• Home
  • Viewing author profile for Ax Sharma

Ax Sharma

  • Get in touch:
Author Photo
Author Bio

Ax Sharma is a Security Researcher and Tech Reporter. His works and expert analyses have frequently been featured by leading media outlets including the BBC, Business Insider, Fortune, TechCrunch, TechRepublic, The Register, WIRED, among others. Ax's expertise lies in vulnerability research, malware analysis, open source software, and scam investigations. He's an active community member of the British Association of Journalists (BAJ) and the Canadian Association of Journalists (CAJ).

Send any tips via email or Twitter DM.

News
  • Content farm impersonates 60+ major news outlets, like BBC, CNN, CNBC

    BleepingComputer has discovered a content farm operating some 60+ domains named after popular media outlets, including the BBC, CNBC, CNN, Forbes, Huffington Post, The Guardian, and Washington Post, among others. These sites build SEO for their online gambling ventures and sell "press release" slots at hefty prices.

  • Registrars can now block all domains that resemble brand names

    Registrars can now block people from registering tens of thousands of domain names that look like, are spelling variations of, or otherwise infringe on brand names.

  • RCMP investigating cyber attack as its website remains down

    The Royal Canadian Mounted Police (RCMP), Canada's national police force has disclosed that it recently faced a cyber attack targeting its networks. The federal body has started its criminal investigation into the matter as it works to determine the scope of the security breach.

  • UK to replace physical biometric immigration cards with e-visas

    By 2025, Britain is set to ditch physical immigration documents like Biometric Residence Permits (BRPs) and Biometric Residence Cards (BRCs) in a bid to make its borders digital, in-line with developed countries like Australia. Understand what these Home Office changes mean for existing BRP and BRC holders, and what you need to do.

  • Meta won't remove fake Instagram profiles that are clearly catfishing

    Meta seems to be falling short of effectively tackling fake Instagram profiles even when there are sufficient signs to indicate that a profile is misusing someone else's photos and identity.

  • Jira down: Atlassian outage affecting multiple cloud services

    Multiple Atlassian Jira products are experiencing an ongoing outage as of this morning. Users of Jira Work management, Jira Software, Jira Service Management and Jira Product Discovery are facing connection issues.

  • Crypto wallet founder loses $125,000 to fake airdrop website

    A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he'd went on was setup for the purposes of phishing unsuspecting users.

  • 'everything' blocks devs from removing their own npm packages

    Over the holidays, the npm package registry was flooded with more than 3,000 packages, including one called "everything," and others named a variation of the word. These 3,000+ packages make it impossible for all npm authors to unpublish their packages from the registry.

  • Blockchain dev's wallet emptied in "job interview" using npm package

    A blockchain developer shares his ordeal over the holidays when he was approached on LinkedIn by a "recruiter" for a web development job. The recruiter in question asked the developer to download npm packages from a GitHub repository, and hours later the developer discovered his MetaMask wallet had been emptied.

  • Yakult Australia confirms 'cyber incident' after 95 GB data leak

    Yakult Australia, manufacturer of a probiotic milk drink, has confirmed experiencing a "cyber incident" in a statement to BleepingComputer. Both the company's Australian and New Zealand IT systems have been affected. Cybercrime actor DragonForce which claimed responsibility for the attack has also leaked 95 GB of data.

  • Lapsus$ hacker behind GTA 6 leak gets indefinite hospital sentence

    Lapsus$ cybercrime and extortion group member, Arion Kurtaj has been sentenced indefinitely in a 'secure hospital' by a UK judge. Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video game, Grand Theft Auto VI.

  • Palestine crypto donation scams emerge amid Israel-Hamas war

    As thousands of civilians die amid the deadly Israel-Hamas war, scammers are capitalizing on the horrific events to collect donations by pretending to be legitimate charities. BleepingComputer has come across several posts on X (formerly Twitter), Telegram and Instagram where scammers list dubious cryptocurrency wallet addresses.

  • Ubuntu discovers 'hate speech' in release 23.10 — how to upgrade?

    Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain hate speech. According to the Ubuntu project, a malicious contributor is behind anti-Semitic, homophobic, and xenophobic slurs that were injected into the distro via a "third party tool."

  • Security researcher stopped at US border for investigating crypto scam

    Security researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and federal agents seized and searched his electronic devices. Curry was further served with a 'Grand Jury' subpoena that demanded him to appear in court for testimony.

  • Sony investigates cyberattack as hackers fight over who's responsible

    Sony says that it is investigating allegations of a cyberattack this week as different hackers have stepped up to claim responsibility for the purported hack. Thus far, over 3.14 GB of uncompressed data, allegedly belonging to Sony, has been dumped on hacker forums.

Login