Fake Microsoft Office add-in tools push malware via SourceForge

Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both mine and steal cryptocurrency. SourceForge.net is a legitimate software hosting and distribution platform that also supports version control, bug tracking, and dedicated forums/wikis, making it very popular among open-source project communities. Although its open project submission model […]

Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws

Tag CVE ID CVE Title Severity Active Directory Domain Services CVE-2025-29810 Active Directory Domain Services Elevation of Privilege Vulnerability Important ASP.NET Core CVE-2025-26682 ASP.NET Core and Visual Studio Denial of Service Vulnerability Important Azure Local CVE-2025-27489 Azure Local Elevation of Privilege Vulnerability Important Azure Local Cluster CVE-2025-26628 Azure Local Cluster Information Disclosure Vulnerability Important Azure […]

EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher

EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. The reported vulnerabilities are CVE-2025-24061 (Mark of the Web bypass) and CVE-2025-24071 (File Explorer spoofing), which Microsoft addressed during the March 2025 […]

Six arrested for AI-powered investment scams that stole $20 million

Spain’s police arrested six individuals behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to lure people. The scam was very successful, defrauding 19 million Euros ($20.9M) from 208 victims worldwide. The police operation, codenamed “COINBLACK – WENDMINE,” started two years ago following the submission of […]

Google fixes Android zero-days exploited in attacks, 60 other flaws

Google has released patches for 62 vulnerabilities in Android’s April 2025 security update, including two zero-days exploited in targeted attacks. One of the zero-days, a high-severity privilege escalation security vulnerability (CVE-2024-53197) in the Linux kernel’s USB-audio driver for ALSA Devices, was reportedly exploited by Serbian authorities to unlock confiscated Android devices as part of a zero-day exploit chain developed […]

E-ZPass toll payment texts return in massive phishing wave

An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority that attempts to […]

Carding tool abusing WooCommerce API downloaded 34K times on PyPI

A newly discovered malicious PyPi package named ‘disgrasya’ that abuses legitimate WooCommerce stores for validating stolen credit cards has been downloaded over 34,000 times from the open-source package platform. The script specifically targeted WooCommerce stores using the CyberSource payment gateway to validate cards, which is a key step for carding actors who need to evaluate thousands of stolen […]

Coinbase to fix 2FA account activity entry freaking out users

Coinbase is fixing a misleading account activity message that has caused confusion and anxiety, making users think their credentials were compromised. Over the past couple of weeks, numerous people have contacted BleepingComputer about concerns that they think Coinbase has a serious security issue. After receiving Coinbase phishing emails or texts, they logged into their accounts […]