 22 million users. But there's a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. [...] https://www.bleepingcomputer.com/news/security/parkmobile-pays-1-each-for-2021-data-breach-that-hit-22-million/ Posted from: this blog via Microsoft Power Automate .

Leaked Apple iPad Pro M5 benchmark shows it's faster than some laptop CPUs

A new leaked benchmark shows Apple's alleged M5 chip on an iPad, and it's almost as fast as a desktop CPU. [...] https://www.bleepingcomputer.com/news/technology/leaked-apple-ipad-pro-m5-benchmark-shows-its-faster-than-some-laptop-cpus/ Posted from: this blog via Microsoft Power Automate .

OpenAI rolls out GPT Codex Alpha with early access to new models

OpenAI's Codex is already making waves in the vibe coding vertical, and it's now set to get even better. [...] https://www.bleepingcomputer.com/news/artificial-intelligence/openai-rolls-out-gpt-codex-alpha-with-early-access-to-new-models/ Posted from: this blog via Microsoft Power Automate .

OpenAI wants ChatGPT to be your emotional support

GPT-5 isn't as good as GPT-4o when it comes to emotional support, but that changes today. [...] https://www.bleepingcomputer.com/news/artificial-intelligence/openai-wants-chatgpt-to-be-your-emotional-support/ Posted from: this blog via Microsoft Power Automate .

OpenAI prepares $4 ChatGPT Go for several new countries

[...] https://www.bleepingcomputer.com/news/artificial-intelligence/openai-prepares-4-chatgpt-go-for-several-new-countries/ Posted from: this blog via Microsoft Power Automate .

Hackers steal identifiable Discord user data in third-party breach

Hackers stole partial payment information and personally identifying data associated with some Discord users after compromising a third-party customer service provider. [...] https://www.bleepingcomputer.com/news/security/hackers-steal-identifiable-discord-user-data-in-third-party-breach/ Posted from: this blog via Microsoft Power Automate .

Opera wants you to pay $19.90 per month for its new AI browser

Opera Neon is a new browser that puts AI in control of your tabs and browsing activities, but it'll cost $19.90 per month. [...] https://www.bleepingcomputer.com/news/artificial-intelligence/opera-wants-you-to-pay-1990-per-month-for-its-new-ai-browser/ Posted from: this blog via Microsoft Power Automate .

Signal adds new cryptographic defense against quantum attacks

Signal announced the introduction of Sparse Post-Quantum Ratchet (SPQR), a new cryptographic component designed to withstand quantum computing threats. [...] https://www.bleepingcomputer.com/news/security/signal-adds-new-cryptographic-defense-against-quantum-attacks/ Posted from: this blog via Microsoft Power Automate .

ShinyHunters launches Salesforce data leak site to extort 39 victims

An extortion group has launched a new data leak site to publicly extort dozens of companies impacted by a wave of Salesforce breaches, leaking samples of data stolen in the attacks. [...] https://www.bleepingcomputer.com/news/security/shinyhunters-starts-leaking-data-stolen-in-salesforce-attacks/ Posted from: this blog via Microsoft Power Automate .

Presenting AI to the Board as a CISO? Here’s a Template.

Boards want answers on AI: Where is it used? What risks does it create? How is it governed? Keep Aware released a free template to help CISOs present GenAI adoption, risk, exposure & controls clearly to leadership. [...] https://www.bleepingcomputer.com/news/security/presenting-ai-to-the-board-as-a-ciso-heres-a-template/ Posted from: this blog via Microsoft Power Automate .

Oracle links Clop extortion attacks to July 2025 vulnerabilities

Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. [...] https://www.bleepingcomputer.com/news/security/oracle-links-clop-extortion-attacks-to-july-security-flaws/ Posted from: this blog via Microsoft Power Automate .

Gmail business users can now send encrypted emails to anyone

Google says that Gmail enterprise users can now send end-to-end encrypted emails to people who use any email service or platform. [...] https://www.bleepingcomputer.com/news/google/gmail-business-users-can-now-send-encrypted-emails-to-anyone/ Posted from: this blog via Microsoft Power Automate .

Microsoft Outlook stops displaying inline SVG images used in attacks

Microsoft says Outlook for Web and the new Outlook for Windows will no longer display risky inline SVG images that are being used in attacks. [...] https://www.bleepingcomputer.com/news/security/microsoft-outlook-stops-displaying-inline-svg-images-used-in-attacks/ Posted from: this blog via Microsoft Power Automate .

DrayTek warns of remote code execution bug in Vigor routers

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform arbitrary code. [...] https://www.bleepingcomputer.com/news/security/draytek-warns-of-remote-code-execution-bug-in-vigor-routers/ Posted from: this blog via Microsoft Power Automate .

Clop extortion emails claim theft of Oracle E-Business Suite data

Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems [...] https://www.bleepingcomputer.com/news/security/clop-extortion-emails-claim-theft-of-oracle-e-business-suite-data/ Posted from: this blog via Microsoft Power Automate .

Data breach at dealership software provider impacts 766k clients

A ransomware attack at Motility Software Solutions, a provider of dealer management software (DMS), has exposed the sensitive data of 766,000 customers. [...] https://www.bleepingcomputer.com/news/security/data-breach-at-dealership-software-provider-impacts-766k-clients/ Posted from: this blog via Microsoft Power Automate .

Adobe Analytics bug leaked customer tracking data to other tenants

Adobe is warning its Analytics customers that an ingestion bug caused data from some organizations to appear in the analytics instances of others for approximately one day. [...] https://www.bleepingcomputer.com/news/security/adobe-analytics-bug-leaked-customer-tracking-data-to-other-tenants/ Posted from: this blog via Microsoft Power Automate .

New bug in classic Outlook can only be fixed via Microsoft support

Microsoft is investigating a known issue that causes the classic Outlook email client to crash upon launch, which can only be resolved via Exchange Online support. [...] https://www.bleepingcomputer.com/news/microsoft/new-bug-in-classic-outlook-can-only-be-fixed-via-microsoft-support/ Posted from: this blog via Microsoft Power Automate .

Android malware uses VNC to give attackers hands-on access

A new Android banking and remote access trojan (RAT) dubbed Klopatra disguised as an IPTV and VPN app has infected more than 3,000 devices across Europe. [...] https://www.bleepingcomputer.com/news/security/android-malware-uses-vnc-to-give-attackers-hands-on-access/ Posted from: this blog via Microsoft Power Automate .

F-Droid project threatened by Google's new dev registration rules

F-Droid is warning that the project could reach an end due to Google's new requirements for all Android developers to verify their identity. [...] https://www.bleepingcomputer.com/news/security/f-droid-project-threatened-by-googles-new-dev-registration-rules/ Posted from: this blog via Microsoft Power Automate .

Microsoft: Media Creation Tool broken on Windows 11 Arm64 PCs

After rolling out Windows 11 25H2, also known as Windows 11 2025 Update, Microsoft has confirmed that the Media Creation Tool has stopped working on devices with Arm64 CPUs. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-media-creation-tool-broken-on-windows-11-arm64-pcs/ Posted from: this blog via Microsoft Power Automate .