Fixed Intel
Shield

Malware & Threats

Malware analysis, threat intelligence, and emerging cyber threats

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
BleepingComputer
Malware & Threats

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers.

BleepingComputerApr 16, 20264m5
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
BleepingComputer
Malware & Threats

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces.

BleepingComputerApr 16, 20263m3
Google expands Gemini AI use to fight malicious ads on its platform
BleepingComputer
Malware & Threats

Google expands Gemini AI use to fight malicious ads on its platform

Google says it is increasingly using its Gemini AI models to detect and block harmful ads on its advertising platforms, as scammers and threat actors continue to evolve their tactics to evade detection.

BleepingComputerApr 16, 20263m3
New ATHR vishing platform uses AI voice agents for automated attacks
BleepingComputer
Malware & Threats

New ATHR vishing platform uses AI voice agents for automated attacks

A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase.

BleepingComputerApr 16, 20264m3
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
BleepingComputer
Malware & Threats

Most "AI SOCs" Are Just Faster Triage. That's Not Enough.

AI-powered SOC tools promise automation, but most only speed up triage instead of reducing real workload. Tines shows how real gains come from end-to-end workflows that execute actions across systems, not just summarize alerts.

BleepingComputerApr 16, 20265m3
Cisco says critical Webex Services flaw requires customer action
BleepingComputer
Malware & Threats

Cisco says critical Webex Services flaw requires customer action

Cisco has released security updates to patch four critical vulnerabilities, including a fixed improper certificate validation flaw in the company's cloud-based Webex Services platform that requires further customer action.

BleepingComputerApr 16, 20262m5
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
BleepingComputer
Malware & Threats

Data breach at edtech giant McGraw Hill affects 13.5 million accounts

The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company's Salesforce environment earlier this month.

BleepingComputerApr 16, 20263m5
US nationals behind DPRK IT worker 'laptop farm' sent to prison
BleepingComputer
Malware & Threats

US nationals behind DPRK IT worker 'laptop farm' sent to prison

Two U.S. nationals have been sent to prison for helping North Korean remote information technology (IT) workers to pose as U.S. residents and get hired by over 100 companies across the country, including many Fortune 500 firms.

BleepingComputerApr 16, 20263m5
Microsoft: April Windows Server 2025 update may fail to install
BleepingComputer
Malware & Threats

Microsoft: April Windows Server 2025 update may fail to install

Microsoft is investigating an issue causing this month's KB5082063 security update to fail to install on some Windows Server 2025 systems.

BleepingComputerApr 16, 20262m5
Critical Nginx UI auth bypass flaw now actively exploited in the wild
BleepingComputer
Malware & Threats

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication.

BleepingComputerApr 15, 20263m5
New AgingFly malware used in attacks on Ukraine govt, hospitals
BleepingComputer
Malware & Threats

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger.

BleepingComputerApr 15, 20264m5
WordPress plugin suite hacked to push malware to thousands of sites
BleepingComputer
Malware & Threats

WordPress plugin suite hacked to push malware to thousands of sites

More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them.

BleepingComputerApr 15, 20263m5