BleepingComputer.com

"How secure are passkeys?  Here's what you need to know."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 25 September 2025, 1535 UTC.

Content and Source:  "Bleeping Computer.com."

URL-- https://www.bleepingcomputer.com/

Please check URL or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net.

Latest Articles

• 
   
  Security

How secure are passkeys, really? Here's what you need to know

• Passwords are weak links—88% of breaches involve stolen creds. Learn more from Specops Software about how passkeys deliver phishing resistance, simpler logins & lower support costs (with some hurdles to adoption).

  • Specops Software
   
  • September 25, 2025
   
  • 10:02 AM
   
  •  0
• 
   
  Security, Legal

Teen suspected of Vegas casino cyberattacks released to parents

• A 17-year-old hacker who surrendered to face charges over cyberattacks targeting Vegas casinos in 2023 has been released into the custody of his parents, a family court judge ruled.

  • Bill Toulas
   
  • September 25, 2025
   
  • 08:51 AM
   
  •  2
• 
   

New Webinar: Analyzing Real-world ClickFix Attacks 

• ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a fast-growing source of security breaches.

  Register for the webinar on October 23rd to learn how ClickFix-style attacks are bypassing detection controls, and what security teams can do about it.

  • Push Security Sponsorship
• 
   
  Microsoft

Microsoft will offer free Windows 10 security updates in Europe

• Microsoft will offer free extended security updates for Windows 10 users in the European Economic Area (EEA), which includes Iceland, Liechtenstein, Norway, and all 27 European Union member states.

  • Sergiu Gatlan
   
  • September 25, 2025
   
  • 08:45 AM
   
  •  0
• 
   
  Deals

Get 2TB of FileJump cloud space for life for a one-time $70 payment

• If you're juggling files across multiple drives, or paying too much every month for cloud storage, the FileJump platform is an easy, affordable solution that simplifies your digital life. Don't miss getting lifetime access to 2TB of FileJump's cloud space for just $69.97 (MSRP $467) when you order through October 12.

  • BleepingComputer Deals
   
  • September 25, 2025
   
  • 07:05 AM
   
  •  0
• 
   
  Security

New Supermicro BMC flaws can create persistent backdoors

• Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images.

  • Bill Toulas
   
  • September 24, 2025
   
  • 04:13 PM
   
  •  0
• 
   
  Artificial Intelligence, Technology

OpenAI is testing a new GPT-5-based AI agent "GPT-Alpha"

• OpenAI is internally testing a new version of its AI agent, which uses a special version of GPT-5 dubbed "GPT-Alpha."

  • Mayank Parmar
   
  • September 24, 2025
   
  • 04:09 PM
   
  •  1
• 
   
  Security

Kali Linux 2025.3 released with 10 new tools, Wi-Fi enhancements

• Kali Linux has released version 2025.3, the third version of 2025, featuring ten new tools, Nexmon support, and NetHunter improvements.

  • Lawrence Abrams
   
  • September 24, 2025
   
  • 02:30 PM
   
  •  0
• 
   
  Deals

Tablet meets laptop in this $170 open-box Asus Chromebook deal

• One of the perks of today's tech world? You don't have to overpay to get quality gear. Case in point: the open-box ASUS 2-in-1 Chromebook CM30, a versatile little workhorse that can pull double duty as both a laptop and a tablet—all for $169.99 (MSRP $329.99) with free shipping in this limited-time offer.

  • BleepingComputer Deals
   
  • September 24, 2025
   
  • 02:07 PM
   
  •  0
• 
   
  Security

Cisco warns of IOS zero-day vulnerability exploited in attacks

• Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is currently being exploited in attacks.

  • Sergiu Gatlan
   
  • September 24, 2025
   
  • 12:52 PM
   
  •  0
• 
   
  Security, Mobile

Unpatched flaw in OnePlus phones lets rogue apps text messages

• A vulnerability in multiple OnePlus OxygenOS versions allows any installed app to access SMS data and metadata without requiring permission or user interaction.

  • Bill Toulas
   
  • September 24, 2025
   
  • 11:48 AM
   
  •  2
• 
   
  Security

Police seizes $439 million stolen by cybercrime rings worldwide

• In a five-month joint operation led by Interpol, law enforcement agencies have seized more than $439 million in cash and cryptocurrency linked to cyber-enabled financial crimes that impacted thousands of victims worldwide.

  • Sergiu Gatlan
   
  • September 24, 2025
   
  • 11:23 AM
   
  •  0
• 
   
  Security

Obscura, an obscure new ransomware variant

• Huntress analysts discovered a previously unseen ransomware variant, Obscura, spreading from a victim company's domain controller. Learn how Obscura works—and what it means for defenders—in this week's Tradecraft Tuesday.

  • Huntress Labs
   
  • September 24, 2025
   
  • 10:01 AM
   
  •  0
• 
   
  Security

Google: Brickstorm malware used to steal U.S. orgs' data for over a year

• Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and legal sectors.

  • Bill Toulas
   
  • September 24, 2025
   
  • 10:00 AM
   
  •  0
• 
   
  Security

UK arrests suspect for RTX ransomware attack causing airport disruptions

• The UK's National Crime Agency has arrested a suspect linked to a ransomware attack that is causing widespread disruptions across European airports.

  • Sergiu Gatlan
   
  • September 24, 2025
   
  • 09:55 AM
   
  •  0
• 
   
  Security

PyPI urges users to reset credentials after new phishing attacks

• The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials.

  • Sergiu Gatlan
   
  • September 24, 2025
   
  • 09:15 AM
   
  •  0
• 
   
  Security, CryptoCurrency

GitHub notifications abused to impersonate Y Combinator for crypto theft

• A massive phishing campaign targeted GitHub users with cryptocurrency drainers, delivered via fake invitations to the Y Combinator (YC) W2026 program.

  • Bill Toulas
   
  • September 24, 2025
   
  • 08:37 AM
   
  •  0
• 
   
  Deals

Get foreign language lessons for life at an exclusive price in this deal

• Get lifetime access to training in all of Babbel's foreign languages for the exclusive StackSocial price of $159 (MSRP $299) with code LEARN through October 2.

  • BleepingComputer Deals
   
  • September 24, 2025
   
  • 07:07 AM
   
  •  0
• 
   
  Security

Boyd Gaming discloses data breach after suffering a cyberattack

• US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals.

  • Lawrence Abrams
   
  • September 23, 2025
   
  • 06:25 PM
   
  •  0
• 
   
  Deals

Train for cybersecurity certs with this $53 e-learning course pack deal

• The InfoSec4TC Platinum e-training package gives you lifelong access to all current and future courses and programs, but the price on their website is quite high. If you're interested, you can get it now for only $52.97 (reg. $280).

  • BleepingComputer Deals
   
  • September 23, 2025
   
  • 02:10 PM
   
  •  0
• 
   
  Security

Libraesva ESG issues emergency fix for bug exploited by state hackers

• Libraesva rolled out an emergency update for its Email Security Gateway solution to fix a vulnerability exploited by threat actors believed to be state sponsored.

  • Bill Toulas
   
  • September 23, 2025
   
  • 01:51 PM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

View More