Author: BleepingComputer

Malicious PyPi package steals Discord auth tokens from devs
Summary: A malicious package named ‘pycord-self’ has been discovered on the Python package index (PyPI), targeting Discord developers to steal authentication tokens and establish a backdoor for remote control. This package masquerades as the legitimate ‘discord.py-self’ library, which has a significant user base. The malicious code enables attackers to hijack accounts and maintain persistent access to victims’ systems.…
Read More
Otelier data breach exposes info, hotel reservations of millions
Summary: Otelier, a hotel management platform, experienced a significant data breach after threat actors accessed its Amazon S3 cloud storage, compromising millions of guests’ personal information and reservations from major hotel brands. The breach, which began in July 2024 and continued through October, involved the theft of approximately 7.8 terabytes of data, including sensitive information from Marriott, Hilton, and Hyatt.…
Read More
FCC orders telecoms to secure their networks after Salt Tyhpoon hacks
Summary: The FCC has mandated U.S. telecommunications carriers to enhance their cybersecurity measures following the Salt Typhoon breaches that compromised multiple networks. This ruling requires telecom companies to secure their systems against cyberattacks and submit annual certifications of their cybersecurity risk management plans. The action aims to address vulnerabilities exposed by the breaches attributed to a Chinese hacking group, emphasizing the urgent need for improved defenses against nation-state threats.…
Read More
GDPR complaints filed against TikTok, Temu for sending user data to China
Summary: The non-profit privacy advocacy group “None of Your Business” (noyb) has filed six complaints against TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi for unlawfully transferring European user data to China, violating the EU’s GDPR. Founded by privacy activist Max Schrems, noyb aims to hold companies accountable for privacy rights violations, particularly regarding data transfers and online tracking.…
Read More
W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
Summary: A critical vulnerability in the W3 Total Cache plugin, used by over a million WordPress sites, could allow attackers to access sensitive information and perform unauthorized actions. Despite a patch being released, many sites remain unprotected, leaving them open to exploitation. The flaw, tracked as CVE-2024-12365, poses significant risks including Server-Side Request Forgery (SSRF) and information disclosure.…
Read More
US cracks down on North Korean IT worker army with more sanctions
Summary: The U.S. Treasury Department has imposed sanctions on a network linked to North Korea’s Ministry of National Defense, which has been generating revenue through illegal remote IT work. The sanctions target specific companies and individuals involved in these schemes, highlighting North Korea’s reliance on overseas IT workers to fund its weapons programs and support for Russia.…
Read More
FTC sues GoDaddy for years of poor hosting security practices
Summary: The Federal Trade Commission (FTC) has mandated GoDaddy to enhance its security measures, including implementing multi-factor authentication and HTTPS APIs, due to significant security failures since 2018. The FTC’s complaint highlights GoDaddy’s misleading claims about its security practices, which left millions of customers vulnerable to breaches.…
Read More
Biden signs executive order to bolster national cybersecurity
Summary: President Joe Biden signed an executive order aimed at enhancing U.S. cybersecurity by facilitating sanctions against hacking groups targeting federal agencies and critical infrastructure. The order addresses the ongoing threats posed by ransomware gangs and foreign actors, particularly from China, Russia, and Iran. It builds on previous efforts to strengthen cybersecurity measures across federal systems and critical infrastructure.…
Read More
MFA Failures – The Worst is Yet to Come
Summary: The article discusses the increasing ineffectiveness of legacy Multi-Factor Authentication (MFA) systems in the face of sophisticated cyber threats, particularly phishing and ransomware attacks. It highlights the role of generative AI in enhancing these attacks and emphasizes the urgent need for organizations to adopt next-generation MFA solutions that do not rely on user vigilance.…
Read More
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
Summary: A new hacking group known as the Belsen Group has leaked sensitive configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices on the dark web. This data dump, which includes critical technical information, was released to promote the group and is believed to be linked to a previously exploited zero-day vulnerability.…
Read More
SAP fixes critical vulnerabilities in NetWeaver application servers
Summary: SAP has addressed two critical vulnerabilities in its NetWeaver web application server that could lead to privilege escalation and unauthorized access to sensitive information. Alongside these critical fixes, SAP also released patches for 12 additional vulnerabilities rated medium to high severity. The company urges customers to promptly apply these updates to safeguard their SAP environments.…
Read More
CISA shares guidance for Microsoft expanded logging capabilities
Summary: CISA has released guidance for government agencies and enterprises on utilizing expanded cloud logs in Microsoft 365 for forensic and compliance investigations. The new Microsoft Purview Audit (Standard) logging capabilities enhance threat-hunting efforts, particularly in response to a significant Exchange Online breach attributed to the threat actor Storm-0558.…
Read More
Label giant Avery says website hacked to steal credit cards
Summary: Avery Products Corporation has reported a data breach resulting from a hack on their website, which compromised customers’ credit card and personal information. The breach occurred between July 18, 2024, and December 9, 2024, affecting over 61,000 customers. Avery is offering free credit monitoring services to those impacted and has set up a dedicated assistance line for inquiries related to the incident.…
Read More