At least one CVE could weaken defenses put in place following 2008 disclosure. The makers of BIND, the Internet’s most widely used software for resolving domain names, are war
Published: 2025-10-22T22:35:41
Ruling holds that defeating end-to-end encryption in WhatsApp harms Meta's business. A federal judge has ordered spyware maker NSO to stop using its Pegasus app to target or i
Published: 2025-10-20T22:18:22
Malicious payloads stored on Ethereum and BNB blockchains are immune to takedowns. Hacking groups at least one of which works on behalf of the North Korean government have fou
Published: 2025-10-16T20:40:49
Malicious app required to make "Pixnapping" attack work requires no permissions. Android devices are vulnerable to a new attack that can covertly steal two-factor authenticati
Published: 2025-10-13T21:36:35
Anthropic study suggests "poison" training attacks don't scale with model size. Scraping the open web for AI training data can have its drawbacks. On Thursday, researchers fro
Published: 2025-10-09T22:03:21
As more sites require IDs for user age verification, expect more such breaches to come. Discord says that hackers made off with images of 70,000 users’ government IDs that the
Published: 2025-10-09T18:24:13
Scattered LAPSUS$ Hunters gave Salesforce until Friday to pay or else. Salesforce says it’s refusing to pay an extortion demand made by a crime syndicate that claims to have s
Published: 2025-10-08T20:02:46
Meanwhile, civil services claims 75,000 days could be saved by the tech each year Ignoring the skeptics and threat of an AI bubble, the UK government is pushing ahead with AI "sandboxing" and backing a raft of projects it claims could benefit from re
Published: 2025-10-23T07:15:06
RFC proposes power-button interrupt and highlights wider problems with sleep states A new Linux kernel patch lets you cancel the process of your machine going into hibernation, but the bigger context of the work may be more important.
Published: 2025-10-22T12:10:10
ICO says probe unnecessary after reviewing ministry's handling of leak The UK's data protection regulator declined to launch an investigation into a leak at the Ministry of Defence that risked the lives of thousands of Afghans connected with the Brit
Published: 2025-10-22T07:15:12
Operating system's D-day resuscitates flatlining computer sector It transpires that Windows 11 is indeed good for at least one thing driving PC upgrades, according to the latest figures from Gartner.
Published: 2025-10-17T14:16:17
Wyze has announced a new budget-friendly doorbell camera. The Wyze Battery Video Doorbell looks similar to the Video Doorbell v2 the brand released in 2023, but as the name implies, it adds a rechargeable battery so it's easier to install without the need for wiring or access to power. But wired power is also an […] 
Wyze has announced a new budget-friendly doorbell camera. The Wyze Battery Video Doorbell looks similar to the Video Doorbell v2 the brand released in 2023, but as the name implies, it adds a rechargeable battery so it’s easier to install without t...
Published: 2025-10-23T09:00:00
Ledger's fifth Nano crypto wallet marks a moment of reinvention: it's not nearly so nano anymore, and Ledger would prefer you didn t call it a crypto wallet either. It's grown in size, picked up a full E Ink display, and is now being billed as a signer. The $179 Ledger Nano Gen5 resembles the $249 […] 
The questions for Ledger are how long it can sustain itself on crypto bros alone, and whether the market for secure personal authenticators is really going to expand beyond that crypto crowd. No-one wants face scans and ID card checks to prove they...
Published: 2025-10-23T08:00:00
After extensive testing we selected Ring's Battery Doorbell Plus as the best battery-powered doorbell camera, and it has returned to its all-time low price of $79.99 ($70 off) at Amazon for the second time ever. If you missed out on picking up the video doorbell on sale during Amazon's Prime Big Deal Days, now is […] 
Where to Buy: $149.99 $79.99 at Amazon We liked Ring’s Battery Doorbell Plus because of its high resolution video recordings and head-to-toe view, which allows you to see an entire person or keep an eye on the package on your porch. It runs on remo...
Published: 2025-10-22T11:00:00
TP-Link's Tapo smart home brand announced a new solar-powered outdoor security camera with pan-tilt capabilities, 2K video recording, and an 800-lumen LED floodlight. Tapo says the C615F can operate for as long as 24 hours with just 45 minutes of sunlight, and it's now available through Tapo's online store and Amazon for $89.99 for a […] 
TP-Link’s Tapo smart home brand announced a new solar-powered outdoor security camera with pan-tilt capabilities, 2K video recording, and an 800-lumen LED floodlight. Tapo says the C615F can operate for as long as 24 hours with just 45 minutes of s...
