Europol takes down “Ghost” encrypted messaging platform used for crime

Europol and law enforcement from nine countries successfully dismantled an encrypted communications platform called “Ghost,” which was used by organized crime such as drug trafficking and money laundering. Ghost featured advanced security and anonymization features, allowing the purchase of subscriptions with cryptocurrency, featuring three encryption layers, and a message self-destruction system that eliminated evidence from the […]

X hacking spree fuels “$HACKED” crypto token pump-and-dump

An X account hacking spree has fueled a successful pump-and-dump scheme for the $HACKED Solana token, with people rushing to buy the coin. The hacked accounts include MoneyControl (1.4 million followers), People Magazine (7.8 million), and even EUinmyRegion (an account operated by the European Commission), with close to 100K followers. The hacking spree started at approximately 2:00 […]

Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware

Image: Midjourney​Microsoft says a ransomware affiliate it tracks as Vanilla Tempest now targets U.S. healthcare organizations in INC ransomware attacks. INC Ransom is a ransomware-as-a-service (RaaS) operation whose affiliates have targeted public and private organizations since July 2023, including Yamaha Motor Philippines, the U.S. division of Xerox Business Solutions(XBS), and, more recently, Scotland’s National Health […]

GitLab releases fix for critical SAML authentication bypass flaw

GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE). Security Assertion Markup Language (SAML) is a single sign-on (SSO) authentication protocol that allows users to log in across different services using the same credentials. The flaw, tracked as […]

Broadcom fixes critical RCE bug in VMware vCenter Server

Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. vCenter Server is the central management hub for VMware’s vSphere suite, helping administrators manage and monitor virtualized infrastructure. The vulnerability (CVE-2024-38812), reported by TZL security researchers during China’s 2024 Matrix Cup hacking contest, is […]

Construction firms breached in brute force attacks on accounting software

Hackers are brute-forcing passwords for highly privileged accounts on exposed Foundation accounting servers, widely used in the construction industry, to breach corporate networks. The malicious activity was first spotted by Huntress, whose researchers detected the attacks on September 14, 2024. Huntress has already seen active breaches through these attacks at plumbing, HVAC, concrete, and other […]

Cloudflare outage cuts off access to websites in some regions

A rolling Cloudflare outage is impacting access to web sites worldwide, including BleepingComputer, with sites working in some regions and not others. While Cloudflare says they are currently conducting scheduled maintenance in Sinagpore and Nashville, its status page does not indicate any problems. However, for many users worldwide, when attempting to access websites utilizing Cloudflare, […]