BolhaSec
@bolhasec.com
#bolhasec pra ser retweetado
@sushicomabacate.com
@sushicomabacate.com
Notícia da BleepingComputer
"1Password adds pop-pup warnings for suspected phishing sites" #bolhasec
"1Password adds pop-pup warnings for suspected phishing sites" #bolhasec
1Password adds pop-up warnings for suspected phishing sites
The 1Password digital vault and password manager has added built-in protection against phishing URLs to help users identify malicious pages and prevent them from sharing account credentials with threa...
www.bleepingcomputer.com
January 31, 2026 at 5:30 PM
Notícia da BleepingComputer
"1Password adds pop-pup warnings for suspected phishing sites" #bolhasec
"1Password adds pop-pup warnings for suspected phishing sites" #bolhasec
Notícia da SecurityWeek
"Brightspeed Investigating Cyberattack" #bolhasec
"Brightspeed Investigating Cyberattack" #bolhasec
Brightspeed Investigating Cyberattack
Brightspeed is investigating a cyberattack after hackers claimed the theft of personal information pertaining to over 1 million customers.
www.securityweek.com
January 31, 2026 at 4:30 PM
Notícia da SecurityWeek
"Brightspeed Investigating Cyberattack" #bolhasec
"Brightspeed Investigating Cyberattack" #bolhasec
Notícia da BleepingComputer
"Google rolls out Android theft protection feature updates" #bolhasec
"Google rolls out Android theft protection feature updates" #bolhasec
Google rolls out Android theft protection feature updates
Google has introduced stronger Android authentication safeguards and enhanced recovery tools to make smartphones more challenging targets for thieves.
www.bleepingcomputer.com
January 31, 2026 at 3:30 PM
Notícia da BleepingComputer
"Google rolls out Android theft protection feature updates" #bolhasec
"Google rolls out Android theft protection feature updates" #bolhasec
Notícia da BleepingComputer
"How generative AI accelerates identity attacks against Active Directory" #bolhasec
"How generative AI accelerates identity attacks against Active Directory" #bolhasec
How generative AI accelerates identity attacks against Active Directory
Generative AI is accelerating password attacks against Active Directory, making credential abuse faster and more effective. Specops Software explains how AI-driven cracking techniques exploit weak and...
www.bleepingcomputer.com
January 31, 2026 at 2:30 PM
Notícia da BleepingComputer
"How generative AI accelerates identity attacks against Active Directory" #bolhasec
"How generative AI accelerates identity attacks against Active Directory" #bolhasec
Notícia da BleepingComputer
"6 Okta security settings you might have overlooked" #bolhasec
"6 Okta security settings you might have overlooked" #bolhasec
6 Okta security settings you might have overlooked
Okta misconfigurations can quietly weaken identity security as SaaS environments evolve. Nudge Security shows six Okta security settings teams often overlook and how to fix them.
www.bleepingcomputer.com
January 31, 2026 at 12:30 PM
Notícia da BleepingComputer
"6 Okta security settings you might have overlooked" #bolhasec
"6 Okta security settings you might have overlooked" #bolhasec
Notícia da BleepingComputer
"New Microsoft Teams feature will let you report suspicious calls" #bolhasec
"New Microsoft Teams feature will let you report suspicious calls" #bolhasec
New Microsoft Teams feature will let you report suspicious calls
Microsoft plans to introduce a call reporting feature in Teams by mid-March, allowing users to flag suspicious or unwanted calls as potential scams or phishing attempts.
www.bleepingcomputer.com
January 31, 2026 at 11:30 AM
Notícia da BleepingComputer
"New Microsoft Teams feature will let you report suspicious calls" #bolhasec
"New Microsoft Teams feature will let you report suspicious calls" #bolhasec
Notícia da BleepingComputer
"Convincing LinkedIn comment-reply tactic used in new phishing" #bolhasec
"Convincing LinkedIn comment-reply tactic used in new phishing" #bolhasec
Convincing LinkedIn comment-reply tactic used in new phishing
Scammers are flooding LinkedIn posts with fake "reply" comments that appear to come from the platform, warning of bogus policy violations and urging users to click external links. Some even abuse Link...
www.bleepingcomputer.com
January 31, 2026 at 2:30 AM
Notícia da BleepingComputer
"Convincing LinkedIn comment-reply tactic used in new phishing" #bolhasec
"Convincing LinkedIn comment-reply tactic used in new phishing" #bolhasec
Notícia da BleepingComputer
"FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs" #bolhasec
"FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs" #bolhasec
FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs
The North Korean state-sponsored hacker group Kimsuki is using malicious QR codes in spearphishing campaigns that target U.S. organizations, the Federal Bureau of Investigation warns in a flash alert.
