Exploits allow for persistent backdooring when targets open booby-trapped archive. A high-severity zero-day in the widely used WinRAR file compressor is under active exploitat
Published: 2025-08-12T00:13:14
Running JavaScript from inside an image? What could possibly go wrong? Dozens of porn sites are turning to a familiar source to generate likes on Facebook malware that causes
Published: 2025-08-08T19:41:00
Stopping people from falling for phishing attacks isn't working. So what are organizations to do? Cisco said that one of its representatives fell victim to a voice phishing at
Published: 2025-08-05T18:28:10
System prompt engineering turns benign AI assistants into 'investigator' and 'detective' roles that bypass privacy guardrails A team of boffins is warning that AI chatbots built on large language models (LLM) can be tuned into malicious agents to aut
Published: 2025-08-15T08:30:15
The United Kingdom will no longer force Apple to provide backdoor access to secure user data protected by the company's iCloud encryption service, according to US Director of National Intelligence Tulsi Gabbard. Over the past few months, I ve been working closely with our partners in the UK, alongside @POTUS and @VP, to ensure Americans’ private data […] 
The United Kingdom will no longer force Apple to provide backdoor access to secure user data protected by the company’s iCloud encryption service, according to US Director of National Intelligence Tulsi Gabbard. “Over the past few months, I’ve been...
Published: 2025-08-19T05:11:23
Just a few days after administrators announced that the federal Judiciary is taking additional steps to strengthen protections for sensitive case documents in response to recent escalated cyberattacks, the New York Times reports investigators have found evidence Russia is at least partially responsible for a recent hack. Politico reported on the breach last week, saying […] 
Just a few days after administrators announced that the “federal Judiciary is taking additional steps to strengthen protections for sensitive case documents in response to recent escalated cyberattacks,” the New York Times reports investigators hav...
Published: 2025-08-12T19:18:29
Unplugged, a company cofounded and backed by Erik Prince, who is also the founder of infamous private military contractor Blackwater, has just released a new version of its "privacy-first" UP Phone that will be made in the US - at some point. The original UP Phone was described by the company as "the ultimate privacy-focused […] 
Unplugged, a company cofounded and backed by Erik Prince, who is also the founder of infamous private military contractor Blackwater, has just released a new version of its "privacy-first" UP Phone that will be made in the US - at some point. The o...
Published: 2025-08-12T12:00:00
Passwords still seem to be the most popular method of ensuring that the right person is using the right app or service, despite the slow adoption of passkeys, which are considered more secure. And because we should be using different ones for each device and/or app, the best way to track all of them is […] 
Passwords still seem to be the most popular method of ensuring that the right person is using the right app or service, despite the slow adoption of passkeys, which are considered more secure. And because we should be using different ones for each ...
Published: 2025-08-10T11:00:00
Nvidia's chief security officer has published a blog post insisting that its GPUs do not and should not have kill switches and backdoors. It comes amid pressure from both sides of the Pacific, with some US lawmakers pushing Nvidia to grant the government backdoors to AI chips, while Chinese officials have alleged that they already […] 
Nvidia’s chief security officer has published a blog post insisting that its GPUs “do not and should not have kill switches and backdoors.” It comes amid pressure from both sides of the Pacific, with some US lawmakers pushing Nvidia to grant the go...
Published: 2025-08-06T07:27:18
Researchers have already found a critical vulnerability in the new NLWeb protocol Microsoft made a big deal about just a few months ago at Build. It's a protocol that's supposed to be HTML for the Agentic Web, offering ChatGPT-like search to any website or app. Discovery of the embarrassing security flaw comes in the early […] 
Researchers have already found a critical vulnerability in the new NLWeb protocol Microsoft made a big deal about just a few months ago at Build. It’s a protocol that’s supposed to be “HTML for the Agentic Web,” offering ChatGPT-like search to any ...
Published: 2025-08-06T06:30:33
Noah Michael Urban, a key member of the Scattered Spider cybercrime collective, was sentenced to 10 years in prison on Wednesday after pleading guilty to charges of wire fraud and conspiracy in April. [...]
Published: 2025-08-21T04:34:20
Orange Belgium, a subsidiary of telecommunications giant Orange Group, disclosed on Wednesday that attackers who breached its systems in July have stolen the data of approximately 850,000 customers. [...]
Published: 2025-08-21T03:07:11
Cybercriminals are increasingly abusing the AI-powered Lovable website creation and hosting platform to generate phishing pages, malware-dropping portals, and various fraudulent websites. [...]
Published: 2025-08-20T18:11:05
Apple has released emergency updates to patch another zero-day vulnerability that was exploited in an "extremely sophisticated attack." [...]
Published: 2025-08-20T14:44:31
The U.S. Department of Justice (DoJ) announced charges against the alleged developer and administrator of the "Rapper Bot" DDoS-for-hire botnet. [...]
