Cybersecurity

خلاصہ: Notepad++ says it was hijacked by Chinese state-sponsored hackersLast year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to malicious servers. It led to users downloading compromised executables that could infect their devices. Now, Don Ho has revealed that multiple security experts investigated the breach and determined that the threat actor “is likely a Chinese state-sponsored group.” He said it explained why experts observed highly selective targeting during the campaign and why only traffic from certain users were redirected so that they would download malicious files. It’s not clear what kind of users were specifically targeted and what the files did to their devices. The attackers started redirecting traffic from Notepad++ to their servers sometime in June 2025, and that went on until December 2. Their method involved compromising the system at the hosting provider level, though the exact technical mechanism that allowed them to intercept traffic remains under investigation. In addition to releasing a security patch, Notepad++ also migrated to a new hosting provider with much stronger security practices. Ho now encourages anyone who wants to install the app to download version 8.9.1 , which comes with the security update, and running the installer manually. This article originally appeared on Engadget at https://www.engadget.com/apps/notepad-says-it-was-hijacked-by-chinese-state-sponsored-hackers-153000268.html?src=rssSource InformationPublisher: EngadgetOriginal Source: Read more

خلاصہ: Hackers exploit critical React Native Metro bug to breach dev systemsHackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Windows 11 KB5074105 update fixes boot, sign-in, and activation issuesMicrosoft has released the KB5074105 preview cumulative update for Windows 11 systems, which includes 32 changes, including fixes for sign-in, boot, and activation issues. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Microsoft links Windows 11 boot failures to failed December 2025 updateMicrosoft has linked recent reports of Windows 11 boot failures after installing the January 2026 updates to previously failed attempts to install the December 2025 security update, which left systems in an "improper state." Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Hugging Face abused to spread thousands of Android malware variantsA new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK payload that collects credentials for popular financial and payment services. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Ivanti warns of two EPMM flaws exploited in zero-day attacksIvanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Google disrupts IPIDEA residential proxy networks fueled by malwareIPIDEA, one of the largest residential proxy networks used by threat actors, was disrupted earlier this week by Google Threat Intelligence Group (GTIG) in collaboration with industry partners. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Match Group breach exposes data from Hinge, Tinder, OkCupid, and MatchMatch Group, the owner of multiple popular online dating services, Tinder, Match.com, Meetic, OkCupid, and Hinge, confirmed a cybersecurity incident that compromised user data. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Marquis blames ransomware breach on SonicWall cloud backup hackMarquis Software Solutions, a Texas-based financial services provider, is blaming a ransomware attack that impacted its systems and affected dozens of U.S. banks and credit unions in August 2025 on a security breach reported by SonicWall a month later. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Not a Kids Game: From Roblox Mod to Compromising Your CompanySeemingly harmless game mods can hide infostealer malware that quietly steals identities. Flare shows how Roblox mods can turn a home PC infection into corporate compromise. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Aisuru botnet sets new record with 31.4 Tbps DDoS attackThe Aisuru/Kimwolf botnet launched a new massive distributed denial of service (DDoS) attack in December 2025, peaking at 31.4 Tbps and 200 million requests per second. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: New Microsoft Teams feature will let you report suspicious callsMicrosoft plans to introduce a call reporting feature in Teams by mid-March, allowing users to flag suspicious or unwanted calls as potential scams or phishing attempts. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: France fines unemployment agency €5 million over data breachThe French data protection authority fined the national employment agency €5 million (nearly €6 million) for failing to secure job seekers' data, which allowed hackers to steal the personal information of 43 million people. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Google rolls out Android theft protection feature updates​Google has introduced stronger Android authentication safeguards and enhanced recovery tools to make smartphones more challenging targets for thieves. Source InformationPublisher: BleepingComputerOriginal Source: Read more

خلاصہ: Initial access hackers switch to Tsundere Bot for ransomware attacksA prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access trojan to gain network access that could lead to ransomware attacks. Source InformationPublisher: BleepingComputerOriginal Source: Read more