www.bleepingcomputer.com
January 31, 2026 at 1:30 AM
Notícia da BleepingComputer
"FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs" #bolhasec
"FBI warns about Kimsuky hackers using QR codes to phish U.S. orgs" #bolhasec
Notícia da BleepingComputer
"Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass" #bolhasec
"Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass" #bolhasec
Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass
Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor authentication (2FA) bypass vulnerability.
www.bleepingcomputer.com
January 31, 2026 at 12:30 AM
Notícia da BleepingComputer
"Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass" #bolhasec
"Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass" #bolhasec
Notícia da BleepingComputer
"OpenAI's ChatGPT ad costs are on par with live NFL broadcasts" #bolhasec
"OpenAI's ChatGPT ad costs are on par with live NFL broadcasts" #bolhasec
OpenAI's ChatGPT ad costs are on par with live NFL broadcasts
OpenAI plans to begin rolling out ads on ChatGPT in the United States if you have a free or $8 Go subscription, but the catch is that the ads could be very expensive for advertisers.
www.bleepingcomputer.com
January 30, 2026 at 11:30 PM
Notícia da BleepingComputer
"OpenAI's ChatGPT ad costs are on par with live NFL broadcasts" #bolhasec
"OpenAI's ChatGPT ad costs are on par with live NFL broadcasts" #bolhasec
Notícia da BleepingComputer
"US charges 31 more suspects linked to ATM malware attacks" #bolhasec
"US charges 31 more suspects linked to ATM malware attacks" #bolhasec
US charges 31 more suspects linked to ATM malware attacks
A Nebraska federal grand jury charged 31 additional defendants for their involvement in an ATM jackpotting operation allegedly orchestrated by members of the Venezuelan gang Tren de Aragua.
www.bleepingcomputer.com
January 30, 2026 at 10:30 PM
Notícia da BleepingComputer
"US charges 31 more suspects linked to ATM malware attacks" #bolhasec
"US charges 31 more suspects linked to ATM malware attacks" #bolhasec
Notícia da SecurityWeek
"Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’" #bolhasec
"Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’" #bolhasec
Malicious Chrome Extension Crashes Browser in ClickFix Variant 'CrashFix'
ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ModeloRAT RAT.
www.securityweek.com
January 30, 2026 at 8:30 PM
Notícia da SecurityWeek
"Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’" #bolhasec
"Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’" #bolhasec
Notícia da BleepingComputer
"Hidden Telegram proxy links can reveal your IP address in one click" #bolhasec
"Hidden Telegram proxy links can reveal your IP address in one click" #bolhasec
Hidden Telegram proxy links can reveal your IP address in one click
A single click on what may appear to be a Telegram username or harmless link is all it takes to expose your real IP address to attackers due to how proxy links are handled. Telegram says it will add w...
www.bleepingcomputer.com
January 30, 2026 at 7:30 PM
Notícia da BleepingComputer
"Hidden Telegram proxy links can reveal your IP address in one click" #bolhasec
"Hidden Telegram proxy links can reveal your IP address in one click" #bolhasec
Notícia da SecurityWeek
"Atlassian Patches Critical Apache Tika Flaw" #bolhasec
"Atlassian Patches Critical Apache Tika Flaw" #bolhasec
Atlassian Patches Critical Apache Tika Flaw
Atlassian has released updates for Bamboo, Bitbucket, Confluence, Crowd, Fisheye/Crucible, and Jira to patch 29 vulnerabilities.
www.securityweek.com
January 30, 2026 at 6:30 PM
Notícia da SecurityWeek
"Atlassian Patches Critical Apache Tika Flaw" #bolhasec
"Atlassian Patches Critical Apache Tika Flaw" #bolhasec
Notícia da BleepingComputer
"Malicious npm package steals WhatsApp accounts and messages" #bolhasec
"Malicious npm package steals WhatsApp accounts and messages" #bolhasec
Malicious npm package steals WhatsApp accounts and messages
A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account.
www.bleepingcomputer.com
January 30, 2026 at 5:30 PM
Notícia da BleepingComputer
"Malicious npm package steals WhatsApp accounts and messages" #bolhasec
"Malicious npm package steals WhatsApp accounts and messages" #bolhasec
Notícia da SecurityWeek
"574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings" #bolhasec
"574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings" #bolhasec
574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings
As part of Operation Sentinel, authorities in Africa dismantled major BEC, ransomware, and other cyber-fraud networks.
