Relatively new technique can bypass many endpoint protections. Over the past year, scammers have ramped up a new way to infect the computers of unsuspecting people. The increa
Published: 2025-11-11T12:30:51
Sandworm and other Russian-state hackers unleash data-destroying payloads on their neighbors. One of the world’s most ruthless and advanced hacking groups, the Russian state-c
Published: 2025-11-06T22:17:21
You wouldn't know it from the hype, but the results fail to impress. Google on Wednesday revealed five recent malware samples that were built using generative AI. The end resu
Published: 2025-11-05T23:00:46
Both vulnerabilities are being exploited in wide-scale operations. Two Windows vulnerabilities one a zero-day that has been known to attackers since 2017 and the other a criti
Published: 2025-10-31T21:03:56
Packages downloaded from NPM can fetch dependencies from untrusted sites. Attackers are exploiting a major weakness that has allowed them access to the NPM code repository wit
Published: 2025-10-29T21:04:45
Long before automatic updates, the Windows 95 team tweaked third-party software to keep it running How to get that all-important piece of software working on Windows has vexed Microsoft since the beginning of the operating system. Compatibility was k
Published: 2025-11-13T13:30:08
End of support? Not quite Microsoft released an emergency out-of-band update on November 11 to fix a malfunctioning enrollment wizard that prevented eligible Windows 10 users from accessing Extended Security Updates (ESU).
Published: 2025-11-12T14:08:07
Risk list highlights misconfigs, supply chain failures, and singles out prompt injection in AI apps The Open Worldwide Application Security Project (OWASP) just published its top 10 categories of application risks for 2025, its first list since 2021.
Published: 2025-11-11T13:26:40
Norwegian testers claim maker has remote access, while UK importer says supplier complies with the law UK governmental is working with the National Cyber Security Centre to understand and "mitigate" any risk that China-made imported electric buses co
Published: 2025-11-11T11:55:38
Doubles parameters to over 17 billion, to detect threats and recommend actions Exclusive Cisco is working on a new AI model that will more than double the number of parameters used to train its current flagship Foundation-Sec-8B.
Published: 2025-11-10T06:56:52
Google says that it's softening its plan to require every Android developer even outside of the Play Store to verify their identity, a move which critics warned could kill sideloading for good. The company now says it's developing a workflow to allow experienced users to install apps from unverified developers. Mandatory verification for […] 
Google says that it’s softening its plan to require every Android developer even outside of the Play Store to verify their identity, a move which critics warned could kill sideloading for good. The company now says it’s developing a workflow to...
Published: 2025-11-13T04:50:46
It was late June, and something strange was happening on Arizona's online portal for political candidates. Images of the candidates were disappearing. Photos of the Iranian Ayatollah Ruhollah Khomeini were popping up in their place. The state would later come to believe it was an attack from an Iranian government-affiliated group. When they first discovered […] 
It was late June, and something strange was happening on Arizona's online portal for political candidates. Images of the candidates were disappearing. Photos of the Iranian Ayatollah Ruhollah Khomeini were popping up in their place. The state would...
Published: 2025-11-10T09:00:00
We got hacked, members of the University of Pennsylvania community were told in the subject line of several emails sent from addresses linked to its Graduate School of Education. The sender, apparently, was the potential hacker or hackers themselves. The University of Pennsylvania is a dogshit elitist institution full of woke retards, said the emails, […] 
“We got hacked,” members of the University of Pennsylvania community were told in the subject line of several emails sent from addresses linked to its Graduate School of Education. The sender, apparently, was the potential hacker or hackers themsel...
Published: 2025-10-31T13:41:54
Web browsers are getting awfully chatty. They got even chattier last week after OpenAI and Microsoft kicked the AI browser race into high gear with ChatGPT Atlas and a "Copilot Mode" for Edge. They can answer questions, summarize pages, and even take actions on your behalf. The experience is far from seamless yet, but it […] 
Web browsers are getting awfully chatty. They got even chattier last week after OpenAI and Microsoft kicked the AI browser race into high gear with ChatGPT Atlas and a "Copilot Mode" for Edge. They can answer questions, summarize pages, and even ta...
Published: 2025-10-30T11:53:23
WhatsApp is introducing a passwordless way to instantly secure your chat backups. The messaging platform is launching passkey-encrypted backups for iOS and Android, allowing users to quickly encrypt their stored message history using their face, fingerprint, or device screen lock code. The update is rolling out gradually over the coming weeks and months, according to […] 
WhatsApp is introducing a passwordless way to instantly secure your chat backups. The messaging platform is launching passkey-encrypted backups for iOS and Android, allowing users to quickly encrypt their stored message history using their face, fi...