Published: 2025-08-20T13:40:20
Hackers are using a novel technique that combines legitimate office.com links with Active Directory Federation Services (ADFS) to redirect users to a phishing page that steals Microsoft 365 logins. [...]
Published: 2025-08-20T11:33:54
Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. [...]
Published: 2025-08-20T10:49:53
Email security is stuck where antivirus was a decade ago focused only on prevention. Learn from Material Security why it's time for an "EDR for email" mindset: visibility, post-compromise controls, and SaaS-wide protection. [...]
Published: 2025-08-20T10:01:11
Written by: Marco Galli Welcome to the Frontline Bulletin Series Straight from Mandiant Threat Defense, the "Frontline Bulletin" series brings you the latest on the most intriguing compromises we are seeing in the wild right now, equipping our comm
Published: 2025-08-20T14:00:00
by Megan Rose and Debbie Cenziper ProPublica is a nonpr
Published: 2025-08-12T05:00:00
A 21-year-old Florida man at the center of a prolific cybercrime group known as "Scattered Spider" was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of Palm Coast, Fla. pleaded guilty in April 2025 to charges of wire fraud and conspiracy. Florida prosecutors alleged Urban conspired with others to steal at least $800,000 from five victims via SIM-swapping attacks that diverted their mobile phone calls and text messages to devices controlled by Urban and his co-conspirators. 
A 20-year-old Florida man at the center of a prolific cybercrime group known as “Scattered Spider” was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of ...
Published: 2025-08-21T01:47:22
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these t... 
Published: 2025-08-15T18:27:05
Microsoft today released updates to fix more than 100 security flaws in its Windows operating systems and other software. At least 13 of the bugs received Microsoft’s most-dire “critical” rating, meaning they could be abused by malw... 
Published: 2025-08-12T22:14:41
A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius Kivim ki, a prolific Finnish hacker recently convicted of leaking tens of thousands of pa... 
Published: 2025-08-08T21:38:01
He was linked to many cryptocurrency thefts.... 
Published: 2025-08-20T20:40:19
Great Firewall took out all traffic to port 443 at a time Beijing didn't have an obvious need to keep its netizens in the dark China cut itself off from much of the global internet for just over an hour on Wednesday.
Published: 2025-08-21T01:48:53
Redmond doesn't bother informing customers about some security fixes UPDATED Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.
Published: 2025-08-20T23:59:13
Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's machine, and run arbitrary code.
Published: 2025-08-20T21:01:09
Snarfing up config files for 'thousands' of devices just for giggles, we're sure The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks and collect information on industrial systems.
Published: 2025-08-20T18:20:14
Researchers disclosing their findings said 'it's as bad as it sounds' Updated Researchers at watchTowr just published working proof-of-concept exploits for two unauthenticated remote code execution bug chains in backup giant Commvault.
Published: 2025-08-20T17:03:57
iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.
Published: 2025-08-20T16:45:07
Burger slinger gets a McRibbing, reacts by firing staffer who helped A white-hat hacker has discovered a series of critical flaws in McDonald's staff and partner portals that allowed anyone to order free food online, get admin rights to the burger slinger's marketing materials, and could allow an attacker to get a corporate email account with which to conduct a little filet-o-phishing.
Published: 2025-08-20T07:34:10
Reconfigure local app settings via a 'simple' POST request A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people's personal computers, spy on their local chats, and even control the models the victim's app talks to, in extreme cases by serving poisoned models.
Published: 2025-08-19T21:57:15
Intruders hoped no one would notice their presence Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux servers.
Published: 2025-08-19T20:28:11
Toronto company says weekend cyber raid hit internal IT, not punters' wallets Canadian casino software slinger Bragg Gaming Group has disclosed a "cybersecurity incident," though it's adamant the intruders never got their hands on customer data.
Published: 2025-08-19T15:31:12
Tulsi Gabbard boasts Washington forced Blighty to drop iPhone encryption fight The UK government has reportedly abandoned its attempt to strong-arm Apple into weakening iPhone encryption after the White House forced Blighty into a quiet climb-down.
Published: 2025-08-19T09:17:11
Developer demand for sovereign cloud from tech giant is on the rise, says exec Interview Google's President of Customer Experience, Hayete Gallot, offered some words of comfort to developers who are looking nervously at the rise of AI assistants while also laying out her vision for cloud sovereignty.
Published: 2025-08-19T08:30:14
CEO says if you buy all your infosec stuff from him, life under assault from bots will be less painful Brace for a new round of browser wars, according to Palo Alto Networks CEO Nikesh Arora.
Published: 2025-08-19T06:33:07
High accuracy scores come from conditions that don't reflect real-world usage Facial recognition technology has been deployed publicly on the basis of benchmark tests that reflect performance in laboratory settings, but some academics are saying that real-world performance doesn't match up.