Published: 2025-10-21T10:19:56
Wyze has announced its first battery-powered, solar-charged, 2K security camera that can rotate and tilt, providing coverage of your entire yard. The Wyze Solar Cam Pan is available now through Wyze's online store for $79.98, making it cheaper than competitors offerings like Reolink's $88 2K pan-and-tilt security camera, Tapo's $170 4K VistaCam 360 that launched […] 
Wyze has announced its first battery-powered, solar-charged, 2K security camera that can rotate and tilt, providing coverage of your entire yard. The Wyze Solar Cam Pan is available now through Wyze’s online store for $79.98, making it cheaper than...
Published: 2025-10-21T09:00:00
Google is introducing new recovery tools that aim to make it less frustrating to regain access when you re locked out of your account. Instead of answering security questions or entering a recovery email address, Google's new security features allow account holders to verify their identity using a linked mobile number, or trusted friends or family […] 
Google is introducing new recovery tools that aim to make it less frustrating to regain access when you’re locked out of your account. Instead of answering security questions or entering a recovery email address, Google’s new security features allo...
Published: 2025-10-15T09:00:00
5CA is a customer service support company that works with Discord. Recently, the chat platform said the vendor had been breached as part of a security incident where 70,000 government ID photos may have leaked. Now, 5CA says in a post on its website that it was not hacked. According to Discord, this incident impacted […] 
5CA is a customer service support company that works with Discord. Recently, the chat platform said the vendor had been breached as part of a “security incident” where 70,000 government ID photos may have leaked. Now, 5CA says in a post on its webs...
Published: 2025-10-14T12:09:22
Discord has identified approximately 70,000 users that may have had their government ID photos exposed as part of a customer service data breach announced last week, spokesperson Nu Wexler tells The Verge. A tweet by vx-underground said that the company was being extorted over a breach of its Zendesk instance by a group claiming to […] 
Discord has identified approximately 70,000 users that may have had their government ID photos exposed as part of a customer service data breach announced last week, spokesperson Nu Wexler tells The Verge. A tweet by vx-underground said that the co...
Published: 2025-10-08T17:34:02
1Password’s browser extension fills in your passwords automatically when you browse, and now the company has built a similar tool for AI bots browsing the web on your behalf, but for a very different reason. AI tools and browsers built on Claude, Gemini, and ChatGPT are increasingly using AI agents to browse the web, book […] 
1Password’s browser extension fills in your passwords automatically when you browse, and now the company has built a similar tool for AI bots browsing the web on your behalf, but for a very different reason. AI tools and browsers built on Cla...
Published: 2025-10-08T15:44:30
North Korean Lazarus hackers compromised three European companies in the defense sector through a coordinated Operation DreamJob campaign leveraging fake recruitment lures. [...]
Published: 2025-10-23T08:38:39
State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. [...]
Published: 2025-10-22T17:19:33
Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. [...]
Published: 2025-10-22T14:52:53
Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. [...]
Published: 2025-10-22T14:41:37
The FinWise breach shows that when insider threats strike, encryption is the last line of defense. Penta Security's D.AMO platform unites encryption, key management, and access control to keep sensitive data secure. [...]
Published: 2025-10-22T11:11:21
Google Threat Intelligence Group (GTIG) is tracking a cluster of financially motivated threat actors operating from Vietnam that leverages fake job postings on legitimate platforms to target individuals in the digital advertising and marketing secto
Published: 2025-10-23T14:00:00
Written by: Wesley Shields Introduction COLDRIVER, a Russian state-sponsored threat group known for targeting high profile individuals in NGOs, policy advisors and dissidents, swiftly shifted operations after the May 2025 public disclosure of its
Published: 2025-10-20T14:00:00
Written by: Blas Kojusner, Robert Wallace, Joseph Dobson Google Threat Intelligence Group (GTIG) has observed the North Korea (DPRK) threat actor UNC5342 using ‘EtherHiding’ to deliver malware and facilitate cryptocurrency theft, the first time GTI
Published: 2025-10-16T14:00:00
Written by: Mark Magee, Jose Hernandez, Bavi Sadayappan, Jessa Valdez Since late 2023, Mandiant Threat Defense and Google Threat Intelligence Group (GTIG) have tracked UNC5142, a financially motivated threat actor that abuses the blockchain to faci
Published: 2025-10-16T14:00:00
Written by: Peter Ukhanov, Genevieve Stark, Zander Work, Ashley Pearson, Josh Murchie, Austin Larsen Update (Oct. 11): On Oct. 11, Oracle released another patch, addressing CVE-2025-61884. Introduction Beginning Sept. 29, 2025, Google Threat Intell
Published: 2025-10-09T14:00:00
Financial regulators in Canada this week levied $176 million in fines against Cryptomus, a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada... 