Published: 2025-10-30T09:00:00
You’re going to start seeing more warnings in Chrome when accessing insecure sites. Starting next October, Chrome will soon warn users when they visit a public website without an encrypted HTTPS connection. Chrome already issues a Your connection is not private message when you visit pages that have an HTTPS connection that's misconfigured. But this […] 
You’re going to start seeing more warnings in Chrome when accessing insecure sites. Starting next October, Chrome will soon warn users when they visit a public website without an encrypted HTTPS connection. Chrome already issues a “Your conne...
Published: 2025-10-29T12:00:40
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. [...]
Published: 2025-11-13T11:00:36
Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time. [...]
Published: 2025-11-13T08:00:00
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. [...]
Published: 2025-11-13T07:05:55
Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation Endgame, an international action targeting cybercrime.
Published: 2025-11-13T05:53:39
CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox firewalls, which allows attackers to gain remote code execution on compromised devices. [...]
Published: 2025-11-13T05:03:52
Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems. [.
Published: 2025-11-12T15:59:44
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame disrupted its activity in May. [...]
Published: 2025-11-12T11:34:54
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates. [...]
Published: 2025-11-12T10:29:13
The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies, and transport networks against cyberattacks, linked to annual damages of nearly 15 billion ($19.6 billion). [...]
Published: 2025-11-12T09:08:54
Written by: Stallone D'Souza, Praveeth DSouza, Bill Glynn, Kevin O'Flynn, Yash Gupta Welcome to the Frontline Bulletin Series Straight from Mandiant Threat Defense, the "Frontline Bulletin" series brings you the latest on the threats we are seeing
Published: 2025-11-10T14:00:00
Every November, we make it our mission to equip organizations with the knowledge needed to stay ahead of threats we anticipate in the coming year. The Cybersecurity Forecast 2026 report, released today, provides comprehensive insights to help securi
Published: 2025-11-04T14:00:00
The post How Trump Has Exploited Pardons and Clemency to Reward Allies and Supporters appeared first on ProPublica. The beneficiaries of President Donald Trump’s mercy in his second term have mostly been people with access to the president or his i
Published: 2025-11-12T10:30:00
The post Details of DHS Agreement Reveal Risks of Trump Administration’s Use of Social Security Data for Voter Citizenship Checks appeared first on ProPublica. This year, when states began using an expanded Department of Homeland Security system t
Published: 2025-10-30T09:30:00
Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast out text message lures, and convert phished payment... 
Published: 2025-11-13T14:47:22
For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru ... 
Published: 2025-11-06T02:04:36
Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected In... 
Published: 2025-10-29T00:51:05
The goal of 'oxidizing' the Linux distro hits another bump Two vulnerabilities in Ubuntu 25.10's new "sudo-rs" command have been found, disclosed, and fixed in short order.
Published: 2025-11-13T15:45:08
Nearly 10,000 staff and contractors warned after attackers raided newspaper's Oracle EBS setup The Washington Post has confirmed that nearly 10,000 employees and contractors had sensitive personal data stolen in the Clop-linked Oracle E-Business Suite (EBS) attacks.
Published: 2025-11-13T13:45:13
Operation Endgame also takes down Elysium and VenomRAT infrastructure International cops have pulled apart the Rhadamanthys infostealer operation, seizing 1,025 servers tied to the malware in coordinated raids between November 10-13.
Published: 2025-11-13T12:01:30
Synnovis's 18-month forensic review of Qilin intrusion completed, now affected patients to be notified Synnovis has finally wrapped up its investigation into the 2024 ransomware attack that crippled pathology services across London, ending an 18-month effort to untangle what the NHS supplier describes as one of the most complex data reconstruction jobs it has ever faced.
Published: 2025-11-13T11:13:54
600+ phishing websites and 116 of these use a Google logo Google has filed a lawsuit against 25 unnamed China-based scammers, which it claims have stolen more than 115 million credit card numbers in the US as part of the Lighthouse phishing operation.
Published: 2025-11-12T21:39:24
Vendors (still) keep mum An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine (ISE) bug as zero-days to deploy custom malware, according to Amazon Chief Information Security Officer CJ Moses.
Published: 2025-11-12T17:16:12
Metropolitan Police lands lengthy sentence following 'complex' investigation The Metropolitan Police's seven-year investigation into a record-setting fraudster has ended after she was sentenced to 11 years and eight months in prison on Tuesday.
