Tag: security

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death (BSOD) screens to trick users into manually compiling and executing malware on their systems. A BSOD is a Windows crash screen displayed when the operating system encounters a fatal, unrecoverable error that causes it to […]

Brightspeed, one of the largest fiber broadband companies in the United States, is investigating security breach and data theft claims made by the Crimson Collective extortion gang. Founded in 2022, the U.S. telecommunications and Internet service provider (ISP) serves rural and suburban communities across 20 states. “We take the security of our networks and protection […]

Update: Article updated to reflect that the ShinyHunters says they were not involved in this activity. We have updated our story and title. Threat actors associated with the “Scattered Lapsus$ Hunters” (SLH) claim to have breached the systems of cybersecurity firm Resecurity and stolen internal data, while Resecurity says the attackers only accessed a deliberately deployed […]

The Covenant Health organization has revised to nearly 500,000 the number of individuals affected by a data breach discovered last May. The healthcare entity initially reported in July that the data of 7,864 people had been exposed, but further analysis has revealed a larger impact. After completing “the bulk of its data analysis,” Covenant Health […]

Blockchain investigation firm TRM Labs says ongoing cryptocurrency thefts have been traced to the 2022 LastPass breach, with attackers draining wallets years after encrypted vaults were stolen and laundering the crypto through Russian exchanges. In 2022, LastPass disclosed that attackers breached its systems by compromising a developer environment, stealing portions of the company’s source code and […]

Over 10,000 Fortinet firewalls are still exposed online and vulnerable to ongoing attacks exploiting a five-year-old critical two-factor authentication (2FA) bypass vulnerability. Fortinet released FortiOS versions 6.4.1, 6.2.4, and 6.0.10 in July 2020 to address this flaw (tracked as CVE-2020-12812) and advised admins who couldn’t immediately patch to turn off username-case-sensitivity to block 2FA bypass […]

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is likely related to an “industry-wide” Sha1-Hulud attack in November. Trust Wallet, a crypto wallet used by over 200 million people, enables users to store, send, and receive Bitcoin, Ethereum, Solana, and thousands of other cryptocurrencies […]

2025 was a big year for cybersecurity, with major cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day vulnerabilities exploited in incidents. Some stories, though, were more impactful or popular with our readers than others. Below are fifteen of what BleepingComputer believes are the most impactful cybersecurity topics of 2025, with […]