Published: 2025-08-18T22:39:43
Spy vs spy in the chips Comment Chinese state media called the US an aspiring "surveillance empire" over its proposed use of asset tracking tags to crack down on black-market GPU shipments to the Middle Kingdom.
Published: 2025-08-18T20:04:31
Supply chain breach has been a major target of legal action Microsoft-owned talk-to-text outfit Nuance has agreed to cough up $8.5 million to settle a class action lawsuit over the sprawling MOVEit Transfer mega-breach although it admits no liability.
Published: 2025-08-18T16:04:13
HR SaaS giant insists core systems untouched Workday has admitted that attackers gained access to one of its third-party CRM platforms, but insists its core systems and customer tenants are untouched.
Published: 2025-08-18T14:31:11
Sni5Gect research crew targets sweet spot during device / network handshake pause Security boffins have released an open source tool for poking holes in 5G mobile networks, claiming it can do up- and downlink sniffing and a novel connection downgrade attack - plus "other serious exploits" they're keeping under wraps, for now.
Published: 2025-08-18T10:45:06
When you're asking AI chatbots for answers, they're data-mining you Opinion Recently, OpenAI ChatGPT users were shocked shocked, I tell you! to discover that their searches were appearing in Google search. You morons! What do you think AI chatbots are doing? Doing all your homework for free or a mere $20 a month? I think not!
Published: 2025-08-18T10:00:10
If you wanted to hurt Putin's ransomware racketeers, these info-stealing npm packages are one way to do it Researchers at software supply chain security outfit Safety think they ve found malware that targets Russian cryptocurrency developers, and perhaps therefore Russia's state-linked ransomware crews
Published: 2025-08-18T06:36:06
PLUS: Kryptos solution up for auction; Canadian parliament springs a leak; Fake crypto lawyers; And more Infosec In Brief New York State is suing bank-owned peer-to-peer payment app Zelle, claiming that the banks behind it knew fraud was rampant on the platform but allowed scammers to conduct business with impunity.
Published: 2025-08-17T23:03:36
'Hope for the best, but prepare for the worst,' one tells The Reg Feature Bill Gates, an Arizona election official and former Maricopa County supervisor, says that the death threats started shortly after the 2020 presidential election.
Published: 2025-08-16T16:16:11
Is that a JuicyPotato on your network? A suspected Chinese-government-backed cyber crew recently broke into a Taiwanese web hosting provider to steal credentials and plant backdoors for long-term access, using a mix of open-source and custom software tools, Cisco Talos reports.
Published: 2025-08-15T21:47:41
Switchzilla's summer of perfect 10s Cisco has issued a patch for a maximum-severity bug in its Secure Firewall Management Center (FMC) software that could allow an unauthenticated, remote attacker to inject arbitrary shell commands on vulnerable systems.
Published: 2025-08-15T17:37:50
Who knew zero-days could be so useful to highway speedsters? The lingering effects of a cyberattack on the Public Prosecution Service of the Netherlands are preventing it from reactivating speed cameras across the country.
Published: 2025-08-15T11:45:08
London-based multinational takes customer portal and Voice API platform offline as 'protective measure' following breach Updated Multinational telco Colt Technology Services says a "cyber incident" is to blame for its customer portal and other services being down for a number of days.
Published: 2025-08-15T10:24:17
System prompt engineering turns benign AI assistants into 'investigator' and 'detective' roles that bypass privacy guardrails A team of boffins is warning that AI chatbots built on large language models (LLM) can be tuned into malicious agents to autonomously harvest users personal data, even by attackers with "minimal technical expertise , thanks to "system prompt" customization tools from OpenAI and others.
Published: 2025-08-15T08:30:15
As 9 billion MoU sparks debate about value for money, it's time to have your say Register debate series It's a lot of money, 9 billion ($12 billion). Especially for a government which finds itself for whatever reason in a fiscal dead end.
Published: 2025-08-15T06:45:06
Some custom malware, some legit software tools At least a dozen ransomware gangs have incorporated kernel-level EDR killers into their malware arsenal, allowing them to bypass almost every major endpoint security tool on the market, escalate privileges, and ultimately steal and encrypt data before extorting victims into paying a ransom.
Published: 2025-08-14T22:35:14
Government and police employee credentials sold at bargain-basement prices on underground forums Criminals are selling access to FBI and other law enforcement and government email accounts to other criminals via dark web marketplaces for as little as $40.
Published: 2025-08-14T19:03:13
Researchers had to notify over 100 vendors of flaw that builds on 2023's Rapid Reset with neat twist past usual mitigations Security researchers Gal Bar Nahum, Anat Bremler-Barr, and Yaniv Harel have published details of a "common design flaw" in implementations of the HyperText Transfer Protocol 2 (HTTP/2) allowing those with ill intent to create "massive Denial of Service attacks".