Published: 2025-10-22T17:21:36
Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing messages that come from hundreds of Zendesk corporate customers simultaneously. Zendesk is an automa... 
Published: 2025-10-17T11:26:27
Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two vulnerabilities that are already being actively exploited. October’s Patch Tuesday also marks the final mon... 
Published: 2025-10-14T22:57:38
The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating efforts to limit collateral damage from the botnet's attacks, which shattered previous records this week with a brief traffic flood that clocked in at nearly 30 trillion bits of data per second. 
The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say...
Published: 2025-10-10T16:10:43
Webroot's Cybersecurity Awareness Month deals shield you from viruses, identity theft, and privacy invasions, with password management and more.... 
Published: 2025-10-23T13:01:58
The Cyberspace Solarium Commission says years of progress are being undone amid current administration's cuts America's once-ambitious cyber defences are starting to rust, according to the latest annual report from the US Cyberspace Solarium Commission (CSC), which warns that policy momentum has slowed and even slipped backwards thanks to Trump-era workforce and budget cuts.
Published: 2025-10-23T15:57:13
Check Point helps exorcise vast 'Ghost Network' that used fake tutorials to push infostealers Google has taken down thousands of YouTube videos that were quietly spreading password-stealing malware disguised as cracked software and game cheats.
Published: 2025-10-23T14:04:19
Criminal outfits had been using Musk's broadband beacons to run cyber-slavery scams across Southeast Asia SpaceX says it has shut down thousands of Starlink terminals that were powering Myanmar's notorious scam compounds after its satellite network was found to be keeping human trafficking and cyber-fraud operations online in the country's lawless border zones.
Published: 2025-10-23T09:22:51
Here are five ways tenfold's free IGA solution helps you streamline identity governance and access control. Partner Content In a world where one wrong click can set off a catastrophic breach, organizations must control what their users have access to if they want to stop mission-critical assets from being leaked or stolen. Identity governance and administration (IGA) is as essential to the survival of your business as malware protection and secure backups.
Published: 2025-10-22T15:00:09
Forks of forks of forks, but which ones are patched? A vulnerability in the popular Rust crate async-tar has affected the fast uv Python package manager, which uses a forked version that's now patched but the most widely downloaded version remains unfixed.
Published: 2025-10-22T13:15:06
That's a lot of extended warranties The Jaguar Land Rover (JLR) cyberattack could end up being the costliest such incident in UK history, billed at an estimated 1.9 billion and affecting over 5,000 organizations.
Published: 2025-10-22T10:29:12
ICO says probe unnecessary after reviewing ministry's handling of leak The UK's data protection regulator declined to launch an investigation into a leak at the Ministry of Defence that risked the lives of thousands of Afghans connected with the British Armed Forces.
Published: 2025-10-22T07:15:12
Why organizations need a new strategy to break down silos and usher in a new era of risk intelligence Partner Content As cyber risk continues to escalate, many organizations face a disconnect between cybersecurity investments and actual risk reduction. Despite increased security budgets, formal cyber risk programs, and adoption of new frameworks, recent data shows these efforts often fail to lower risk profiles.
Published: 2025-10-21T15:00:07
Japanese retailer halts online orders after attack cripples third-party vendor Japanese retailer Muji is suspending online orders after logistics partner Askul was knocked offline by a ransomware attack.
Published: 2025-10-21T11:15:06
CISA adds high-severity flaw to KEV list, urges swift updating Uncle Sam's cyber wardens have warned that a high-severity flaw in Microsoft's Windows SMB client is now being actively exploited months after it was patched.
Published: 2025-10-21T10:27:10
Security pros explore whether infection-spoofing code can immunize Windows systems against attack Feature What's better, prevention or cure? For a long time the global cybersecurity industry has operated by reacting to attacks and computer viruses. But given that ransomware has continued to escalate, more proactive action is needed.
Published: 2025-10-21T09:04:01
Zero trust is the best kind of trust when it comes to securing your organization, says ZScaler Partner Content Many organizations across Europe have taken steps to implement Zero Trust principles, securing users, devices, workloads, and applications. But while these efforts are critical, they can leave significant gaps in resilience and security if applied too narrowly.
Published: 2025-10-21T08:00:14
Calendar cock-up exposed recipients' details Anti-fraud nonprofit Cifas was left red-faced after sending out a calendar invite that exposed the email addresses of dozens of individuals working across the fraud space.
