Information security

[ follow ]
Information security
fromNextgov.com
2 hours ago

CISA orders government to patch F5 products after 'nation-state' cyber intrusion

A nation-state affiliated actor breached F5, extracting BIG-IP source code and other files, creating an imminent threat to federal networks and widely used systems.
Information security
fromThe Hacker News
1 hour ago

Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

China-linked Jewelbug conducted a five-month intrusion into a Russian IT service provider, accessing code repositories and exfiltrating data to Yandex Cloud.
Information security
fromTechzine Global
5 hours ago

Qualys expands ETM security platform with identity security and better insight into threats

Qualys ETM introduces AI-driven ETM Identity, TruLens, and TruConfirm to predict and prevent cyber threats by securing identities, feeding real-time threat intelligence, and automating responses.
fromThe Hacker News
11 hours ago

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Red Lion's Sixnet RTUs provide advanced automation, control, and data acquisition capabilities in industrial automation and control systems, primarily across energy, water, and wastewater treatment, transportation, utilities, and manufacturing sectors. These industrial devices are configured using a Windows utility called Sixnet IO Tool Kit, with a proprietary Sixnet "Universal" protocol used to interface and enable communication between the kit and the RTUs.
Information security
#f5-networks
fromTechCrunch
4 hours ago
Information security

Cyber giant F5 Networks says government hackers had 'long-term' access to its systems, stole code and customer data | TechCrunch

fromTechCrunch
4 hours ago
Information security

Cyber giant F5 Networks says government hackers had 'long-term' access to its systems, stole code and customer data | TechCrunch

fromComputerWeekly.com
11 hours ago

China responsible for rising cyber attacks, says NCSC | Computer Weekly

The NCSC also reported that hostile states are using artificial intelligence (AI) to increase the efficiency and frequency of their existing attack methods, but are not yet using the technology for novel attacks. Actors linked to China, Russia, Iran and North Korea are starting to use large language models to evade detection, exfiltrate data, research security vulnerabilities and devise social engineering to gain access to systems.
Information security
fromThe Hacker News
7 hours ago

How Attackers Bypass Synced Passkeys

Passkeys are credentials stored in an authenticator. Some are device-bound, others are synced across devices through consumer cloud services like iCloud and Google Cloud. Sync improves usability and recovery in low-security, consumer-facing scenarios, but shifts the trust boundary to cloud accounts and recovery workflows. The FIDO Alliance and Yubico, have both issued important advisories for enterprises to evaluate this split and to prefer device-bound options for higher assurance.
Information security
Information security
fromSecuritymagazine
20 hours ago

CISOs Under Pressure: How Security Leaders Can Reclaim Their Seat at the Board Table

CISO-board alignment is eroding as reputational concerns and cost-centered metrics silence disclosure and weaken security influence, increasing breach risk and financial impact.
Information security
fromThe Hacker News
13 hours ago

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP released patches for 13 vulnerabilities including a CVSS 10.0 insecure deserialization in NetWeaver AS Java enabling arbitrary OS command execution.
Information security
fromInfoQ
20 hours ago

HashiCorp Warns Traditional Secret Scanning Tools Are Falling Behind

Traditional secret scanning tools fail to prevent secret exposure; prevention-first integration across developer tools, CI/CD pipelines, and incident response is required.
#data-breach
fromThe Verge
1 day ago
Information security

Discord blamed a vendor for its data breach - now the vendor says it was 'not hacked'

Information security
fromDataBreaches.Net
1 day ago

Discord blamed a vendor for its data breach - now the vendor says it was 'not hacked' - DataBreaches.Net

Approximately 70,000 Discord users' government ID photos may have been exposed via a vendor incident, while the vendor 5CA publicly denies being hacked or handling those IDs.
Information security
fromTechzine Global
2 days ago

Data of millions of Qantas customers published months after hack

Personal data of 5.7 million Qantas customers appeared online after a Salesforce-related cyberattack; credit card, financial, and passport information were not taken.
fromThe Verge
1 day ago
Information security

Discord blamed a vendor for its data breach - now the vendor says it was 'not hacked'

fromDataBreaches.Net
1 day ago
Information security

Discord blamed a vendor for its data breach - now the vendor says it was 'not hacked' - DataBreaches.Net

Information security
fromChannelPro
13 hours ago

Future-proofing cybersecurity: Understanding Quantum-Safe AI and how to create resilient defences.