Published: 2025-08-14T17:39:13
The agency offered some tips for operational technology environments, where attacks are rising CISA is urging companies with operational technology environments to set a better cybersecurity posture, and not just by adopting some new best practices and purchasing some new software.
Published: 2025-08-14T17:16:11
Turkish exchange is the latest victim of a recent spate of major crypto thefts Turkish cryptocurrency exchange BtcTurk is halting all deposits and withdrawals amid fears that blockchain bandits succeeded in significantly compromising its hot wallets.
Published: 2025-08-14T16:15:11
Moscow-linked miscreants accused of swiping sealed US court files and fiddling with a Norwegian dam's floodgates Russian attackers reportedly spent months rummaging through the US federal court's creaky case-management system, while Norway reckons the same Kremlin-friendly miscreants took control of a dam's controls a transatlantic double-act in legal files and floodgates.
Published: 2025-08-14T12:45:08
Nearly 100,000 records allegedly up for sale after apparent breach at booking system Italy's digital agency (AGID) says a cybercriminal's claims concerning a spate of data thefts affecting various hotels across the country are genuine.
Published: 2025-08-14T11:15:13
Intruders accessed important systems but tells customers their data is safe Updated A UK-based multinational that provides tech stock availability tools is telling customers that its website outage is due to a cyber attack.
Published: 2025-08-14T10:10:41
Are UK taxpayers getting real value from SPA24 or just high cost convenience? Register debate series The UK government's five-year Strategic Partnership Agreement (SPA24) with Microsoft is set to see public sector bodies spend around 1.9 billion each year nearly 9 billion in total over half a decade. It's a vast sum for software and services, and one that deserves close scrutiny.
Published: 2025-08-14T07:30:15
If there's smoke? Fortinet warned customers about a critical FortiSIEM bug that could allow an unauthenticated attacker to execute unauthorized commands, and said working exploit code for the flaw has been found in the wild.
Published: 2025-08-13T19:15:32
CVE-2017-11882 in discontinued Equation Editor still attracting keylogger campaigns despite software being killed off in 2018 Very few people are immune to the siren song of nostalgia, a yearning for a "better time" when this was all fields and kids respected their elders - and it looks like cyber criminals are no exception.
Published: 2025-08-13T15:45:08
Seven additional regions across England will now have access to the controversial tech A fresh expansion of UK crimefighters' access to live facial recognition (LFR) technology is being described by officials as "an excellent opportunity for policing." Privacy campaigners disagree.
Published: 2025-08-13T11:30:09
Shock news: billionaire techpreneur is not a fan Geek-turned-venture-capitalist Marc Andreessen has weighed in on the arguments surrounding the UK's Online Safety Act, accusing the UK government of leaking his input.
Published: 2025-08-13T10:45:07
For now at least, even though government buying can improve, open source is not all it's cracked up to be Register debate series Not for the first time, Microsoft is in the spotlight for the UK government's money it voraciously consumes apparently 1.9 billion a year in software licensing, and roughly 9 billion over five years.
Published: 2025-08-13T10:00:12
Foundation warns federated servers face biggest risk, but single-instance users can take their time Updated The maintainers of the federated secure chat protocol Matrix are warning users of a pair of "high severity protocol vulnerabilities," addressed in the latest version, saying patching them requires a breaking change in servers and clients.
Published: 2025-08-13T09:15:15
Minnesota's capital is the latest to feature on Interlock's leak blog after late-July cyberattack The Interlock ransomware gang has flaunted a 43GB haul of files allegedly stolen from the city of Saint Paul, following a late-July cyberattack that forced the Minnesota capital to declare a state of national emergency.
Published: 2025-08-13T06:15:09
Tells court 'What I did was wrong and I want to apologize for my conduct' Terraform Labs founder Do Kwon has pled guilty to committing fraud when promoting the so-called "stablecoin" Terra USD and now faces time in jail.
Published: 2025-08-13T02:29:07
None under active exploit yet Microsoft's August Patch Tuesday flaw-fixing festival addresses 111 problems in its products, a dozen of which are deemed critical, and one moderate-severity flaw that is listed as being publicly known.
Published: 2025-08-12T23:34:37
And yes, there's the usual credit monitoring Global staffing firm Manpower confirmed ransomware criminals broke into its Lansing, Michigan franchise's network and stole personal information belonging to 144,189 people, months after the extortionists claimed that they pilfered "all of [the company's] confidential data."
Published: 2025-08-12T19:49:56
Website, emails, and phones are down for a second day The Pennsylvania's Office of Attorney General (OAG) is blaming a digital blackout of its services on a "cyber incident."