www.securityweek.com
January 30, 2026 at 4:30 PM
Notícia da SecurityWeek
"574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings" #bolhasec
"574 Arrested, $3 Million Seized in Crackdown on African Cybercrime Rings" #bolhasec
Notícia da BleepingComputer
"Fake MAS Windows activation domain used to spread PowerShell malware" #bolhasec
"Fake MAS Windows activation domain used to spread PowerShell malware" #bolhasec
Fake MAS Windows activation domain used to spread PowerShell malware
A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the 'Cosmali Loader'.
www.bleepingcomputer.com
January 30, 2026 at 3:30 PM
Notícia da BleepingComputer
"Fake MAS Windows activation domain used to spread PowerShell malware" #bolhasec
"Fake MAS Windows activation domain used to spread PowerShell malware" #bolhasec
Notícia da BleepingComputer
"CIRO confirms data breach exposed info on 750,000 Canadian investors" #bolhasec
"CIRO confirms data breach exposed info on 750,000 Canadian investors" #bolhasec
CIRO confirms data breach exposed info on 750,000 Canadian investors
The Canadian Investment Regulatory Organization (CIRO) confirmed that the data breach it suffered last year impacts about 750,000 Canadian investors.
www.bleepingcomputer.com
January 30, 2026 at 2:30 PM
Notícia da BleepingComputer
"CIRO confirms data breach exposed info on 750,000 Canadian investors" #bolhasec
"CIRO confirms data breach exposed info on 750,000 Canadian investors" #bolhasec
Notícia da SecurityWeek
"In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice" #bolhasec
"In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice" #bolhasec
In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice
Cloudflare WAF bypass, Canonical Snap Store abused for malware delivery, Curl terminating bug bounty program
www.securityweek.com
January 30, 2026 at 1:30 PM
Notícia da SecurityWeek
"In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice" #bolhasec
"In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice" #bolhasec
Notícia da SecurityWeek
"Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach" #bolhasec
"Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach" #bolhasec
Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach
Rein Security emerges from stealth with $8M, introducing inside-out AppSec that detects and prevents runtime threats in production.
www.securityweek.com
January 30, 2026 at 12:30 PM
Notícia da SecurityWeek
"Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach" #bolhasec
"Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach" #bolhasec
Notícia da SecurityWeek
"Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist" #bolhasec
"Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist" #bolhasec
Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist
Shai-Hulud 2.0 infected over 12,000 systems and exposed Trust Wallet keys that were used to steal $8.5 million from 2,520 wallets.
www.securityweek.com
January 30, 2026 at 11:30 AM
Notícia da SecurityWeek
"Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist" #bolhasec
"Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist" #bolhasec
Notícia da SecurityWeek
"‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability" #bolhasec
"‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability" #bolhasec
'Highest Ever' Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability
Microsoft has patched CVE-2025-55315, a critical vulnerability in the ASP.NET Core open source web development framework.
www.securityweek.com
January 30, 2026 at 2:30 AM
Notícia da SecurityWeek
"‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability" #bolhasec
"‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability" #bolhasec
Notícia da SecurityWeek
"CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries" #bolhasec
"CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries" #bolhasec
CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries
The CISA KEV catalog was expanded with 245 vulnerabilities in 2025, including 24 flaws exploited by ransomware groups.
www.securityweek.com
January 30, 2026 at 1:30 AM
Notícia da SecurityWeek
"CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries" #bolhasec
"CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries" #bolhasec
Notícia da BleepingComputer
"Make Identity Threat Detection your security strategy for 2026" #bolhasec
"Make Identity Threat Detection your security strategy for 2026" #bolhasec
Make Identity Threat Detection your security strategy for 2026
Identity-based attacks are one of the primary paths attackers use to breach corporate networks. Tenfold shows how Identity Threat Detection helps spot suspicious account activity before real damage oc...
www.bleepingcomputer.com
January 29, 2026 at 11:30 PM
Notícia da BleepingComputer
"Make Identity Threat Detection your security strategy for 2026" #bolhasec
"Make Identity Threat Detection your security strategy for 2026" #bolhasec
Notícia da BleepingComputer
"OpenAI's hidden ChatGPT Translate tool takes on Google Translate" #bolhasec
"OpenAI's hidden ChatGPT Translate tool takes on Google Translate" #bolhasec
OpenAI's hidden ChatGPT Translate tool takes on Google Translate
OpenAI has quietly rolled out a new ChatGPT feature called ChatGPT Translate, and it looks very similar to Google Translate on the web.
www.bleepingcomputer.com
January 29, 2026 at 10:30 PM
Notícia da BleepingComputer
"OpenAI's hidden ChatGPT Translate tool takes on Google Translate" #bolhasec
"OpenAI's hidden ChatGPT Translate tool takes on Google Translate" #bolhasec