Quantum computing threatens current public-key encryption, prompting deployment of NIST-standard post-quantum algorithms for secure key exchange and digital signatures.
Information security
fromIT Pro
10 hours ago

Hackers are using a new phishing kit to steal Microsoft 365 credentials and MFA tokens - Whisper 2FA is evolving rapidly and has been used in nearly one million attacks since July

Whisper 2FA is a PhaaS tool that steals credentials and MFA tokens from Microsoft 365 accounts while evading detection through advanced obfuscation.
#microsoft-patch-tuesday
fromZDNET
17 hours ago

5 ways the Linux nmap command can help keep your network secure

The nmap command (short for network mapper) is a network exploration/security auditing tool that can rapidly scan networks to help you find out what hosts are available. With nmap, you can discover open ports and services, and even find out what operating systems are on your network. I've used nmap to find out what machines are on a network and what ports/services are open. If I find a port that shouldn't be open, I can close it to avoid security issues.
Information security
#software-supply-chain
fromThe Hacker News
4 hours ago
Information security

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Leaked access tokens in over 100 VS Code extensions allow attackers to push malicious updates, creating a critical software supply chain risk.
fromSecuritymagazine
2 days ago
Information security

60% of Security Leaders Say Threat Actors Are Evolving Too Quickly

Security leaders prioritize addressing third-party software and genAI risks and increasingly embed penetration testing to strengthen digital supply chain resilience.
Information security
fromComputerWeekly.com
4 hours ago

Patch Tuesday: Windows 10 end of life pain for IT departments | Computer Weekly

A legacy Agere modem kernel driver (ltmdm64.sys) contains a zero-day (CVE-2025-24990) used for privilege escalation, and Microsoft removed the driver to eliminate the risk.
Information security
fromThe Verge
7 hours ago

Google will let friends help you recover an account

Google added recovery options letting users regain accounts using a linked mobile number or trusted contacts instead of passwords or recovery emails.
Information security
fromComputerWeekly.com
7 hours ago

Singapore Transport Authority enhances critical railway infrastructure with optical LAN | Computer Weekly

Singapore's LTA deployed Nokia IP/MPLS and fibre optical LAN solutions to deliver high-availability, reliable, secure real-time CCTV surveillance across its rail network.
Information security
fromZDNET
8 hours ago

Why Windows 11 requires a TPM - and how you can get around it

A TPM is a secure cryptoprocessor that stores keys and performs cryptographic operations to enable features like Secure Boot, BitLocker, and Windows Hello.
Information security
fromZDNET
7 hours ago

Windows 10's final update is a big one - with a record 173 bug fixes

Microsoft delivered 173 security fixes in October, marking the final Patch Tuesday for Windows 10 while new features were reserved for Windows 11.
Information security
fromThe Hacker News
1 day ago

Moving Beyond Awareness: How Threat Hunting Builds Readiness

Security awareness campaigns raise awareness but must be paired with continuous validation and proactive threat hunting to sustain security and prevent lapses.
#cybersecurity
Information security
fromTheregister
1 day ago

Asahi admits personal data may have been slurped in breach

Asahi admits personal information may have been transferred in a September ransomware attack that disrupted operations, caused logistics delays, and prompted a financial-results postponement.
Information security
fromwww.bbc.com
1 day ago

Firms advised to put plans on paper in case of cyber-attack

Businesses must maintain offline, paper copies of critical plans and adopt resilience engineering to operate and rebuild quickly during significant cyber-attacks.
Information security
fromComputerWeekly.com
1 day ago

Cohesity CEO: 'The Middle East is moving faster than any other region in data resilience' | Computer Weekly

Cohesity provides an immutable, zero‑trust cyber resilience platform using generative AI to secure, detect, and rapidly recover enterprise data globally and in the Middle East.
#satellite-security
fromTechCrunch
1 day ago
Information security

Satellites found exposing unencrypted data, including phone calls and some military comms | TechCrunch

fromFuturism
22 hours ago
Information security

Researchers Alarmed to Discover Satellites Broadcasting Unencrypted Military Secrets

fromWIRED
1 day ago
Information security

Satellites Are Leaking the World's Secrets: Calls, Texts, Military and Corporate Data

fromTechCrunch
1 day ago
Information security

Satellites found exposing unencrypted data, including phone calls and some military comms | TechCrunch

fromFuturism
22 hours ago
Information security

Researchers Alarmed to Discover Satellites Broadcasting Unencrypted Military Secrets

fromWIRED
1 day ago
Information security

Satellites Are Leaking the World's Secrets: Calls, Texts, Military and Corporate Data

#sonicwall
fromNextgov.com
1 day ago

Bridging the gap: Unlock the power of AI for government agencies through cross-domain solutions

