UK criminal records office confirms cyber incident behind portal issues


The UK's Criminal Records Office (ACRO) has finally confirmed, after weeks of delaying issuing a statement, that online portal issues experienced since January 17 resulted from what it described as a "cyber security incident." [...]


https://www.bleepingcomputer.com/news/se...al-issues/

Flipper Zero banned by Amazon for being a ‘card skimming device’


Amazon has banned the sale of the Flipper Zero portable multi-tool for pen-testers as it no longer allows its sale on the platform after tagging it as a card-skimming device. [...]


https://www.bleepingcomputer.com/news/te...g-device-/

FBI warns of companies exploiting sextortion victims for profit


For-profit companies reportedly linked to sextortion activity are targeting victims using various deceptive tactics to pressure them into paying for "assistance" services provided by non-profit agencies and law enforcement for free, the FBI warns. [...]


https://www.bleepingcomputer.com/news/se...or-profit/

Microsoft Edge can now generate images with AI


Microsoft Edge has become the first and only browser with an integrated AI image generator, allowing users to create images that do not exist yet, powered by the latest DALL∙E models from OpenAI. [...]


https://www.bleepingcomputer.com/news/mi...s-with-ai/

Massive Balada Injector campaign attacking WordPress sites since 2017


An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits "all known and recently discovered theme and plugin vulnerabilities" to inject a Linux backdoor that researchers named Balad Injector. [...]


https://www.bleepingcomputer.com/news/se...ince-2017/

MSI confirms security breach following ransomware attack claims


Following reports of a ransomware attack, Taiwanese PC vendor MSI (short for Micro-Star International) confirmed today that its network was breached in a cyberattack. [...]


https://www.bleepingcomputer.com/news/se...ck-claims/

Exploit available for critical bug in VM2 JavaScript sandbox library


Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that is used by multiple software to run code securely in a virtualized environment. [...]


https://www.bleepingcomputer.com/news/se...x-library/

Apple fixes two zero-days exploited to hack iPhones and Macs


Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads. [...]


https://www.bleepingcomputer.com/news/ap...-and-macs/

CISA orders agencies to patch Backup Exec bugs used by ransomware gang


On Friday, U.S. Cybersecurity and Infrastructure Security Agency (CISA) increased by five its list of security issues that threat actors have used in attacks, three of them in Veritas Backup Exec exploited to deploy ransomware. [...]


https://www.bleepingcomputer.com/news/se...ware-gang/

Microsoft delays Exchange Online CARs deprecation until 2024

Microsoft announced today that Client Access Rules (CARs) deprecation in Exchange Online will be delayed by one year until September 2024. [...]


https://www.bleepingcomputer.com/news/mi...ntil-2024/