Published: 2025-11-12T11:21:41
Various touch-ups added as MPs seek greater resilience to attacks on critical sectors UK government introduced the Cyber Security and Resilience (CSR) Bill to Parliament today, marking a significant overhaul of local cybersecurity legislation to sharpen the security posture of the most critical sectors.
Published: 2025-11-12T10:54:21
Skies are open for mischief as hard-to-trace drones and fast-moving cyber raids promise new wave of disruption Britain's aviation watchdog has warned it's only a matter of time before organized drone attacks bring UK airports to a standstill.
Published: 2025-11-12T10:15:07
A new theory from the agency that brought us America hacked itself to blame Beijing China's National Computer Virus Emergency Response Center (CVERC) has alleged a nation-state entity, probably the USA, was behind a 2020 attack on a bitcoin mining operation and by doing so has gone into bat for entities that Beijing usually blasts.
Published: 2025-11-12T04:47:45
Elite teams are pondering cyber-attacks to turn off energy supply or telecoms networks The head of Australia's Security Intelligence Organisation (ASIO) has warned that authoritarian regimes are growing more willing to disrupt or destroy critical infrastructure , using cyber-sabotage.
Published: 2025-11-12T01:17:24
KONNI espionage crew covertly abused Google's Find My Device feature to remotely factory-reset Android phones North Korean state-backed spies have found a new way to torch evidence of their own cyber-spying by hijacking Google's Find Hub service to remotely wipe Android phones belonging to their South Korean targets.
Published: 2025-11-11T16:26:14
Lobbying efforts gain ground as proposals carve myriad holes into regulations Privacy advocates are condemning the European Commission's leaked plans to overhaul digital privacy legislation, accusing officials of bypassing proper legislative processes to favor Big Tech interests.
Published: 2025-11-11T14:30:13
Risk list highlights misconfigs, supply chain failures, and singles out prompt injection in AI apps The Open Worldwide Application Security Project (OWASP) just published its top 10 categories of application risks for 2025, its first list since 2021. It found that while broken access control remains the top issue, security misconfiguration is a strong second, and software supply chain issues are still prominent.
Published: 2025-11-11T13:26:40
Clop's Oracle EBS exploit spree shows no sign of slowing, claims nearly 30 more casualties in media, finance, and tech. Digital engineering outfit GlobalLogic says personal data from more than 10,000 current and former employees was exposed in the wave of Oracle E-Business Suite (EBS) attacks attributed to the Clop ransomware gang. The Hitachi-owned biz joins a growing roster of high-profile victims that also now includes The Washington Post and Allianz UK.
Published: 2025-11-11T12:20:20
Norwegian testers claim maker has remote access, while UK importer says supplier complies with the law UK governmental is working with the National Cyber Security Centre to understand and "mitigate" any risk that China-made imported electric buses could be remotely accessed and potentially disabled.
Published: 2025-11-11T11:55:38
Massive increase in policy claims and data doesn't even cover the major attacks of 2025 The number of successful cyber insurance claims made by UK organizations shot up last year, according to the latest figures from the industry's trade association.
Published: 2025-11-11T11:04:48
Continuous track of long awaited AFV hits the ground ... and the terrain is pretty bumpy The British Army just received its first new armored fighting vehicle (AFV) for nearly three decades, but it is years late, hit by rising costs, is still reportedly injuring its crew, and there are questions about whether it remains relevant in the age of drone warfare.
Published: 2025-11-11T10:09:34
Encryption protects content, not context Updated Mischief-makers can guess the subjects being discussed with LLMs using a side-channel attack, according to Microsoft researchers. They told The Register that models from some providers, including Anthropic, AWS, DeepSeek, and Google, haven't been fixed, putting both personal users and enterprise communications at risk.
Published: 2025-11-11T00:09:48
Resolution acquiesced to by 8 Dems includes CISA Act funding, layoff reversals, and could be easily undone The US Senate voted on Sunday to advance a short-term funding bill for the federal government, moving the country closer to ending its longest-ever shutdown. Part of the spending bill also restores critical cybersecurity programs that lapsed as the shutdown began.
Published: 2025-11-10T19:01:12
One company alone was hit with more than 4,200 emails More than 5,000 businesses that use Facebook for advertising were bombarded by tens of thousands of phishing emails in a credential- and data-stealing campaign.
Published: 2025-11-10T18:34:46
Aleksei Volkov faces years in prison, may have been working with other crews A Russian national will likely face several years in US prison after pleading guilty to a range of offenses related to his work with ransomware crews.
Published: 2025-11-10T15:00:05
Insurance giant's UK arm says cybercriminals misattributed the real victim Allianz UK confirms it was one of the many companies that fell victim to the Clop gang's Oracle E-Business Suite (EBS) attack after crims reported that they had attacked a subsidiary.
