bleepingcomputer

Android malware Konfety uses malformed APKs to evade detection

Konfety masquerades as legitimate applications but delivers none of the promised functionality. It is designed to fetch hidden ads, exfiltrate device data, and potentially load additional malicious modules dynamically.

Malicious VSCode extension in Cursor IDE led to $500K crypto theft

A malicious VSCode-compatible extension named Solidity Language distributed via the Cursor AI IDE's Open VSX registry led to the theft of $500,000 in cryptocurrency. The extension impersonated a legitimate Ethereum smart contract syntax highlighter.

WordPress Gravity Forms developer hacked to push backdoored plugins

A supply-chain attack has compromised the popular WordPress plugin Gravity Forms, affecting manual and composer installations of versions 2.9.11.1 and 2.9.12 downloaded between July 10 and 11, 2025.

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now

A critical pre-authentication remote code execution (RCE) vulnerability, tracked as CVE-2025-25257, has been disclosed in Fortinet FortiWeb. The flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers.

Google Gemini flaw hijacks email summaries for phishing

By embedding hidden instructions in emails, attackers can manipulate Gemini to generate misleading summaries that direct users to phishing sites—without using traditional indicators like attachments or links.

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes.

NVIDIA shares guidance to defend GDDR6 GPUs against Rowhammer attacks

NVIDIA is warning users to activate System Level Error-Correcting Code mitigation to protect against Rowhammer attacks on graphical processors with GDDR6 memory. New research demonstrates a Rowhammer attack against an NVIDIA A6000 GPU.

The zero-day that could've compromised every Cursor and Windsurf user

A security researcher stumbled upon a critical zero-day buried deep in the infrastructure powering today’s AI coding tools. Had it been exploited, a non-sophisticated attacker could’ve hijacked over 10 million machines with a single stroke.

Bitcoin Depot breach exposes data of nearly 27,000 crypto users

Bitcoin Depot has disclosed a data breach affecting nearly 27,000 customers. The breach exposed sensitive personal information typically collected during Know-Your-Customer (KYC) verification processes

New ServiceNow flaw lets attackers enumerate restricted data

A critical vulnerability in ServiceNow, tracked as CVE-2025-3648 and dubbed Count(er) Strike, allows low-privileged users to enumerate restricted data from protected tables. The flaw stems from overly permissive Access Control List configurations.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags