Shield

Malware & Threats

Malware analysis, threat intelligence, and emerging cyber threats

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw.

BleepingComputerApr 24, 20263m2

Microsoft now lets admins uninstall Copilot on enterprise devices

BleepingComputer

Malware & Threats

Microsoft now lets admins uninstall Copilot on enterprise devices

Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April 2026 Patch Tuesday.

BleepingComputerApr 24, 20262m2

Hackers exploit file upload bug in Breeze Cache WordPress plugin

BleepingComputer

Malware & Threats

Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication.

BleepingComputerApr 23, 20262m2

Bitwarden CLI npm package compromised to steal developer credentials

BleepingComputer

Malware & Threats

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

BleepingComputerApr 23, 20264m3

Trigona ransomware attacks use custom exfiltration tool to steal data

BleepingComputer

Malware & Threats

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently.

BleepingComputerApr 23, 20263m3

New Checkmarx supply-chain breach affects KICS analysis tool

BleepingComputer

Malware & Threats

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments.

BleepingComputerApr 23, 20263m3

Cosmetics giant Rituals discloses data breach affecting customers

BleepingComputer

Malware & Threats

Cosmetics giant Rituals discloses data breach affecting customers

Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its "My Rituals" membership database.

BleepingComputerApr 23, 20262m4

Regular Password Resets Aren’t as Safe as You Think

BleepingComputer

Malware & Threats

Regular Password Resets Aren’t as Safe as You Think

Password resets are one of the easiest ways for attackers to bypass security controls. Specops Software shows how helpdesk social engineering turns a seemingly legitimate reset request into full account compromise.

BleepingComputerApr 23, 20265m4

Microsoft: Some Teams users can’t join meetings after Edge update

BleepingComputer

Malware & Threats

Microsoft: Some Teams users can’t join meetings after Edge update

Microsoft confirmed that a recent Microsoft Edge browser update introduced a bug that prevents Windows users from joining Teams meetings.

BleepingComputerApr 23, 20262m4

UK warns of Chinese hackers using proxy networks to evade detection

BleepingComputer

Malware & Threats

UK warns of Chinese hackers using proxy networks to evade detection

The United Kingdom's National Cyber Security Centre (NCSC-UK) and international partners warned that China-nexus hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade detection and disguise their malicious activity.

BleepingComputerApr 23, 20263m4

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

BleepingComputer

Malware & Threats

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities.

BleepingComputerApr 23, 20263m4

CISA orders feds to patch BlueHammer flaw exploited as zero-day

BleepingComputer

Malware & Threats

CISA orders feds to patch BlueHammer flaw exploited as zero-day

CISA has ordered U.S. federal agencies to patch a Microsoft Defender privilege escalation flaw (dubbed BlueHammer) that has been exploited in zero-day attacks.

BleepingComputerApr 23, 20263m3