Published: 2025-11-10T09:48:13
Breaking down trends in exposure management with insights from 3,000+ organizations and Intruder's security experts Partner Content This year has shown just how quickly new exposures can emerge, with AI-generated code shipped before review, cloud sprawl racing ahead of controls, and shadow IT opening blind spots. Supply chain compromises have disrupted transport, manufacturing, and other critical services. On the attacker side, AI-assisted exploit development is making it faster than ever to turn those weaknesses into working attacks.
Published: 2025-11-10T09:01:20
Doubles parameters to over 17 billion, to detect threats and recommend actions Exclusive Cisco is working on a new AI model that will more than double the number of parameters used to train its current flagship Foundation-Sec-8B.
Published: 2025-11-10T06:56:52
Licensing expert worries they ll be out of control on day one Microsoft has teased what it's calling a new class of AI agents that operate as independent users within the enterprise workforce.
Published: 2025-11-10T02:31:21
PLUS: India's tech services exports growing fast; South Korea puts the bite on TXT spam; NTT gets into autonomous vehicles; and more! Asia In Brief Chinese infosec blog MXRN last week reported a data breach at a security company called Knownsec that has ties to Beijing and Chinas military.
Published: 2025-11-09T23:51:57
PLUS: CISA layoffs continue; Lawmakers criticize camera security; China to execute scammers; And more Infosec in brief There's no indication that the brazen bandits who stole jewels from the Louvre attacked the famed French museum's systems, but had they tried, it would have been incredibly easy.
Published: 2025-11-09T22:34:07
Esra'a Al Shafei spoke with The Reg about the spy tech 'global trade' interview Digital rights activist Esra'a Al Shafei found FinFisher spyware on her device more than a decade ago. Now she's made it her mission to surveil the companies providing surveillanceware, their customers, and their funders.
Published: 2025-11-08T11:08:06
'Precision espionage campaign' began months before the flaw was fixed A previously unknown Android spyware family called LANDFALL exploited a zero-day in Samsung Galaxy devices for nearly a year, installing surveillance code capable of recording calls, tracking locations, and harvesting photos and logs before Samsung finally patched it in April.
Published: 2025-11-07T21:38:35
Multi-year wait for destruction comes to an end for mystery attackers Security experts have helped remove malicious NuGet packages planted in 2023 that were designed to destroy systems years in advance, with some payloads not due to hit until the latter part of this decade.
Published: 2025-11-07T15:26:22
Under shadow of US CLOUD Act, Redmond releases raft of services to calm customers in the EU Microsoft is again banging the data sovereignty drum in Europe, months after admitting in a French court it couldn't guarantee that data will not be transmitted to the US government when it is legally required to do so.
Published: 2025-11-07T12:22:18
This kind of material economic impact from online crooks thought to be a UK-first The Bank of England (BoE) has cited the cyberattack on Jaguar Land Rover (JLR) as one of the reasons for the country's slower-than-expected GDP growth in its latest rates decision.
Published: 2025-11-07T11:44:18
What to do when even your espresso machine needs end-to-end encryption Sponsored Feature The security landscape is getting more perilous day by day, as both nation-state groups and financially-motivated hackers ramp up their activity.
Published: 2025-11-07T09:00:12
Move fast - miscreants compromised a domain controller in 17 hours Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.
Published: 2025-11-06T22:45:53
Plus 2 new critical vulns - patch now Cisco warned customers about another wave of attacks against its firewalls, which have been battered by intruders for at least six months. It also patched two critical bugs in its Unified Contact Center Express (UCCX) software that aren't under active exploitation - yet.
Published: 2025-11-06T18:51:12
Most of you still can't do better than 123456? 123456. admin. password. For years, the IT world has been reminding users not to rely on such predictable passwords. And yet here we are with another study finding that those sorts of quickly-guessable, universally-held-to-be-bad passwords are still the most popular ones.
Published: 2025-11-06T14:00:05
Spies, not crooks, were behind digital heist damage stopped at the backups, says US cybersec biz SonicWall has blamed an unnamed, state-sponsored collective for the September break-in that saw cybercriminals rifle through a cache of firewall configuration backups.
Published: 2025-11-06T12:26:00
Stolen creds let miscreants waltz into 17K employees' chats, spilling info on staff and partners Japanese media behemoth Nikkei has admitted to a data breach after miscreants slipped into its internal Slack workspace, exposing the personal details of more than 17,000 employees and business partners.