Published: 2025-08-12T16:45:08
US cops yank servers, domains, and crypto from the Russia-linked gang - but the crooks remain at large In a display of bureaucratic bravado, US law enforcement agencies say they've disrupted the BlackSuit ransomware gang (also known as Royal), freeing millions of dollars in virtual currency from its clutches.
Published: 2025-08-12T15:00:13
Scattered Spider, ShinyHunters, and Lapsus$ spent the weekend bragging to each other on a Telegram channel Prolific cybercrime collectives Scattered Spider, ShinyHunters, and Lapsus$ appear to be working together to break into businesses' networks, steal their data, and force an extortion payment.
Published: 2025-08-12T12:00:08
Customs and Border Protection agents searched nearly 15,000 devices from April through June of this year, a nearly 17 percent spike over the previous three-month high in 2022.
Published: 2025-08-20T16:01:25
Led by US senator Jon Ossoff, the investigation cites hundreds of reports since January, including accounts of miscarriages, child neglect, and sexual abuse at ICE detention centers in dozens of states.
Published: 2025-08-19T17:15:29
Nearly a million records, which appear to be linked to a medical-cannabis-card company in Ohio, included Social Security numbers, government IDs, health conditions, and more.
Published: 2025-08-19T16:14:22
Scam compounds in Cambodia, Myanmar, and Laos have conned people out of billions. New research shows they may be linked to child sextortion crimes too.
Published: 2025-08-19T14:11:31
Plus: ICE agents accidentally add a random person to a sensitive group chat, Norwegian intelligence blames the Kremlin for hacking a dam, and new facial recognition vans roam the UK.
Published: 2025-08-16T10:30:00
The breach of the US Courts records system came to light more than a month after the attack was discovered. Details about what was exposed and who’s responsible remain unclear.
Published: 2025-08-14T10:20:00
After reporters found dozens of firms hiding privacy tools from search results, US senator Maggie Hassan insists the companies explain their practices and pledge to improve access to privacy controls.
Published: 2025-08-13T18:00:00
Dozens of companies are hiding how you can delete your personal data, The Markup and CalMatters found.
Published: 2025-08-12T12:30:00
Palantir is often called a data broker, a data miner, or a giant database of personal information. In reality, it’s none of these but even former employees struggle to explain it.
Published: 2025-08-11T11:00:00
Gaming cheats are the bane of the video game industry and a hot commodity. A recent study found that cheat creators are making a fortune from gamers looking to gain a quick edge.
Published: 2025-08-11T10:00:00
POS scams are difficult but not impossible to pull off. Here's how they work and how you can protect yourself.
Published: 2025-08-10T10:00:00
Quantum sensors can be used in medical technologies, navigation systems, and more, but they’re too expensive for most people. That's where the Uncut Gem open source project comes in.
Published: 2025-08-09T18:40:47
Plus: Instagram sparks a privacy backlash over its new map feature, hackers steal data from Google's customer support system, and the true scope of the Columbia University hack comes into focus.
Published: 2025-08-09T10:30:00
At the Defcon security conference in Las Vegas on Friday, Nakasone tried to thread the needle in a politically fraught moment while hinting at major changes for the tech community around the corner.
Published: 2025-08-08T23:21:40
Security researchers found two techniques to crack at least eight brands of electronic safes used to secure everything from guns to narcotics that are sold with Securam Prologic locks.
Published: 2025-08-08T20:20:30
A security researcher discovered that flawed API configurations are plaguing corporate livestreaming platforms, potentially exposing internal company meetings and he's releasing a tool to find them.
Published: 2025-08-08T17:00:00
A pair of hackers found that a vape detector often found in high school bathrooms contained microphones and security weaknesses that could allow someone to turn it into a secret listening device.
Published: 2025-08-08T13:00:00
Spreadsheets, Slack messages, and files linked to an alleged group of North Korean IT workers expose their meticulous job-planning and targeting and the constant surveillance they're under.
Published: 2025-08-07T23:15:00
A string of US armory break-ins, kept quiet by authorities for months, points to a growing security crisis and signs of an inside job.
Published: 2025-08-07T18:21:54
Researchers found that an encryption algorithm likely used by law enforcement and special forces can have weaknesses that could allow an attacker to listen in.
