Law enforcement authorities in Europe have arrested five suspects linked to a cryptocurrency investment fraud ring that stole over €100 million ($118 million) from more than 100 victims. [...]

Identity Governance doesn't have to be complex or costly. tenfold's free Community Edition helps orgs (up to 150 users) streamline onboarding, access reviews & M365 permissions — all with a no-code IGA platform. [...]

SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication. [...]

SonicWall has released a firmware update that can help customers remove rootkit malware deployed in attacks targeting SMA 100 series devices. [...]

GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale incidents recently. [...]

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a compromised machine. [...]

The disruptions over the weekend at several major European airports were caused by a ransomware attack targeting the check-in and boarding systems. [...]

​A vulnerability in the American Archive of Public Broadcasting's website allowed downloading of protected and private media for years, with the flaw quietly patched this month. [...]

Automotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers' data after gaining access to a third-party service provider's platform. [...]

A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft's Windows Error Reporting (WER) system. [...]

Microsoft has removed a compatibility hold that prevented devices with integrated cameras from installing Windows 11 24H2 due to a face detection bug causing app freezes. [...]

Mozilla has announced a new feature that enables Firefox extension developers to roll back to previously approved versions, allowing them to quickly address critical bugs and issues. [...]

LastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. [...]

Phishing isn't just email anymore. Attackers now use social media, chat apps & malicious ads to steal credentials. Push Security explains the latest tactics and shows how to stop multi-channel phishing where it happens — inside the browser. [...]

Microsoft has confirmed a known issue that prevents some apps from playing Digital Rights Management (DRM) protected video content or displaying and recording live TV. [...]

A gamer seeking financial support for cancer treatment lost $32,000 after downloading from Steam a verified game named BlockBlasters that drained his cryptocurrency wallet. [...]

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. [...]

The Royal Canadian Mounted Police has shut down the TradeOgre cryptocurrency exchange and seized more than $40 million believed to originate from criminal activities. [...]

Microsoft has begun rolling out the beta version of its AI-powered Gaming Copilot to Windows 11 systems for users aged 18 or older, excluding those in mainland China. [...]