Government data is highly segmented by design, often separated by security classification levels to protect sensitive data and operations. While this segmentation is essential for national security, it also presents data-sharing obstacles that must be overcome. Fortunately, Cross-Domain Solutions (CDS) can help overcome obstacles such as safely training AI models with untrusted data, sharing classified AI capabilities with partners and connecting users or systems to AI tools across classification boundaries.
Information security
#post-quantum-cryptography
fromThe Hacker News
1 day ago

What AI Reveals About Web Applications- and Why It Matters

Before an attacker ever sends a payload, they've already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and enabling attackers to map your environment with greater speed and precision.
Information security
Information security
fromZero Day Initiative
1 day ago

Zero Day Initiative - The October 2025 Security Update Review

Adobe released 12 bulletins addressing 36 CVEs, including multiple Critical code-execution vulnerabilities in Substance 3D Stager, Dimension, Illustrator, Commerce, and FrameMaker.
Information security
fromAzure DevOps Blog
1 day ago

Modernizing Authentication for Legacy Visual Studio Clients - Azure DevOps Blog

Legacy Visual Studio client authentication is being replaced with Entra-backed tokens, improving security but causing more frequent interactive reauthentication; upgrade clients to supported versions.
fromThe Hacker News
1 day ago

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

According to the U.S. government, it's assessed to be a publicly-traded, Beijing-based company known as Integrity Technology Group. "The group cleverly modified a geo-mapping application's Java server object extension (SOE) into a functioning web shell," the cybersecurity company said in a report shared with The Hacker News. "By gating access with a hardcoded key for exclusive control and embedding it in system backups, they achieved deep, long-term persistence that could survive a full system recovery."
Information security
fromThe Cyber Express
1 day ago

Critical CVE-2025-61927 VM Context Escape In Happy DOM Library

A critical security flaw has been identified in Happy DOM, a widely used JavaScript library primarily employed for server-side rendering and testing frameworks. The vulnerability, cataloged as CVE-2025-61927, allows attackers to escape the library's virtual machine (VM) context, leading to potential remote code execution on vulnerable systems. This flaw threatens millions of applications that depend on Happy DOM. The root of this vulnerability lies in the improper isolation of the Node.js VM context within Happy DOM versions 19 and earlier.
Information security
fromTheregister
1 day ago

Oracle rushes out another emergency E-Business Suite patch

The newly disclosed flaw, tracked as CVE-2025-61884 and slapped with a CVSS score of 7.5, affects the Runtime UI component in EBS, and Oracle's advisory warns that the flaw can be exploited remotely without authentication and "may allow access to sensitive resources." In other words, it's another wide-open door into one of Oracle's most business-critical systems, and the kind of bug that cybercrims love to chain with others for data theft, extortion, or to delve deeper into enterprise networks.
Information security
#android-security
fromZDNET
1 day ago
Information security

This new 'Pixnapping' exploit can steal everything on your Android screen - even 2FA codes

fromZDNET
1 day ago
Information security

This new 'Pixnapping' exploit can steal everything on your Android screen - even 2FA codes

#pixnapping
fromWIRED
22 hours ago
Information security

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

fromWIRED
22 hours ago
Information security

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Information security
fromThe Hacker News
1 day ago

RMPocalypse: Single 8-Byte Write Shatters AMD's SEV-SNP Confidential Computing

A flaw called RMPocalypse allows a single write to AMD's RMP table to break SEV-SNP confidentiality and integrity guarantees.
fromTheregister
1 day ago

Chinese gang used ArcGIS as a backdoor for a year

Researchers at ReliaQuest say that the espionage outfit, which Microsoft tracks as a China-based state-sponsored actor, modified a legitimate ArcGIS server object extension (SOE) to act as a web shell, giving them long-term, near-invisible access. By exploiting ArcGIS' extensibility features while avoiding traditional, signature-based malware, Flax Typhoon embedded itself so deeply that even restoring systems from backups simply reinstalled the implant.
Information security
fromThe Hacker News
1 day ago

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Webhooks on Discord are a way to post messages to channels in the platform without requiring a bot user or authentication, making them an attractive mechanism for attackers to exfiltrate data to a channel under their control. "Importantly, webhook URLs are effectively write-only," Socket researcher Olivia Brown said in an analysis. "They do not expose channel history, and defenders cannot read back prior posts just by knowing the URL."
Information security
#windows-10
Information security
fromMedium
1 week ago

Admin Series: Understanding User-Based Access Control (UBAC) in Snowflake

Disable UBAC by applying a session policy that disallows secondary roles at the account or user level while keeping the bundle enabled.
Information security
fromThe Hacker News
1 day ago