Published: 2025-10-21T07:30:10
Once more into the, er, breach? The UK's Armed Forces veterans are being tasked with one last mission proving the government can successfully roll out a digital ID card scheme.
Published: 2025-10-20T07:15:10
P2P lending platform says it could not verify the claims at present Data breach tracker HaveIBeenPwned claims the victim count of peer-to-peer lender Prosper's September cyberattack stands at 17.6 million.
Published: 2025-10-17T15:30:15
Sharing views POTUS doesn't like? Say goodbye to that visa, First Amendment be damned Updated Lawyers at the Electronic Frontier Foundation (EFF) are helping three US labor unions sue the Trump administration over a social media surveillance program that threatens to punish those who publicly express views that are not harmonious with the government's position.
Published: 2025-10-17T13:07:52
Beijing blocks exports after Netherlands imposes special measures on Chinese-owned chipmaker Major car, van, truck and bus manufacturers are warning that the Dutch government placing semiconductor biz Nexperia under special administrative measures could result in a shortage of automotive chips.
Published: 2025-10-17T12:36:06
CVE and CVSS systems suffer from misaligned incentives and inconsistency Aram Hovespyan, co-founder and CEO of security biz Codific, says that the rating systems for identifying security vulnerabilities and assessing threat risk need to be overhauled.
Published: 2025-10-16T19:45:12
Who needs enemies when you have friends like Xi? China's cyberspies quietly broke into a Russian IT service provider in what researchers say is a rare example of Beijing turning its digital gaze on Moscow.
Published: 2025-10-16T16:27:21
Recovery feature lets trusted contacts help you get back in when other methods fail The latest security feature for Gmail enables users to recover their accounts with a little help from their friends.
Published: 2025-10-16T14:10:10
Flaw in Kestrel web server allowed request smuggling, impact depends on hosting setup and application code Microsoft has patched an ASP.NET Core vulnerability with a CVSS score of 9.9, which security program manager Barry Dorrans said was "our highest ever." The flaw is in the Kestrel web server component and enables security bypass.
Published: 2025-10-16T13:32:10
Bill Cassidy letter asks if Switchzilla sat on critical flaws before feds were forced into emergency patching US Senator Bill Cassidy has fired off a pointed letter to Cisco over the firewall flaws that allegedly let hackers breach "at least one federal agency."
Published: 2025-10-16T12:44:13
Alert says financial account information lifted from systems Auction house Sotheby's says it was breached on July 24, and those behind the intrusion stole an unspecified amount of data, including Social Security numbers and financial account information.
Published: 2025-10-16T11:52:56
GenAI meets Gen Z only one gets the job ai-pocalypse The UK tech sector is cutting graduate jobs dramatically down 46 percent in the past year, with another 53 percent drop projected, according to figures from the Institute of Student Employers (ISE).
Published: 2025-10-16T11:18:19
How to avoid your business being felled by an AI-powered ransomware attack that costs less than a laptop. Partner Content KNP Logistics Group, a British transport company from Northamptonshire that's been around longer than the mass-produced lightbulb, collapsed after a devastating security breach that left more than 700 employees jobless. The 158-year-old firm fell victim to a ransomware attack.
Published: 2025-10-16T08:00:08
Vibe coding may have played a role in what took researchers months to fix Developers of VS Code extensions are leaking sensitive secrets left, right and center, according to researchers who worked with Microsoft to combat an issue that could have led to some nasty supply chain attacks.
Published: 2025-10-15T15:35:24
ICO makes example of outsourcing giant over sluggish cyber response The UK's Information Commissioner's Office (ICO) has issued a 14 million ($18.6 million) penalty to outsourcing giant Capita following a catastrophic 2023 cyberattack that exposed the personal data of 6.6 million people.
Published: 2025-10-15T11:01:42
Japan's beer behemoth still mopping up after ransomware spill that disrupted deliveries and delayed results Asahi's cyber hangover just got worse, with the brewer now admitting that personal information may have been tapped in last month's attack.
Published: 2025-10-14T14:12:13
Lucky few randomly selected to trial the feature, which won't fully roll out for several months Mozilla is working on a built-in VPN for Firefox, with beta tests opening to select users shortly.
Published: 2025-10-14T13:28:06
Latest in a long line of EBS flaws leta miscreants remotely compromise enterprise systems to pinch sensitive data Oracle is rushing out another emergency patch for its embattled E-Business Suite as the fallout from the Clop-linked attacks continues to spread.
Published: 2025-10-14T12:32:49
Warn businesses to act now as high-severity incidents keep climbing Cyberattacks that meet upper severity thresholds set by the UK government's cyber agents have risen 50 percent in the last year, despite almost zero change in the volume of cases handled.