Published: 2025-11-06T10:51:00
Strongly-worded emails to staff telling them to be more careful aren't going to cut it anymore Partner Content UK GDPR Article 32 mandates "appropriate security measures". The ICO has defined what that means: multi-million-pound fines for password failures. The violations that trigger them? Small, familiar, and happening in your organization right now.
Published: 2025-11-06T09:00:09
Second time's the charm for after Wiz rejected Google's $23B offer last year Google's second attempt to acquire cloud security firm Wiz is going a lot better than the first, with the Department of Justice clearing the $32 billion deal, which ranks as Google's largest-ever acquisition.
Published: 2025-11-05T17:48:45
Local privileges required to exploit flaw in Ryzen and Epyc CPUs. Some patches available, more on the way AMD will issue a microcode patch for a high-severity vulnerability that could weaken cryptographic keys across Epyc and Ryzen CPUs.
Published: 2025-11-05T15:01:52
Meanwhile, others tried to social-engineer the chatbot itself Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior, according to Google Threat Intelligence Group.
Published: 2025-11-05T14:00:11
Retailer's tech systems aren't down anymore, but the same can't be said for its rocky financials Marks & Spencer says its April cyberattack will cost around 136 million ($177.2 million) in total.
Published: 2025-11-05T11:54:43
A three-letter person experiments with the new type-safe C, and is impressed Famed mathematician, cryptographer and coder Daniel J. Bernstein has tried out the new type-safe C/C++ compiler, and he's given it a favorable report.
Published: 2025-11-05T10:01:55
After a 312M upgrade to the retiring OS, Defra still has 24,000 devices to replace The UK's Department for Environment, Food & Rural Affairs (Defra) has spent 312 million (c $407 million) modernizing its IT estate, including replacing tens of thousands of Windows 7 laptops with Windows 10 which officially reached end of support last month.
Published: 2025-11-05T09:21:23
DHS rule would expand biometric collection to immigrants and some citizens linked to them If you're filing an immigration form - or helping someone who is - the Feds may soon want to look in your eyes, swab your cheek, and scan your face. The US Department of Homeland Security wants to greatly expand biometric data collection for immigration applications, covering immigrants and even some US citizens tied to those cases.
Published: 2025-11-04T22:20:16
Curly COMrades strike again Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.
Published: 2025-11-04T18:53:59
Security program fails to meet federal standards as government cuts drain resources The infosec program run by the US' Consumer Financial Protection Bureau (CFPB) "is not effective," according to a fresh audit published by the Office of the Inspector General (OIG).
Published: 2025-11-04T17:52:46
Check Point lifts lid on a quartet of Teams vulns that made it possible to fake the boss, forge messages, and quietly rewrite history Microsoft Teams, one of the world's most widely used collaboration tools, contained serious, now-patched vulnerabilities that could have let attackers impersonate executives, rewrite chat history, and fake notifications or calls all without users suspecting a thing.
Published: 2025-11-04T14:01:38
The Department of Homeland Security collected data on Chicago residents accused of gang ties to test if police files could feed an FBI watchlist. Months passed before anyone noticed it wasn’t deleted.
Published: 2025-11-12T22:03:20
Google is suing 25 people it alleges are behind a “relentless” scam text operation that uses a phishing-as-a-service platform called Lighthouse.
Published: 2025-11-12T10:00:00
Many critical systems are still being maintained, and the cloud provides some security cover. But experts say that any lapses in protections like patching and monitoring could expose government systems.
Published: 2025-11-07T22:34:26
Despite 83,000 public cameras, crime in Mexico City remains high and widespread surveillance raises myriad ethical issues.
Published: 2025-11-07T11:00:00
Rob Leathern and Rob Goldman, who both worked at Meta, are launching a new nonprofit that aims to bring transparency to an increasingly opaque, scam-filled social media ecosystem.
Published: 2025-11-06T11:30:00
In addition to affordability, New York City’s mayor-elect will be forced to reckon with the NYPD’s sweeping mass surveillance operations.
Published: 2025-11-05T17:51:01
In a bulletin to law enforcement agencies, the FBI said criminal impersonators are exploiting ICE’s image and urged nationwide coordination to distinguish real operations from fakes.
Published: 2025-11-04T19:30:23
As the Trump administration ramps up its targeting of left-leaning people and groups, the prosecution and harsh sentencing of Casey Goonan may provide a glimpse of things to come.
Published: 2025-11-03T10:30:00
A major breach of the Kansas City, Kansas, Police Department reveals, for the first time, a list of alleged officer misconduct including dishonesty, sexual harassment, excessive force, and false arrest.
