18 May, 2025

Fashion giant Dior discloses cyberattack, warns of data breach

House of Dior, the French luxury fashion brand commonly referred to as Dior, has disclosed a cybersecurity incident that has exposed customer information. A spokesperson for the firm told GeekFeed that the incident impacts Dior Fashion and Accessories customers. Currently, cybersecurity experts are investigating the incident to determine its scope. “The House of Dior recently […]

2 mins read

Kosovo extradites BlackDB admin to face US cybercrime charges

A Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. Kosovar authorities arrested the 33-year-old Liridon Masurica (also known as @blackdb) on December 14th, 2024, and he was extradited to the United States earlier this month, on May 9th. Masurica was detained following […]

2 mins read

SAP patches second zero-day flaw exploited in recent attacks

SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. The company issued security updates for this security flaw (CVE-2025-42999) on Monday, May 12, saying it was discovered while investigating zero-day attacks involving another unauthenticated file upload flaw (tracked as CVE-2025-31324) in SAP NetWeaver Visual Composer […]

3 mins read

North Korea ramps up cyberspying in Ukraine to assess war risk

The state-backed North Korean threat group Konni (Opal Sleet, TA406) was observed targeting Ukrainian government entities in intelligence collection operations. The attackers use phishing emails that impersonate think tanks, referencing important political events or military developments to lure their targets. Proofpoint researchers who discovered the activity in February 2025 suggest that it’s likely an effort […]

2 mins read

Twilio denies breach following leak of alleged Steam 2FA codes

Twilio has denied in a statement for GeekFeed that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes. The threat actor, using the alias Machine1337 (also known as EnergyWeaponsUser), advertised a trove of data allegedly pulled from Steam, offering to sell it for $5,000. When […]

3 mins read

Ivanti fixes EPMM zero-days chained in code execution attacks

Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. “Ivanti has released updates for Endpoint Manager Mobile (EPMM) which addresses one medium and one high severity vulnerability,” the company said. “When chained together, successful exploitation could lead to unauthenticated remote […]

2 mins read

Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws

Today is Microsoft’s May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. This Patch Tuesday also fixes six “Critical” vulnerabilities, five being remote code execution vulnerabilities and another an information disclosure bug. The number of bugs in each vulnerability category is listed below: […]

11 mins read

Windows 11 KB5058411 and KB5058405 cumulative updates released

Microsoft has released Windows 11 KB5058411 and KB5058405 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues, including 134 flaws. Today’s updates are mandatory as they contain the May 2025 Patch Tuesday security patches for vulnerabilities discovered in previous months. Windows 11 users can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can also manually download […]

6 mins read

Windows 10 KB5058379 update fixes SgrmBroker errors in Event Viewer

Microsoft has released the KB5058379 cumulative update for Windows 10 22H2 and Windows 10 21H2, with four fixes and changes, including one for an SGRMBroker bug. The Windows 10 KB5058379 update is mandatory as it contains Microsoft’s May 2025 Patch Tuesday security updates, which fix seven zero-day vulnerabilities. Windows users can install this update by going into Settings, clicking on Windows Update, and manually […]

2 mins read

Microsoft confirms May Windows 10 updates trigger BitLocker recovery

Microsoft has confirmed that some Windows 10 and Windows 10 Enterprise LTSC 2021 systems will boot into BitLocker recovery after installing the May 2025 security updates. The BitLocker Windows security feature encrypts storage drives to prevent data theft, and Windows computers typically enter BitLocker recovery mode after events like TPM (Trusted Platform Module) updates or […]

3 mins read