Published: 2025-10-14T10:51:06
Malfunctioning equipment and manual processing cause 90-minute waits The European Union's new biometric Exit/Entry System (EES) got off to a chaotic start at Prague's international airport, with travelers facing lengthy queues and malfunctioning equipment forcing border staff to process arrivals manually.
Published: 2025-10-14T06:45:11
'We will never stop,' say crooks, despite retiring twice in the space of a month The Scattered Lapsus$ Hunters (SLSH) cybercrime collective - compriseed primarily of teenagers and twenty-somethings - announced it will go dark until 2026 following the FBI's seizure of its clearweb site.
Published: 2025-10-13T16:17:51
Redmond argued schools, education authorities are responsible for GDPR An Austrian digital privacy group has claimed victory over Microsoft after the country's data protection regulator ruled the software giant "illegally" tracked students via its 365 Education platform and used their data.
Published: 2025-10-13T13:38:03
Beijing insists it's business as usual Washington might see it differently China's competition regulator has launched an investigation into Qualcomm's purchase of Israeli firm Autotalks, the latest salvo in the escalating tech trade war between Washington and Beijing.
Published: 2025-10-13T12:21:11
Regulator warns penalties will pile up until internet toilet does its paperwork Ofcom, the UK's Online Safety Act regulator, has fined online message board 4chan 20,000 ($26,680) for failing to protect children from harmful content.
Published: 2025-10-13T11:10:46
Minister invokes powers to stop firm shifting knowledge to China, citing governance shortcomings The Dutch government has placed Nexperia - a Chinese-owned semiconductor company that previously operated Britain's Newport Wafer Fab under special administrative measures, citing serious governance failures that threaten European tech security.
Published: 2025-10-13T11:01:02
Forescout's phony water plant fooled TwoNet into claiming a fake cyber victory then it quietly shut up shop Security researchers say they duped pro-Russia cybercriminals into targeting a fake critical infrastructure organization, which the crew later claimed - via their Telegram group - to be a real-world attack.
Published: 2025-10-10T14:16:02
Crooks phish campus staff, slip into HR systems, and quietly reroute paychecks Microsoft's Threat Intelligence team has sounded the alarm over a new financially-motivated cybercrime spree that is raiding US university payroll systems.
Published: 2025-10-10T13:21:46
US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce US authorities have seized the latest incarnation of BreachForums, the cybercriminal bazaar recently reborn under the stewardship of the so-called Scattered Lapsus$ Hunters, with help from French cyber cops and the Paris prosecutor's office.
Published: 2025-10-10T10:19:29
Prospect apologizes for cyber gaffe affecting up to 160K members UK trade union Prospect is notifying members of a breach that involved data such as sexual orientation and disabilities.
Published: 2025-10-10T09:41:20
Just 250 malicious training documents can poison a 13B parameter model - that's 0.00016% of a whole dataset Poisoning AI models might be way easier than previously thought if an Anthropic study is anything to go on.
Published: 2025-10-09T20:45:14
Affects users regardless of when their backups were created SonicWall has admitted that all customers who used its cloud backup service to store firewall configuration files were affected by a cybersecurity incident first disclosed in mid-September, walking back earlier assurances that only a small fraction of users were impacted.
Published: 2025-10-09T13:30:07
CRM giant 'will not engage, negotiate with, or pay' the scumbags Salesforce won't pay a ransom demand to criminals who claim to have stolen nearly 1 billion customer records and are threatening to leak the data if the CRM giant doesn't pony up some cash.
Published: 2025-10-08T17:20:30
Berlin's opposition likely kills off Brussels' bid to scan everyone's messages Germany has committed to oppose the EU's controversial "Chat Control" regulations following huge pressure from multiple activists and major organizations.
Published: 2025-10-08T12:53:10
The Universe Browser is believed to have been downloaded millions of times. But researchers say it behaves like malware and has links to Asia’s booming cybercrime and illegal gambling networks.
Published: 2025-10-23T09:30:00
A federal contracting database lists an ICE payment for $61,218 with the payment code for “guided missile warheads and explosive components.” But it appears ICE simply entered the wrong code.
Published: 2025-10-22T20:31:57
Experts say outages like the one that Amazon experienced this week are almost inevitable given the complexity and scale of cloud technology but the duration serves as a warning.
Published: 2025-10-22T16:31:33
In just seven minutes, the thieves took off with crown jewels containing with thousands of diamonds along with other precious gems.
Published: 2025-10-20T18:18:18
Amazon Web Services experienced DNS resolution issues on Monday morning, taking down wide swaths of the web and highlighting a long-standing weakness in the internet's infrastructure.