Published: 2025-08-07T18:09:07
A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts. Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity theft back in April 2025. News of Urban's sentencing was reported by Bloomberg and Jacksonville news
Published: 2025-08-21T12:15:00
Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild. The zero-day out-of-bounds write vulnerability, tracked as CVE-2025-43300, resides in the ImageIO framework that could result in memory corruption when processing a malicious image. "Apple is aware of a report that this issue may have been
Published: 2025-08-21T10:17:00
Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be exploited to steal account credentials, two-factor authentication (2FA) codes, and credit card details under certain conditions. The technique has been dubbed Document Object Model (DOM)-based extension clickjacking by independent security researcher Marek T th,
Published: 2025-08-20T23:24:00
Do you know how many AI agents are running inside your business right now? If the answer is “not sure,” you’re not alone and that’s exactly the concern. Across industries, AI agents are being set up every day. Sometimes by IT, but often by business units moving fast to get results. That means agents are running quietly in the background without proper IDs, without owners, and without logs of
Published: 2025-08-20T22:55:00
A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to establish persistent access to target networks. Cisco Talos, which disclosed details of the activity, said the attacks single out organizations in telecommunications, higher education and manufacturing
Published: 2025-08-20T21:29:00
Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence (GenAI) model into carrying out intended actions by embedding the malicious instruction inside a fake CAPTCHA check on a web page. Described by Guardio Labs an "AI-era take on the ClickFix scam," the attack technique demonstrates how AI-driven browsers,
Published: 2025-08-20T18:31:00
Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your business? It means a growing number of risks, along with an increase in their frequency, variety, complexity, severity, and potential business impact. The real question is, “How do you tackle these rising threats?” The answer lies in having a robust BCDR strategy. However, to build a
Published: 2025-08-20T16:00:00
North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025. The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing meeting invites
Published: 2025-08-20T14:48:00
A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire attacks targeting
Published: 2025-08-20T09:49:00
Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper. But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial access to prevent further exploitation by other adversaries and evade detection, Red Canary said in
Published: 2025-08-19T23:07:00
Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT. The malicious activity involves the "distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger," Kaspersky researcher Saurabh Sharma said in a technical analysis published today. The
Published: 2025-08-19T20:03:00
A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft. The exploit in question chains together CVE-2025-31324 and CVE-2025-42999 to bypass authentication and achieve remote code execution, SAP security company Onapsis said. CVE-2025-31324 (CVSS score: 10.0) - Missing
Published: 2025-08-19T18:30:00
The U.K. government has apparently abandoned its plans to force Apple to weaken encryption protections and include a backdoor that would have enabled access to the protected data of U.S. citizens. U.S. Director of National Intelligence (DNI) Tulsi Gabbard, in a statement posted on X, said the U.S. government had been working with its partners with the U.K. over the past few months to ensure that
Published: 2025-08-19T16:54:00
After two decades of developing increasingly mature security architectures, organizations are running up against a hard truth: tools and technologies alone are not enough to mitigate cyber risk. As tech stacks have grown more sophisticated and capable, attackers have shifted their focus. They are no longer focusing on infrastructure vulnerabilities alone. Instead, they are increasingly
Published: 2025-08-19T16:45:00
The maintainers of the Python Package Index (PyPI) repository have announced that the package manager now checks for expired domains to prevent supply chain attacks. "These changes improve PyPI's overall account security posture, making it harder for attackers to exploit expired domain names to gain unauthorized access to accounts," Mike Fiedler, PyPI safety and security engineer at the Python
Published: 2025-08-19T12:06:00
The threat actors behind the Noodlophile malware are leveraging spear-phishing emails and updated delivery mechanisms to deploy the information stealer in attacks aimed at enterprises located in the U.S., Europe, Baltic countries, and the Asia-Pacific (APAC) region. "The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement
Published: 2025-08-19T00:54:00
Cybersecurity researchers have lifted the lid on the threat actors' exploitation of a now-patched security flaw in Microsoft Windows to deploy the PipeMagic malware in RansomExx ransomware attacks. The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) that was addressed by Microsoft in April 2025,
Published: 2025-08-18T21:33:00
Power doesn’t just disappear in one big breach. It slips away in the small stuff a patch that’s missed, a setting that’s wrong, a system no one is watching. Security usually doesn’t fail all at once; it breaks slowly, then suddenly. Staying safe isn’t about knowing everything it’s about acting fast and clear before problems pile up. Clarity keeps control. Hesitation creates risk. Here are this
Published: 2025-08-18T18:17:00
Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution. The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stage malware operation, Zscaler
Published: 2025-08-18T16:26:00
Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance standards and frameworks. These compliance standards also apply to organizations operating in regulated sectors such as healthcare, finance, government contracting, or education. Some of these standards and frameworks include, but are not limited to:
Published: 2025-08-18T15:45:00
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications," Hunt.io
Published: 2025-08-16T16:11:00
The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads. Trustwave SpiderLabs said it recently observed an EncryptHub campaign that brings together social engineering and the exploitation of a vulnerability in the Microsoft Management Console (MMC) framework (CVE-2025-26633, aka MSC EvilTwin) to trigger
Published: 2025-08-16T11:04:00
A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talos to an activity cluster it tracks as UAT-7237, which is believed to be active since at least 2022.