Published: 2025-11-03T10:00:00
This week on Uncanny Valley, we break down how one of the most common card shufflers could be altered to cheat, and why that matters even for those who don’t frequent the poker table.
Published: 2025-10-31T09:00:00
A new ICE proposal outlines a 24/7 transport operation run by armed contractors turning Texas into the logistical backbone of an industrialized deportation machine.
Published: 2025-10-30T16:48:24
The X-59 successfully completed its inaugural flight a step toward developing quieter supersonic jets that could one day fly customers more than twice as fast as commercial airliners.
Published: 2025-10-30T14:20:59
The second major cloud outage in less than two weeks, Azure’s downtime highlights the “brittleness” of a digital ecosystem that depends on a few companies never making mistakes.
Published: 2025-10-29T20:20:07
Peter Williams, a former executive of Trenchant, L3Harris’ cyber division, has pleaded guilty to two counts of stealing trade secrets and selling them to an unnamed Russian software broker.
Published: 2025-10-29T17:13:16
Cybersecurity researchers have uncovered a malicious Chrome extension that poses as a legitimate Ethereum wallet but harbors functionality to exfiltrate users' seed phrases. The name of the extension is "Safery: Ethereum Wallet," with the threat actor describing it as a "secure wallet for managing Ethereum cryptocurrency with flexible settings." It was uploaded to the Chrome Web Store on
Published: 2025-11-13T18:34:00
The Race for Every New CVE Based on multiple 2025 industry reports: roughly 50 to 61 percent of newly disclosed vulnerabilities saw exploit code weaponized within 48 hours. Using the CISA Known Exploited Vulnerabilities Catalog as a reference, hundreds of software flaws are now confirmed as actively targeted within days of public disclosure. Each new announcement now triggers a global race
Published: 2025-11-13T17:00:00
Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust. The activity, which is taking place between November 10 and 13, 2025, marks the latest phase of Operation Endgame, an ongoing operation designed to take down criminal infrastructures and combat ransomware enablers
Published: 2025-11-13T16:46:00
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us. But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems to keep people safe. It’s a constant race every
Published: 2025-11-13T15:40:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including
Published: 2025-11-13T12:53:00
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. "The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years," Endor Labs
Published: 2025-11-13T10:28:00
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. The PhaaS kit is used to conduct large-scale SMS phishing attacks that exploit trusted brands like E-ZPass and USPS to
Published: 2025-11-12T21:18:00
Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. "This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure
Published: 2025-11-12T19:30:00
Every day, security teams face the same problem too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind. But what if there was a smarter way to stay ahead without adding more work or stress? Join The Hacker News and Bitdefender for a free cybersecurity webinar to learn about a new approach called Dynamic Attack
Published: 2025-11-12T17:25:00
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active
Published: 2025-11-12T16:37:00
Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are related to privilege escalation, followed by 16 remote code execution, 11 information disclosure, three
Published: 2025-11-12T15:51:00
Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not
Published: 2025-11-12T14:05:00
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp. According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.
Published: 2025-11-12T00:07:00
The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours of initial infection. "
Published: 2025-11-11T21:14:00
AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations. Download the full CISO’s expert guide to AI Supply chain attacks here. TL;DR AI-enabled supply chain attacks are exploding in scale and sophistication - Malicious package uploads to open-source repositories jumped 156% in
Published: 2025-11-11T17:28:00
Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate "@actions/artifact" package with the intent to target GitHub-owned repositories. "We think the intent was to have this script execute during a build of a GitHub-owned repository, exfiltrate the tokens available to the build environment, and then use those tokens to publish
Published: 2025-11-11T17:25:00
Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that's sold on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model. According to its seller, the malware enables device control and espionage, allowing threat actors to collect SMS messages, contacts, call logs, images, and videos, as well as intercept, reply,
Published: 2025-11-11T17:14:00
Google's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads. The
Published: 2025-11-11T02:19:00
The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control. "Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs," the Genians
Published: 2025-11-11T01:59:00
Cyber threats didn’t slow down last week and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear shift: cybercrime is evolving fast
Published: 2025-11-10T18:21:00
According to the new Browser Security Report 2025, security leaders are discovering that most identity, SaaS, and AI-related risks converge in a single place, the user’s browser. Yet traditional controls like DLP, EDR, and SSE still operate one layer too low. What’s emerging isn’t just a blindspot. It’s a parallel threat surface: unmanaged extensions acting like supply chain implants, GenAI
Published: 2025-11-10T17:28:06
Cybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials by deploying malware like PureRAT. "The attacker's modus operandi involved using a compromised email account to send malicious messages to multiple hotel establishments," Sekoia said. "This campaign
Published: 2025-11-10T14:41:00
Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code (VS Code) ecosystem. The extensions in question, which are still available for download, are listed below - ai-driven-dev.ai-driven-dev (3,402 downloads) adhamu.history-in-sublime-merge (4,057
Published: 2025-11-10T14:21:00
Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This leakage of data exchanged between humans and streaming-mode language models could pose serious risks to
Published: 2025-11-08T19:59:00
A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-bounds write flaw in the "libimagecodec.quram.so" component that could allow remote attackers to execute arbitrary
Published: 2025-11-07T23:30:00
A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S. entities that are linked to or involved in policy issues. The organization, according to a report from Broadcom's Symantec and Carbon Black teams, is "active in attempting to influence U.S. government
Published: 2025-11-07T21:37:00
A set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database operations and corrupt industrial control systems. According to software supply chain security company Socket, the packages were published in 2023 and 2024 by a user named "shanhai666" and are designed to run malicious code after specific trigger dates in August 2027 and
Published: 2025-11-07T17:25:00
Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she’s just made a big mistake. Sarah just accidentally handed over her login details to cybercriminals who are laughing all the way to their dark web
Published: 2025-11-07T16:00:00
Google on Thursday said it's rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments. The approach is designed to tackle a common practice called review bombing, where online users intentionally post negative user reviews in an
Published: 2025-11-07T14:45:00
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence in other words, vibe-coded. Secure Annex researcher John Tuckner, who flagged the extension "susvsex," said it does not attempt to hide its malicious functionality. The extension was uploaded on
Published: 2025-11-07T12:18:00
A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense, describing it as Russia-aligned. "InedibleOchotense sent spear-phishing emails and Signal text messages, containing a link
Published: 2025-11-06T21:01:00
Cisco on Wednesday disclosed that it became aware of a new attack variant that's designed to target devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software releases that are susceptible to CVE-2025-20333 and CVE-2025-20362. "This attack can cause unpatched devices to unexpectedly reload, leading to denial-of-service
Published: 2025-11-06T20:28:00
Introduction Financial institutions are facing a new reality: cyber-resilience has passed from being a best practice, to an operational necessity, to a prescriptive regulatory requirement. Crisis management or Tabletop exercises, for a long time relatively rare in the context of cybersecurity, have become required as a series of regulations has introduced this requirement to FSI organizations in
Published: 2025-11-06T17:29:00
Cybercrime has stopped being a problem of just the internet it’s becoming a problem of the real world. Online scams now fund organized crime, hackers rent violence like a service, and even trusted apps or social platforms are turning into attack vectors. The result is a global system where every digital weakness can be turned into physical harm, economic loss, or political leverage.
Published: 2025-11-06T17:10:00
Bitdefender has once again been recognized as a Representative Vendor in the Gartner Market Guide for Managed Detection and Response (MDR) marking the fourth consecutive year of inclusion. According to Gartner, more than 600 providers globally claim to deliver MDR services, yet only a select few meet the criteria to appear in the Market Guide. While inclusion is not a ranking or comparative
Published: 2025-11-06T16:13:00
The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, Alpine Linux-based virtual machine. "This hidden environment, with its lightweight
Published: 2025-11-06T12:52:00
SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files. "The malicious activity carried out by a state-sponsored threat actor was isolated to the unauthorized access of cloud backup files from a specific cloud environment using an API call," the company said in a
Published: 2025-11-06T11:10:00
Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion. "PROMPTFLUX is written in VB Script and interacts with Gemini's API to request specific VBScript obfuscation and
Published: 2025-11-05T21:03:00
Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users' memories and chat histories without their knowledge. The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI's GPT-4o and GPT-5 models. OpenAI has
Published: 2025-11-05T19:34:00
Raise your hand if you’ve heard the myth, “Android isn’t secure.” Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security after all, work data is critical. However, outdated concerns can hold your business back from unlocking its full potential. The truth is, with work happening everywhere, every device connected to your
Published: 2025-11-05T17:25:00
A never-before-seen threat activity cluster codenamed UNK_SmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel. "UNK_SmudgedSerpent leveraged domestic political lures, including societal change in Iran and investigation into the
Published: 2025-11-05T16:50:00
