← Latest brief

Security news.

·Morning Brief

Today's security brief highlights a critical unpatched vulnerability in Alibaba's XQUIC library, active exploitation of cryptocurrency wallet flaws, and continued efforts by law enforcement against ransomware and cybercrime. We also see warnings about vishing attacks targeting Microsoft 365 users and a focus on patching critical web client flaws.

THNPATCH
2h agoREAD

Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

A critical, unpatched vulnerability dubbed "XRING" in Alibaba's XQUIC library allows remote clients to crash HTTP/3 servers with a small amount of legitimate traffic, requiring no authentication or malformed packets.

EXPLOIT
READ

Attackers Exploit 'Ill Bloom' Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

A flaw named 'Ill Bloom' in some crypto wallet software, related to weak randomness in recovery phrase generation, is actively being exploited, leading to over $3.1 million in stolen funds.

BLEEPINGPATCH
2h agoREAD

Zimbra Urges Customers to Patch Critical Web Client XSS Flaw

Zimbra is urging users to patch a critical cross-site scripting (XSS) vulnerability affecting its Classic Web Client for the Zimbra Collaboration suite.

SECURITYWEEK
3h agoREAD

Okta Warns of Vishing Attacks Targeting Microsoft 365 Customers

Okta has issued a warning regarding active vishing attacks, where threat actors call victims to direct them to sophisticated phishing sites impersonating Microsoft Entra ID login pages.

READ

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

A threat actor, O-UNC-066, is using vishing and a panel-controlled phishing kit to target Microsoft 365 users with fake security requests to enroll new Entra passkeys, aiming for data extortion.

SECURITYWEEKRANSOMWARE
1h agoREAD

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

Angelo Martino, a former ransomware negotiator, has been sentenced to 70 months in prison for his role in assisting the BlackCat/Alphv ransomware group target US companies.

THNMALWARE
3h agoREAD

Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

A cybercrime operation, now tracked as WP-SHELLSTORM, was exposed after leaving a server open, revealing hacking tools, activity logs, and a target list of over 1.4 million WordPress sites.

SECURITYWEEKNATION-STATE
5h agoREAD

GigaWiper Combines Multiple Malware for System-Level Sabotage

The destructive GigaWiper Windows backdoor bundles three older destructive programs, offering options for full disk wiping, overwriting Windows drives, or fake ransomware attacks.

Generated twice daily from public security RSS feeds. Informational only.