Published: 2025-08-15T21:50:00
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019. The Treasury said it's also imposing sanctions on Garantex's successor, Grinex
Published: 2025-08-15T16:57:00
We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors interacting with data, systems, and humans without constant oversight privacy is no longer about control. It’s about trust. And trust, by definition, is about what happens when you’re not looking. Agentic AI AI that
Published: 2025-08-15T16:30:00
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject
Published: 2025-08-15T12:19:00
Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks. "MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous
Published: 2025-08-14T20:50:00
Japan's CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control (C2) framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple macOS for cross-platform system control. The agency said the activity was detected between September and December 2024, targeting
Published: 2025-08-14T18:46:00
You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and stove were definitely turned off. Maybe even circle back again to confirm the front door was properly closed. These automatic safety checks give you peace of mind because you know the unlikely but potentially dangerous consequences of forgetting a break-in, fire, or worse. Your
Published: 2025-08-14T16:55:00
Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. "PhantomCard relays NFC data from a victim's banking card to the fraudster's device," ThreatFabric said in a report. "PhantomCard is based on
Published: 2025-08-14T16:36:00
Story teaser text: Cybersecurity leaders face mounting pressure to stop attacks before they start, and the best defense may come down to the settings you choose on day one. In this piece, Yuriy Tsibere explores how default policies like deny-by-default, MFA enforcement, and application Ringfencing can eliminate entire categories of risk. From disabling Office macros to blocking outbound server
Published: 2025-08-14T15:00:00
Google said it's implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to "ensure a safe and compliant ecosystem for users." The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, Thailand,
Published: 2025-08-14T12:16:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. N-able N-central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs), allowing customers to efficiently manage and secure
Published: 2025-08-14T09:32:00
Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot. "PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious activities on infected systems, including information theft, keylogging, reconnaissance, and the establishment of persistent system
Published: 2025-08-13T21:16:00
Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 (CVSS score: 9.6), relates to a case of an untrusted search path that could pave the way for privilege escalation. "Untrusted search path in
Published: 2025-08-13T18:49:00
Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild. The vulnerability, tracked as CVE-2025-25256, carries a CVSS score of 9.8 out of a maximum of 10.0. "An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSIEM may allow an unauthenticated attacker to
Published: 2025-08-13T17:07:00
Security operations have never been a 9-to-5 job. For SOC analysts, the day often starts and ends deep in a queue of alerts, chasing down what turns out to be false positives, or switching between half a dozen tools to piece together context. The work is repetitive, time-consuming, and high-stakes, leaving SOCs under constant pressure to keep up, yet often struggling to stay ahead of emerging
Published: 2025-08-13T16:55:00
The AI revolution isn’t coming. It’s already here. From copilots that write our emails to autonomous agents that can take action without us lifting a finger, AI is transforming how we work. But here’s the uncomfortable truth: Attackers are evolving just as fast. Every leap forward in AI gives bad actors new tools deepfake scams so real they trick your CFO, bots that can bypass human review,
Published: 2025-08-13T15:00:00
Microsoft on Tuesday rolled out fixes for a massive set of 111 security flaws across its software portfolio, including one flaw that has been disclosed as publicly known at the time of the release. Of the 111 vulnerabilities, 16 are rated Critical, 92 are rated Important, two are rated Moderate, and one is rated Low in severity. Forty-four of the vulnerabilities relate to privilege
Published: 2025-08-13T14:17:00
Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East's public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, exhibited tactics mirroring those of advanced persistent threat (APT) groups, such as DLL side-loading, process injection, and the ability
Published: 2025-08-13T11:15:00
New research has uncovered Docker images on Docker Hub that contain the infamous XZ Utils backdoor, more than a year after the discovery of the incident. More troubling is the fact that other images have been built on top of these infected base images, effectively propagating the infection further in a transitive manner, Binarly REsearch said in a report shared with The Hacker News. The firmware
Published: 2025-08-12T23:47:00
Cybersecurity researchers are warning of a "significant spike" in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, was observed on August 3, 2025, with over 780 unique IP addresses participating in the effort. As many as 56 unique IP addresses have been detected over the past 24 hours. All the IP addresses have been
Published: 2025-08-12T22:35:00
An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show. "This latest wave of ShinyHunters-attributed attacks reveals a dramatic shift in tactics, moving beyond the group's previous credential theft and database