Published: 2025-10-20T14:22:46
Anthropic partnered with the US government to create a filter meant to block Claude from helping someone build a nuke. Experts are divided on whether its a necessary protection or a protection at all.
Published: 2025-10-20T09:00:00
Plus: A secret FBI anti-ransomware task force gets exposed, the mystery of the CIA’s Kryptos sculpture is finally solved, North Koreans busted hiding malware in the Ethereum blockchain, and more.
Published: 2025-10-18T10:30:00
Networking software company F5 disclosed a long-term breach of its systems this week. The fallout could be severe.
Published: 2025-10-16T20:42:29
Former GOP operative Scott Leiendecker just bought Dominion Voting Systems, giving him ownership of voting systems used in 27 states. Election experts don't know what to think.
Published: 2025-10-16T14:01:03
An estimated 100 million people live with facial differences. As face recognition tech becomes widespread, some say they’re getting blocked from accessing essential systems and services.
Published: 2025-10-15T09:30:00
The malicious app required to make a “Pixnapping” attack work requires no permissions.
Published: 2025-10-14T21:40:00
Officials in the US and UK have taken sweeping action against “one of the largest investment fraud operations in history,” confiscating a historic amount of funds in the process.
Published: 2025-10-14T17:34:58
With just $800 in basic equipment, researchers found a stunning variety of data including thousands of T-Mobile users’ calls and texts and even US military communications sent by satellites unencrypted.
Published: 2025-10-14T01:00:00
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more.
Published: 2025-10-11T10:30:00
With the mercenary spyware industry booming, Apple VP Ivan Krsti tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million.
Published: 2025-10-10T09:15:00
New research shows that North Koreans appear to be trying to trick US companies into hiring them to develop architectural designs using fake profiles, r sum s, and Social Security numbers.
Published: 2025-10-10T09:00:00
“We are going to do everything in our power to fight this,” says ICEBlock developer Joshua Aaron after Apple removed his app from the App Store.
Published: 2025-10-09T17:22:32
Threat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job. "Some of these [companies' are heavily involved in the unmanned aerial vehicle (UAV) sector, suggesting that the operation may be linked to North Korea's current efforts to scale up its
Published: 2025-10-23T20:59:00
AI is everywhere and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you're in security, that excitement often comes with a sinking feeling. Because while everyone else is racing ahead, you're left trying to manage a growing web of AI agents you didn’t create, can’t fully see, and weren’t designed to control. Join our upcoming webinar and learn how to make AI
Published: 2025-10-23T17:25:00
Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target. This week’s ThreatsDay highlights show exactly how those weak points are being exploited — from overlooked
Published: 2025-10-23T17:00:00
As machine identities explode across cloud environments, enterprises report dramatic productivity gains from eliminating static credentials. And only legacy systems remain the weak link. For decades, organizations have relied on static secrets, such as API keys, passwords, and tokens, as unique identifiers for workloads. While this approach provides clear traceability, it creates what security
Published: 2025-10-23T16:30:00
Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud. "Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards," Palo Alto Networks Unit 42 researchers
Published: 2025-10-23T13:22:00
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours. The vulnerability in question is CVE-2025-54236 (CVSS score: 9.1), a critical improper input validation flaw that could be
Published: 2025-10-23T11:17:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), impacts on-premises versions of Lanscope Endpoint Manager, specifically Client
Published: 2025-10-23T11:07:00
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities. The end goal of the campaign is to infiltrate high-value targets and facilitate intelligence gathering
Published: 2025-10-22T22:51:00
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine's war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2). The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee
Published: 2025-10-22T22:25:00
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025. Also targeted were government departments in an African country, as well as government agencies in South America, a university in the U.S., as well as likely a state technology
Published: 2025-10-22T18:26:00
From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels, metadata, and context. What’s missing is a system of action. How do you transition from the
Published: 2025-10-22T17:25:00
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims' cryptocurrency wallet keys. The package, Nether um.All, has been found to harbor functionality to decode a command-and-control (C2) endpoint and exfiltrate mnemonic phrases, private keys, and
Published: 2025-10-22T17:13:00
The advice didn't change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder for hackers to crack via brute force methods. But more recent guidance shows our focus should be on password length, rather than complexity. Length is the more important security factor, and passphrases are the simplest way to get your users to create
Published: 2025-10-22T14:56:00
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky. The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed at government entities in Latin America and East Asia in June, using
Published: 2025-10-22T14:28:00
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions. The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been codenamed TARmageddon by Edera, which discovered the issue in late August 2025. It impacts several
Published: 2025-10-22T12:35:00
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution. The vulnerabilities in question are listed below - CVE-2025-6541 (CVSS score: 8.6) - An operating system command injection vulnerability that could be exploited by an attacker who can log in to the web management
Published: 2025-10-22T10:08:00
