Blog

CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. The security bug (tracked as CVE-2024-36401) is a critical remote code execution (RCE) vulnerability patched on June 18, 2024. CISA added the flaw to its catalog of actively exploited […]

Law enforcement authorities in Europe have arrested five suspects linked to a cryptocurrency investment fraud ring that stole over €100 million ($118 million) from more than 100 victims. The joint operation started in September 2020 and was carried out by investigative teams from Spain, Portugal, Bulgaria, Italy, Lithuania, and Romania, coordinated by Eurojust and supported […]

The disruptions over the weekend at several major European airports were caused by a ransomware attack targeting the check-in and boarding systems. Among the airports suffering technical difficulties are Heathrow in London, Brussels Airport, and Brandenburg in Berlin. Cork and Dublin airports in Ireland also experienced difficulties, but the impact was minor. The attack started […]

​A vulnerability in the American Archive of Public Broadcasting’s website allowed downloading of protected and private media for years, with the flaw quietly patched this month. BleepingComputer was tipped about the flaw by a cybersecurity researcher who asked to remain anonymous, stating that the flaw has been exploited since at least 2021, even after the researcher […]

Automotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers’ data after gaining access to a third-party service provider’s platform. Stellantis is a multinational corporation formed in 2021 after the merger of the PSA Group (Peugeot Société Anonyme) and Fiat Chrysler Automobiles (FCA). Stellantis is currently one of the largest […]

A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft’s Windows Error Reporting (WER) system. The technique eliminates the need of a vulnerable driver and puts security agents like endpoint detection and response (EDR) tools into a state of hibernation. By using the WER framework together […]

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor tokens” and a vulnerability in the Azure AD Graph API (CVE-2025-55241) that allowed the tokens to work with any organization’s Entra ID environment. A […]