Windows Snipping Tool now lets you create animated GIF recordings
Microsoft announced that the Windows screenshot and screencast Snipping Tool utility is getting support for exporting animated GIF recordings. [...]
Bleeping Computer.
Russian hackers bypass Gmail MFA using stolen app passwords
2 months ago
Russian hackers bypass multi-factor authentication and access Gmail accounts by leveraging app-specific passwords in advanced social engineering attacks that impersonate U.S. Department of State officials. [...]
Ionut Ilascu
WordPress Motors theme flaw mass-exploited to hijack admin accounts
2 months ago
Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme "Motors" to hijack administrator accounts and gain complete control of a targeted site. [...]
Bill Toulas
BitoPro exchange links Lazarus hackers to $11 million crypto heist
2 months ago
The Taiwanese cryptocurrency exchange BitoPro claims the North Korean hacking group Lazarus is behind a cyberattack that led to the theft of $11,000,000 worth of cryptocurrency on May 8, 2025. [...]
Bill Toulas
Microsoft investigates OneDrive bug that breaks file search
2 months ago
Microsoft is investigating a known OneDrive issue that is causing searches to appear blank for some users or return no results even when searching for files they know they've already uploaded. [...]
Sergiu Gatlan
Cloudflare blocks record 7.3 Tbps DDoS attack against hosting provider
2 months ago
Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack in May 2025 that peaked at 7.3 Tbps, targeting a hosting provider. [...]
Bill Toulas
Aflac discloses breach amidst Scattered Spider insurance attacks
2 months ago
On Friday, American insurance giant Aflac disclosed that its systems were breached in a broader campaign targeting insurance companies across the United States by attackers who may have stolen personal and health information. [...]
Sergiu Gatlan
Can users reset their own passwords without sacrificing security?
2 months ago
Self-service password resets (SSPR) reduce helpdesk strain—but without strong security, they can open the door to attackers. Learn why phishing-resistant MFA, context-aware verification, and risk-based detection are critical to secure SSPR implementation. [...]
Sponsored by Specops Software
Microsoft to remove legacy drivers from Windows Update for security boost
2 months ago
Microsoft has announced plans to periodically remove legacy drivers from the Windows Update catalog to mitigate security and compatibility risks. [...]
Sergiu Gatlan
No, the 16 billion credentials leak is not a new data breach
2 months ago
News broke today of a "mother of all breaches," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. [...]
Lawrence Abrams
Godfather Android malware now uses virtualization to hijack banking apps
2 months ago
A new version of the Android malware "Godfather" creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. [...]
Bill Toulas
Webinar: Stolen credentials are the new front door to your network
2 months ago
Cybercriminals no longer need zero-days to breach your systems—these days, they just log in. Join BleepingComputer, SC Media, and Specops Software's Darren Siegel on July 9 at 2:00 PM ET for a live webinar on how attackers are using stolen credentials to infiltrate networks and how you can stop them. [...]
BleepingComputer
OpenAI’s Sam Altman discusses GPT-5 release date
2 months ago
ChatGPT's next big upgrade, or the new foundational model "GPT-5," is still being prepared for a release in the summer, but OpenAI won't share the specifics. [...]
Mayank Parmar
US recovers $225 million of crypto stolen in investment scams
2 months ago
The U.S. Department of Justice has seized more than $225 million in cryptocurrency linked to investment fraud and money laundering operations, the largest crypto seizure in the history of the U.S. Secret Service. [...]
Bill Toulas
Special Webinar: Key Insights from Verizon’s 2025 DBIR
2 months ago
GenAI, credential theft, third-party risks—Verizon's 2025 DBIR reveals what's putting your org at risk. Join DBIR author Alex Pinto & LayerX CEO Or Eshed as they break down this year's key insights and defense strategies. Don't miss the webinar—register now. [...]
Sponsored by LayerX
Microsoft unveils new security defaults for Windows 365 Cloud PCs
2 months ago
Microsoft has announced new Windows 365 security defaults starting in the second half of 2025 and affecting newly provisioned and reprovisioned Cloud PCs. [...]
Sergiu Gatlan
ChatGPT will analyze Gmail emails, manage schedule on Google Calendar
2 months ago
ChatGPT appears to be testing support for Gmail and Google Calendar integration. This will allow users to summarise emails and create events. [...]
Mayank Parmar
DuckDuckGo beefs up scam defense to block fake stores, crypto sites
2 months ago
The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and "scareware" sites. [...]
Bill Toulas
Telecom giant Viasat breached by China's Salt Typhoon hackers
2 months ago
Satellite communications company Viasat is the latest victim of China's Salt Typhoon cyber-espionage group, which has previously hacked into the networks of multiple other telecom providers in the United States and worldwide. [...]
Sergiu Gatlan
Krispy Kreme says November data breach impacts over 160,000 people
2 months ago
U.S. doughnut chain Krispy Kreme confirmed that attackers stole the personal information of over 160,000 individuals in a November 2024 cyberattack. [...]
Sergiu Gatlan
Checked
5 hours 23 minutes ago
BleepingComputer - All Stories
Bleeping Computer. feed