Meta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it's introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from giving away sensitive information like bank details or verification codes. On Messenger, users can opt to
Published: 2025-10-21T20:33:00
Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in February 2025, attributing it to a campaign targeting routers from Cisco, ASUS, QNAP, and Synology with the goal of corralling them into a network for an as-yet-undetermined purpose. The TLS-based ELF implant, at its core, is designed to monitor
Published: 2025-10-21T19:17:00
Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can’t match. But realizing that potential depends on securing the systems that make it possible. Every organization experimenting with AI in
Published: 2025-10-21T16:30:00
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased "operations tempo" from the threat actor. The findings come from Google Threat Intelligence Group (GTIG), which said the state-sponsored hacking crew has rapidly refined and retooled its malware arsenal merely five days following
Published: 2025-10-21T12:59:00
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access. Salt Typhoon, also known as Earth Estries, FamousSparrow,
Published: 2025-10-21T12:53:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite (EBS) has been weaponized in real-world attacks. The security defect in question is CVE-2025-61884 (CVSS score: 7.5), which has been described as a
Published: 2025-10-21T00:30:00
It’s easy to think your defenses are solid until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn’t just patching fast, but watching smarter and staying alert for what you don’t expect. Here’s a quick look at this week’s top threats, new tactics, and security stories shaping
Published: 2025-10-20T17:57:00
ClickFix, FileFix, fake CAPTCHA whatever you call it, attacks where users interact with malicious scripts in their web browser are a fast-growing source of security breaches. ClickFix attacks prompt the user to solve some kind of problem or challenge in the browser most commonly a CAPTCHA, but also things like fixing an error on a webpage. The name is a little misleading, though
Published: 2025-10-20T17:25:00
Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to supply chain security company Socket. The browser add-ons collectively have about 20,905 active users. "
Published: 2025-10-20T16:17:00
China on Sunday accused the U.S. National Security Agency (NSA) of carrying out a "premeditated" cyber attack targeting the National Time Service Center (NTSC), as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace." The Ministry of State Security (MSS), in a WeChat post, said it uncovered "irrefutable evidence" of the agency's involvement in the intrusion
Published: 2025-10-20T11:02:00
Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud. The coordinated law enforcement effort, dubbed Operation SIMCARTEL, saw 26 searches carried out, resulting in the arrest of seven suspects and the seizure of
Published: 2025-10-19T11:43:00
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP archive as a way to trigger the infection. The cybersecurity company's analysis is based on the ZIP
Published: 2025-10-18T17:11:00
The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan (RAT) tracked as HoldingHands RAT (aka Gh0stBins). "The campaign relied on phishing emails with PDFs that contained embedded malicious links," Pei Han Liao, researcher with Fortinet's FortiGuard
Published: 2025-10-18T12:21:00
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset. That's according to new findings from Cisco Talos, which said recent campaigns undertaken by the hacking group have seen the functions of BeaverTail and OtterCookie coming
Published: 2025-10-17T19:03:00
The danger isn’t that AI agents have bad days it’s that they never do. They execute faithfully, even when what they’re executing is a mistake. A single misstep in logic or access can turn flawless automation into a flawless catastrophe. This isn't some dystopian fantasy it's Tuesday at the office now. We've entered a new phase where autonomous AI agents act with serious system privileges. They
Published: 2025-10-17T16:30:00
Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code. The vulnerability, tracked as CVE-2025-9242 (CVSS score: 9.3), is described as an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including
Published: 2025-10-17T14:55:00
Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were "used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware," the Microsoft Threat Intelligence team said in a post shared on X. The tech
Published: 2025-10-17T11:33:00
A threat actor with ties to the Democratic People's Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method. The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat cluster it tracks as UNC5342,
Published: 2025-10-16T20:26:00
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers, such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. "UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique used
Published: 2025-10-16T20:22:00
An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely
Published: 2025-10-16T19:58:00
Scaling the SOC with AI - Why now? Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR’s AI-SOC Market Landscape 2025, the average organization now faces around 960 alerts per day, while large enterprises manage more than 3,000 alerts daily from an average of 28 different tools. Nearly 40% of those alerts go uninvestigated, and 61% of security teams admit
Published: 2025-10-16T17:25:00
Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems. The activity, codenamed Operation Zero Disco by Trend Micro, involves the weaponization of CVE-2025-20352 (CVSS score: 7.7), a stack overflow vulnerability in the Simple
Published: 2025-10-16T17:08:00
Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money while producing inferior results. The benefits of pen testing are clear. By empowering “white hat” hackers to attempt to breach your system using similar tools and techniques to
Published: 2025-10-16T16:20:00
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive. Hackers don’t always break systems anymore they use them. They hide inside trusted apps, copy real websites, and trick people into giving up control
Published: 2025-10-16T14:44:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitrary code execution.