Researchers Expose TA585's MonsterV2 Malware Capabilities and Attack Chain

TA585 independently conducts sophisticated phishing and web-injection campaigns to deliver MonsterV2 RAT via ClickFix social engineering and PowerShell-based payload execution.
Information security
fromcointelegraph.com
1 day ago

How a crypto trader turned $3K into $2M after CZ mentioned a memecoin

A CZ mention and thin liquidity caused memecoin 4 to skyrocket from small buys, turning a joke token into a rapid, non‑fundamental market surge.
Information security
fromFuturism
1 day ago

Man Launches "World's First Waymo DDoS" by Ordering 50 Robotaxis to Dead End Street

A coordinated mass ordering prank mimicked a DDoS on Waymo, causing service disruption and prompting the company to suspend nearby ride requests temporarily.
Information security
fromSocial Media Explorer
6 days ago

The Biggest Challenges for Cyber Security Managers - Social Media Explorer

Remote and hybrid work dramatically increases cyber risk by expanding attack surfaces, requiring proactive, adaptive, and human-centric security beyond traditional defenses.
Information security
fromBusiness Matters
2 days ago

Strengthening Online Security Through Device Intelligence

Device intelligence uses hardware, software, network, and session signals to enable real-time risk-based decisions, reducing fraud while minimizing friction for trustworthy users.
Information security
fromThe Hacker News
2 days ago

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Unmonitored client-side JavaScript enables attackers to steal payment data while WAFs and network defenses remain blind, creating a critical security gap.
fromThe Hacker News
2 days ago

Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

Dozens of Orgs Impacted by Exploitation of Oracle EBS Flaw - Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, according to Google Threat Intelligence Group (GTIG) and Mandiant. The activity, which bears some hallmarks associated with the Cl0p ransomware crew, is assessed to have fashioned together multiple distinct vulnerabilities, including a zero-day flaw tracked as CVE-2025-61882 (CVSS score: 9.8), to breach target networks and exfiltrate sensitive data.
Information security
Information security
fromTechzine Global
2 days ago

Emergency patch for vulnerability in Oracle E-Business Suite

Critical Oracle E-Business Suite vulnerability CVE-2025-61884 allows unauthenticated attackers to disclose sensitive data across EBS versions 12.2.3–12.2.14; urgent patching recommended.
Information security
fromwww.bbc.com
2 days ago

ID photos of 70,000 users may have been leaked, Discord says

Official ID photos and limited personal data of about 70,000 Discord users were potentially exposed after a third-party age-verification provider was targeted.
Information security
fromThe Hacker News
2 days ago

New Rust-Based Malware "ChaosBot" Hijacks Discord Channels to Control Victims' PCs

ChaosBot is a Rust-based backdoor using Discord C2, compromised credentials, WMI, DLL sideloading, and an FRP reverse proxy to enable reconnaissance, command execution, and persistence.
Information security
fromIT Pro
2 days ago

Third time lucky? The FBI just took down BreachForums, again

The FBI seized BreachForums-related domains, disrupting a central cybercriminal marketplace used to sell stolen data, coordinate attacks, and conduct extortion.
Information security
fromTheregister
2 days ago

Techies mistakenly tossed appliance that had no power cord

Removing undocumented, powered-down equipment can unexpectedly disrupt critical network infrastructure and cause a company-wide outage.
Information security
fromDataBreaches.Net
2 days ago

Months After Being Notified, a Software Vendor is Still Exposing Confidential and Sealed Court Records - DataBreaches.Net

A prosecutor case-management vendor left confidential and sealed court records publicly exposed online despite repeated alerts from researchers, an FBI agent, and assisting IT personnel.
fromArs Technica
1 day ago

No fix yet for attack that lets hackers pluck 2FA codes from Android phones

The new attack, named Pixnapping by the team of academic researchers who devised it, requires a victim to first install a malicious app on an Android phone or tablet. The app, which requires no system permissions, can then effectively read data that any other installed app displays on the screen. Pixnapping has been demonstrated on Google Pixel phones and the Samsung Galaxy S25 phone and likely could be modified to work on other models with additional work.
Information security
Information security
fromThe Hacker News
2 days ago

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft revamped Edge's IE mode after reports that attackers abused it using social engineering and Chakra 0-day exploits to gain full device control.
Information security
fromComputerWeekly.com
2 days ago

UK police to upgrade illicit asset recovery system | Computer Weekly

A new cloud-based Asset Recovery IT (ARIT) system will replace JARD to improve tracking, management, international and cryptocurrency recovery of criminal assets for UK policing.
fromComputerWeekly.com
2 days ago