The U.S. Treasury Department on Tuesday imposed sanctions against eight individuals and two entities within North Korea's global financial network for laundering money for various illicit schemes, including cybercrime and information technology (IT) worker fraud. "North Korean state-sponsored hackers steal and launder money to fund the regime's nuclear weapons program," said Under Secretary of
Published: 2025-11-05T16:25:00
Behind every alert is an analyst; tired eyes scanning dashboards, long nights spent on false positives, and the constant fear of missing something big. It’s no surprise that many SOCs face burnout before they face their next breach. But this doesn’t have to be the norm. The path out isn’t through working harder, but through working smarter, together. Here are three practical steps every SOC can
Published: 2025-11-05T16:00:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-11371 (CVSS score: 7.5) - A vulnerability in files or directories accessible to
Published: 2025-11-05T11:42:00
The nascent collective that combines three prominent cybercrime groups, Scattered Spider, LAPSUS$, and ShinyHunters, has created no less than 16 Telegram channels since August 8, 2025. "Since its debut, the group's Telegram channels have been removed and recreated at least 16 times under varying iterations of the original name a recurring cycle reflecting platform moderation and the operators'
Published: 2025-11-04T22:55:00
Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of 600 million (~$688 million). According to a statement released by Eurojust today, the action took place between October 27 and 29 across Cyprus, Spain, and Germany, with the suspects arrested on charges of involvement in
Published: 2025-11-04T21:27:00
Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system (OS) commands under certain conditions. "The vulnerability allows remote unauthenticated attackers to easily trigger arbitrary OS command execution on the machine running react-native-community/cli's
Published: 2025-11-04T19:54:00
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks. The vulnerabilities "allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications," Check Point said in a report shared with The Hacker News. Following responsible disclosure in March
Published: 2025-11-04T19:30:00
Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide. A ransomware attack typically begins when the malware infiltrates a system through various vectors such as
Published: 2025-11-04T16:36:00
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus. According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised hosts that uses OpenSSH in conjunction with a customized Tor hidden service that employs obfs4 for
Published: 2025-11-04T16:19:00
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame, carried out between November 10 and 13, 2025, dismantling major malware families including Rhadamanthys Stealer, Venom RAT, and the Elysium botnet as part of a global effort […]
Published: 2025-11-13T15:19:40
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: In mid-October, […]
Published: 2025-11-13T11:29:10
Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon’s threat intelligence researchers spotted an advanced threat actor exploiting two previously undisclosed zero-day flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC to deliver custom malware. Attackers also exploited multiple undisclosed vulnerabilities. Amazon’s […]
Published: 2025-11-13T08:42:58
Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a massive text message phishing operation, or “smishing.” The organization uses a phishing-as-a-service kit named “Lighthouse” to steal sensitive financial information by sending […]
Published: 2025-11-12T20:25:09
DanaBot returns after 6 months with a new Windows variant (v669), marking its comeback after being disrupted by Operation Endgame in May. DanaBot has resurfaced with a new variant (version 669) targeting Windows systems, six months after Operation Endgame disrupted its activity in May, according to Zscaler ThreatLabz. The researchers identified a set of command […]
Published: 2025-11-12T19:18:29
Australia’s spy chief warns China-linked actors are probing critical infrastructure and preparing for cyber sabotage and espionage. Australia’s intelligence chief Mike Burgess warned that China-linked threat actors are probing critical infrastructure and, in some cases, have gained access. He said at least two Chinese state-sponsored groups are positioning themselves for future sabotage and espionage operations […]
Published: 2025-11-12T14:21:36
Synology fixed a critical BeeStation RCE flaw (CVE-2025-12686) shown at Pwn2Own, caused by unchecked buffer input allowing code execution. Synology patched a critical remote code execution (RCE) flaw, tracked as CVE-2025-12686 (CVSS score 9.8), in BeeStation, demonstrated during the hacking competition Pwn2Own Ireland 2025. BeeStation is a plug-and-play device that turns traditional storage into a […]
Published: 2025-11-12T10:02:00
“Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), also known as the “Bitcoin Queen,” to 11 years and eight months in jail for laundering $7.3B from a crypto scam that defrauded 128K […]
Published: 2025-11-12T07:42:07
Microsoft fixed over 60 flaws, including an actively exploited Windows kernel zero-day, in its latest Patch Tuesday updates. Microsoft’s Patch Tuesday security updates for November 2025 addressed 63 vulnerabilities impacting Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure Monitor Agent, Dynamics 365, Hyper-V, SQL Server, and the Windows Subsystem for Linux […]
Published: 2025-11-12T06:14:09
SAP fixed 19 security issues, including a critical flaw in SQL Anywhere Monitor with hardcoded credentials that could enable remote code execution. SAP addressed 19 security vulnerabilities, including a critical flaw in SQL Anywhere Monitor, with the release of November 2025 notes. The vulnerability, tracked as CVE-2025-42890 (CVSS score of 10/10), is an insecure key […]
Published: 2025-11-11T21:02:24