Fixed Intel
Shield

Malware & Threats

Malware analysis, threat intelligence, and emerging cyber threats

13-year-old bug in ActiveMQ lets hackers remotely execute commands
BleepingComputer
Malware & Threats

13-year-old bug in ActiveMQ lets hackers remotely execute commands

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone undetected for 13 years and could be exploited to execute arbitrary commands.

BleepingComputerApr 8, 20263m5
Is a $30,000 GPU Good at Password Cracking?
BleepingComputer
Malware & Threats

Is a $30,000 GPU Good at Password Cracking?

A $30,000 AI GPU doesn't outperform consumer GPUs at password cracking. Specops explains why attackers don't need exotic hardware to break weak passwords.

BleepingComputerApr 8, 20265m5
Microsoft rolls out fix for broken Windows Start Menu search
BleepingComputer
Malware & Threats

Microsoft rolls out fix for broken Windows Start Menu search

Microsoft has pushed a server-side fix for a known issue that broke the Windows Start Menu search feature on some Windows 11 23H2 devices.

BleepingComputerApr 8, 20263m5
Hackers exploit critical flaw in Ninja Forms WordPress plugin
BleepingComputer
Malware & Threats

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.

BleepingComputerApr 7, 20263m5
FBI: Americans lost a record $21 billion to cybercrime last year
BleepingComputer
Malware & Threats

FBI: Americans lost a record $21 billion to cybercrime last year

U.S. victims lost nearly $21 billion to cyber-enabled crimes last year, driven primarily by investment scams, business email compromise, tech support fraud, and data breaches, the Federal Bureau of Investigation says.

BleepingComputerApr 7, 20263m5
Snowflake customers hit in data theft attacks after SaaS integrator breach
BleepingComputer
Malware & Threats

Snowflake customers hit in data theft attacks after SaaS integrator breach

Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen.

BleepingComputerApr 7, 20263m5
US warns of Iranian hackers targeting critical infrastructure
BleepingComputer
Malware & Threats

US warns of Iranian hackers targeting critical infrastructure

Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. critical infrastructure organizations.

BleepingComputerApr 7, 20263m5
Max severity Flowise RCE vulnerability now exploited in attacks
BleepingComputer
Malware & Threats

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code.

BleepingComputerApr 7, 20263m5
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
BleepingComputer
Malware & Threats

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials.

BleepingComputerApr 7, 20265m5
Why Your Automated Pentesting Tool Just Hit a Wall
BleepingComputer
Malware & Threats

Why Your Automated Pentesting Tool Just Hit a Wall

Automated pentesting tools deliver strong early results, then quickly plateau. Picus Security explains how the "PoC cliff" leaves major attack surfaces untested and creates a dangerous validation gap.

BleepingComputerApr 7, 20268m5
German authorities identify REvil and GangCrab ransomware bosses
BleepingComputer
Malware & Threats

German authorities identify REvil and GangCrab ransomware bosses

The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021.

BleepingComputerApr 6, 20263m5
German authorities identify REvil and GandCrab ransomware bosses
BleepingComputer
Malware & Threats

German authorities identify REvil and GandCrab ransomware bosses

The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021.

BleepingComputerApr 6, 20263m5