The importance of upgrading to the latest Windows operating system | Computer Weekly

Windows 10 was launched in July 2015. It was supposed to be the last major operating system (OS) upgrade, but Microsoft released Windows 11 in October 2021, and now Windows 10 has reached end of life, which means it will no longer be updated. Consumers who register for extended support and back up their PCs in the Microsoft cloud will be able to get free security updates until October 2026. Corporate PCs and devices connected to Active Directory will only receive Windows 10 security updates if they are covered by an Extended Security Updates (ESU) subscription.
Information security
fromThe Hacker News
2 days ago

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

"Instead of relying solely on traditional command-and-control (C2) servers that can be taken down, these attackers are leveraging GitHub repositories to host malware configurations," McAfee Labs researchers Harshil Patel and Prabudh Chakravorty said in a report. "When law enforcement or security researchers shut down their C2 infrastructure, Astaroth simply pulls fresh configurations from GitHub and keeps running."
Information security
Information security
fromThe Hacker News
2 days ago

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

RondoDox botnet campaigns exploit over 50 vulnerabilities across 30+ vendors and use loader-as-a-service with Mirai/Morte to expand automated network exploitation.
Information security
fromEngadget
1 day ago

Another Game Freak leak claims to show the Pokemon roadmap

Datamined files claim Game Freak plans Pokémon Wind and Waves (2026) plus several upcoming projects including MMO-like multi-region remake Project Seed (2028).
Information security
fromTechCrunch
3 days ago

The ZoraSafe app wants to protect older people online and will present at TechCrunch Disrupt 2025 | TechCrunch

ZoraSafe will provide older adults with an app combining scam detection, AI call analysis, and gamified microlearning to prevent fraud and teach digital safety.
Information security
fromDataBreaches.Net
3 days ago

From sizzle to drizzle to fizzle: The massive data leak that wasn't - DataBreaches.Net

A ransomware group leaked data from six of 39 targeted companies, published downloads across onion and clear-net sites, then halted further leaks despite followers' expectations.
Information security
fromWIRED
4 days ago

'Happy Gilmore' Producer Buys Spyware Maker NSO Group

North Korean operatives are posing as architecture professionals using fake profiles, résumés, and Social Security numbers to infiltrate US companies.
#cybercrime
fromDataBreaches.Net
4 days ago
Information security

In a few days, the PowerSchool hacker will learn his sentence, and his life as he has known it will end. - DataBreaches.Net

fromDataBreaches.Net
4 days ago
Information security

In a few days, the PowerSchool hacker will learn his sentence, and his life as he has known it will end. - DataBreaches.Net

fromwww.theguardian.com
4 days ago

Hackers leak Qantas data containing 5 million customer records after ransom deadline passes

The Qantas data, which was stolen from a Salesforce database in a major cyber-attack in June, included customers' email addresses, phone numbers, birth dates and frequent flyer numbers. It did not contain credit card details, financial information or passport details. On Saturday the group marked the data as leaked, writing: Don't be the next headline, should have paid the ransom.
Information security
Information security
fromInfoQ
4 days ago

Google DeepMind Introduces CodeMender, an AI Agent for Automated Code Repair

CodeMender automatically detects, repairs, and hardens software vulnerabilities using AI reasoning, static/dynamic analysis, fuzzing, and verification to generate validated patches for upstream submission.
Information security
fromSFGATE
4 days ago

SF tech company hit with 3 straight lawsuits after wild month

A third-party customer support breach exposed sensitive Discord user data for roughly 70,000 people and prompted negligence lawsuits and extortion claims.
fromThe Hacker News
4 days ago

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

The threat actor's use of the security utility was documented by Sophos last month. It's assessed that the attackers weaponized the on-premises SharePoint vulnerabilities known as ToolShell to obtain initial access and deliver an outdated version of Velociraptor (version 0.73.4.0) that's susceptible to a privilege escalation vulnerability ( CVE-2025-6264) to enable arbitrary command execution and endpoint takeover, per Cisco Talos.
Information security
Information security
fromSecurityWeek
5 days ago

In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware

Active exploitation of Gladinet and Zimbra vulnerabilities and social-engineered payroll attacks against US universities have led to ongoing mitigations and warnings.
Information security
fromSecuritymagazine
5 days ago

Help Desk Havoc: Why Identity Verification Is Still the Weakest Link in Targeted Attacks

Help desks are a critical, under-protected attack vector in zero trust deployments, enabling social-engineering breaches that bypass authentication and cause major disruption.
[ Load more ]