Published: 2025-10-16T09:56:00
A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group's expansion to the country beyond Southeast Asia and South America. The activity, which took place from January to May 2025, has been attributed by Broadcom-owned Symantec to a threat actor it tracks as Jewelbug, which it said overlaps with
Published: 2025-10-15T22:58:00
U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP's source code and information related to undisclosed vulnerabilities in the product. It attributed the activity to a "highly sophisticated nation-state threat actor," adding the adversary maintained long-term, persistent access to its network. The
Published: 2025-10-15T21:36:00
New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk. "A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base,"
Published: 2025-10-15T19:46:00
TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure. Adversary-in-the-middle (AiTM) kits can force authentication fallbacks that circumvent strong
Published: 2025-10-15T17:00:00
Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program. Of the 183 vulnerabilities, eight of them are non-Microsoft
Published: 2025-10-15T14:53:00
Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges. The shortcomings, tracked as CVE-2023-40151 and CVE-2023-42770, are both rated 10.0 on the CVSS scoring system. "The vulnerabilities affect Red Lion SixTRAK and VersaTRAK
Published: 2025-10-15T12:20:00
Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9.3), relates to improper input validation that can result in unauthenticated remote code execution due to the fact that the call center
Published: 2025-10-15T11:46:00
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization. "Due to a deserialization vulnerability in SAP NetWeaver, an
Published: 2025-10-15T11:06:00
Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked as Ethereal Panda and RedJuliett. According to the U.S. government, it's assessed to be a publicly-traded
Published: 2025-10-14T22:25:00
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Motex LANSCOPE flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Motex LANSCOPE flaw, tracked as CVE-2025-61932 (CVSS v4 score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is an improper verification of source of a communication […]
Published: 2025-10-23T10:49:52
Hackers exploit CVE-2025-54236 in Adobe Commerce and Magento to hijack accounts via REST API. Over 250 attacks in 24 hours. E-commerce security company Sansec researchers warn that threat actors are exploiting a critical flaw in Adobe Commerce and Magento, tracked as CVE-2025-54236 (CVSS 9.1), to hijack customer accounts via the REST API. The experts observed […]
Published: 2025-10-23T09:22:45
The attack on Jaguar Land Rover costs the UK economy $2.5B, marking its most damaging cyber incident, says CMC. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted production and retail operations. The attack also impacted systems at the Solihull production plant. UK dealers reported JLR disruptions blocking car registrations and […]
Published: 2025-10-23T07:25:36
PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne researchers uncovered PhantomCaptcha, a coordinated spear-phishing campaign on October 8, 2025, targeting Ukraine war relief groups, including Red Cross, UNICEF, NRC, and local administrations. Threat actors used fake emails to deploy a WebSocket-based […]
Published: 2025-10-22T20:01:41
TP-Link warns of critical flaws in Omada gateways across ER, G, and FR models. Users should update firmware immediately to stay secure. TP-Link is warning users of critical flaws impacting its Omada gateway devices. The Taiwanese company published two security advisories this week, outlining four vulnerabilities that impacts more than a dozen products across the […]
Published: 2025-10-22T17:56:48
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A remote attacker can exploit the flaw to achieve code execution. “astral-tokio-tar is a tar archive […]
Published: 2025-10-22T13:26:21
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been quickly upgrading its malware since May 2025, when its LOSTKEYS malware was exposed. According to Google’s Threat Intelligence Group, the hackers have been rolling out frequent updates and […]
Published: 2025-10-22T06:06:48
Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access. Japanese retailer giant Muji suspended online sales after a ransomware attack hit its logistics partner Askul. The cyber incident disrupted deliveries and online store functions, including orders and app services. “Due to a logistics issue […]
Published: 2025-10-21T18:55:03
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities (KEV) catalog. Oracle recently released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS […]
Published: 2025-10-21T14:10:38
China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access. A European telecom firm was targeted in July 2025 by China-linked APT group Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, UNC5807, RedMike)), which exploited a Citrix NetScaler Gateway to gain initial access. In late […]
Published: 2025-10-21T11:27:05