Published: 2025-08-12T21:50:00
A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks. "They repeatedly tried to extract the NTDS database from domain controllers -- the primary repository for user password hashes and authentication data in a Windows network,"
Published: 2025-08-12T18:30:00
Most security tools can’t see what happens inside the browser, but that’s where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often face a choice: deploy a dedicated Enterprise Browser or add an enterprise-grade control layer to the browsers employees already use and trust. The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions
Published: 2025-08-12T16:30:00
The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country. The NCSC-NL said it discovered the exploitation of CVE-2025-6543 targeting several critical organizations within the Netherlands, and that investigations are ongoing to determine the
Published: 2025-08-12T14:06:00
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decrypt encrypted traffic. Details of the vulnerabilities dubbed 2TETRA:2BURST were presented at the Black Hat USA
Published: 2025-08-11T22:02:00
Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology (OT) networks. The vulnerability in question is CVE-2025-32433 (CVSS score: 10.0), a missing authentication issue that could be abused by an
Published: 2025-08-11T20:38:00
This week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. The clock is ticking if defenses aren’t updated regularly, it could lead to serious damage. The
Published: 2025-08-11T17:23:00
The Evolution of Exposure Management Most security teams have a good sense of what’s critical in their environment. What’s harder to pin down is what’s business-critical. These are the assets that support the processes the business can’t function without. They’re not always the loudest or most exposed. They’re the ones tied to revenue, operations, and delivery. If one goes down, it’s more than a
Published: 2025-08-11T16:55:00
A 20-year-old Scattered Spider member gets 10 years in prison and $13M restitution for SIM-swapping crypto thefts. Scattered Spider hacker, Noah Michael Urban (20), was sentenced to 10 years in U.S. prison and ordered to pay $13M restitution for SIM-swapping crypto thefts. “A 20-year-old Palm Coast man linked to a massive cybercriminal gang was sentenced […]
Published: 2025-08-21T08:45:21
FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to target organizations in the […]
Published: 2025-08-21T07:51:16
CERT/CC disclosed serious data exposure vulnerabilities in Workhorse Software used by hundreds of U.S. cities and towns. CERT Coordination Center (CERT/CC) at Carnegie Mellon University disclosed two serious data exposure flaws in an accounting application developed by Workhorse Software’s, and used by hundreds of U.S. cities and towns. CERT/CC disclosed the vulnerabilities only after the […]
Published: 2025-08-21T07:05:23
The UK has imposed new sanctions on Kyrgyz financial institutions and crypto networks accused of helping Russia evade restrictions. The UK imposed sanctions on Kyrgyz financial institutions and crypto networks accused of aiding Russian sanctions evasion, war funding, and ransomware activities. The U.K. imposed new sanctions on Kyrgyzstan’s Capital Bank and director Kantemir Chalbayev, accused […]
Published: 2025-08-20T22:37:17
DOJ charges 22-year-old Ethan Foltz of Oregon for running RapperBot, a DDoS botnet behind 370K+ attacks in 80+ countries since 2021. The U.S. DOJ charged 22-year-old Ethan Foltz of Oregon for running the RapperBot botnet, used in over 370,000 DDoS-for-hire attacks since 2021. The criminal service is active in over 80 countries, RapperBot enabled large-scale […]
Published: 2025-08-20T16:46:34
Google Chrome 139 addressed a high-severity V8 flaw, tracked as CVE-2025-9132, found by Big Sleep AI Google Chrome 139 addressed a high-severity vulnerability, tracked as CVE-2025-9132, in its open source high-performance JavaScript and WebAssembly engine V8. The vulnerability is an out-of-bounds write issue in the V8 JavaScript engine that was discovered by Big Sleep AI. […]
Published: 2025-08-20T08:39:50
Pharmaceutical firm Inotiv says a ransomware attack encrypted systems and data, disrupting operations, according to its SEC filing. U.S. pharmaceutical firm Inotiv reported a ransomware attack that encrypted some systems and data, disrupting business operations. Inotiv is a U.S.-based pharmaceutical research and contract research organization (CRO). It provides nonclinical and analytical drug discovery and development […]
Published: 2025-08-20T08:07:39
UK hacker Al-Tahery Al-Mashriky, tied to Yemen Cyber Army, gets 20 months in prison for website defacements and stolen data possession. Al-Tahery Al-Mashriky (26), a man from South Yorkshire, linked to the Yemen Cyber Army, has been sentenced to 20 months in prison for hacking and defacing websites in hacktivist campaigns. The UK’s National Crime […]
Published: 2025-08-20T07:20:21
Exploit chaining CVE-2025-31324 & CVE-2025-42999 in SAP NetWeaver enables auth bypass and RCE, risking compromise and data theft. A new exploit chaining two vulnerabilities, tracked as CVE-2025-31324 and CVE-2025-42999, in SAP NetWeaver exposes organizations to the risk of system compromise and data theft. CVE-2025-31324 (CVSS score: 10.0) is a missing authorization check in NetWeaver’s Visual Composer […]
Published: 2025-08-20T00:01:53
Noodlophile malware spreads via copyright phishing, targeting firms in the U.S., Europe, Baltics & APAC with tailored spear-phishing lures. The Noodlophile malware campaign is expanding globally, using spear-phishing emails disguised as copyright notices. Threat actors tailor lures with details like Facebook Page IDs and company ownership data. Active for over a year, it now targets […]
Published: 2025-08-19T17:53:48