Nostr notes by ITSEC News

Balancer hack analysis and guidance for the DeFi ecosystem - ...

2025-11-08T00:21:03Z

Balancer hack analysis and guidance for the DeFi ecosystem - TL;DR

The root cause of the hack was a rounding direction issue that had been pr... https://blog.trailofbits.com/2025/11/07/balancer-hack-analysis-and-guidance-for-the-defi-ecosystem/

Malicious NuGet packages drop disruptive 'time bombs' - ...

2025-11-07T21:01:03Z

Malicious NuGet packages drop disruptive 'time bombs' - Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 ... https://www.bleepingcomputer.com/news/security/malicious-nuget-packages-drop-disruptive-time-bombs/ #security

Microsoft testing faster Quick Machine Recovery in Windows 11 - ...

2025-11-07T20:01:03Z

Microsoft testing faster Quick Machine Recovery in Windows 11 - Microsoft is testing a faster version of Quick Machine Recovery (QMR) and updated Smart A... https://www.bleepingcomputer.com/news/microsoft/microsoft-testing-faster-quick-machine-recovery-in-windows-11/ #microsoft

QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own - QNAP ...

2025-11-07T18:31:03Z

QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own - QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack... https://www.bleepingcomputer.com/news/security/qnap-fixes-seven-nas-zero-day-vulnerabilities-exploited-at-pwn2own/ #security

New LandFall spyware exploited Samsung zero-day via WhatsApp ...

2025-11-07T18:31:03Z

New LandFall spyware exploited Samsung zero-day via WhatsApp messages - A threat actor exploited a zero-day vulnerability in Samsung's Android image processing l... https://www.bleepingcomputer.com/news/security/new-landfall-spyware-exploited-samsung-zero-day-via-whatsapp-messages/ #security #mobile

Cisco: Actively exploited firewall flaws now abused for DoS ...

2025-11-07T16:01:03Z

Cisco: Actively exploited firewall flaws now abused for DoS attacks - Cisco warned this week that two vulnerabilities, which have been exploited in zero-day at... https://www.bleepingcomputer.com/news/security/cisco-actively-exploited-firewall-flaws-now-abused-for-dos-attacks/ #security

ID verification laws are fueling the next wave of breaches - ID ...

2025-11-07T15:21:03Z

ID verification laws are fueling the next wave of breaches - ID laws are forcing companies to store massive amounts of sensitive data, turning complia... https://www.bleepingcomputer.com/news/security/id-verification-laws-are-fueling-the-next-wave-of-breaches/ #security

Leak confirms Google Gemini 3 Pro and Nano Banana 2 could launch ...

2025-11-07T13:21:03Z

Leak confirms Google Gemini 3 Pro and Nano Banana 2 could launch soon - Google is planning to ship two new models. One is Gemini 3, which is optimised for coding... https://www.bleepingcomputer.com/news/artificial-intelligence/leak-confirms-google-gemini-3-pro-and-nano-banana-2-could-launch-soon/ #artificialintelligence #technology

U.S. Congressional Budget Office hit by suspected foreign ...

2025-11-07T00:31:03Z

U.S. Congressional Budget Office hit by suspected foreign cyberattack - The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident ... https://www.bleepingcomputer.com/news/security/us-congressional-budget-office-hit-by-suspected-foreign-cyberattack/ #government #security

AI-Slop ransomware test sneaks on to VS Code marketplace - A ...

2025-11-06T22:01:03Z

AI-Slop ransomware test sneaks on to VS Code marketplace - A malicious extension with basic ransomware capabilities seemingly created with the help ... https://www.bleepingcomputer.com/news/security/ai-slop-ransomware-test-sneaks-on-to-vs-code-marketplace/ #artificialintelligence #security

Remember, remember the fifth of November - Welcome to this ...

2025-11-06T19:51:03Z

Remember, remember the fifth of November - Welcome to this week’s edition of the Threat Source newsletter. Ever heard the phrase in ... https://blog.talosintelligence.com/remember-remember-the-fifth-of-november/ #threatsourcenewsletter

How a ransomware gang encrypted Nevada government's systems - ...

2025-11-06T19:11:03Z

How a ransomware gang encrypted Nevada government's systems - The State of Nevada has completed its recovery from a ransomware attack it suffered on Au... https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-systems/ #government #security

I'm Hosting a New Podcast - I'm hosting a new podcast for ...

2025-11-06T18:51:03Z

I'm Hosting a New Podcast - I'm hosting a new podcast for Corelight. Check out my first episode with our fiel... https://taosecurity.blogspot.com/2025/11/im-hosting-new-podcast.html #corelight

“Pay up or we share the tapes”: Hackers target massage ...

2025-11-06T18:31:03Z

“Pay up or we share the tapes”: Hackers target massage parlour clients in blackmail scheme - South Korean police have uncovered a hacking operation that stole sensitive data from mas... https://www.bitdefender.com/en-us/blog/hotforsecurity/pay-up-or-we-share-the-tapes-hackers-target-massage-parlour-clients-in-blackmail-scheme #databreach #southkorea #guestblog #lawℴ #blackmail #dataloss #malware

The rising tide of cyber attacks against the UK water sector - ...

2025-11-06T18:31:03Z

The rising tide of cyber attacks against the UK water sector - Critical infrastructure is once again in the spotlight, as it is revealed that several UK... https://www.fortra.com/blog/rising-tide-cyber-attacks-against-uk-water-sector #securitythreats #watersupply #guestblog

Continuous Purple Teaming: Turning Red-Blue Rivalry into Real ...

2025-11-06T15:11:04Z

Continuous Purple Teaming: Turning Red-Blue Rivalry into Real Defense - Red and blue teams often operate independently, but attackers don't. Picus Security shows... https://www.bleepingcomputer.com/news/security/continuous-purple-teaming-turning-red-blue-rivalry-into-real-defense/ #security

ClickFix malware attacks evolve with multi-OS support, video ...

2025-11-06T15:01:04Z

ClickFix malware attacks evolve with multi-OS support, video tutorials - ClickFix attacks have evolved to feature videos that guide victims through the self-infec... https://www.bleepingcomputer.com/news/security/clickfix-malware-attacks-evolve-with-multi-os-support-video-tutorials/ #security

Simplifying identity security queries with AI - ... ...

2025-11-06T14:11:03Z

Simplifying identity security queries with AI - ... https://duo.com/blog/simplifying-identity-security-queries-with-ai #product&engineering

Critical Cisco UCCX flaw lets attackers run commands as root - ...

2025-11-06T13:51:04Z

Critical Cisco UCCX flaw lets attackers run commands as root - Cisco has released security updates to patch a critical vulnerability in the Unified Cont... https://www.bleepingcomputer.com/news/security/critical-cisco-uccx-flaw-lets-hackers-run-commands-as-root/ #security

Smashing Security podcast #442: The hack that messed with time, ...

2025-11-06T12:31:04Z

Smashing Security podcast #442: The hack that messed with time, and rogue ransom where negotiators - Time itself comes under attack as a state-backed hacking gang spends two years tunnelling... https://grahamcluley.com/smashing-security-podcast-442/ #smashingsecurity #ransomware #lawℴ #malware #podcast #china #nsa

The AI Fix #75: Claude’s existential battery crisis, and why ...

2025-11-06T12:31:03Z

The AI Fix #75: Claude’s existential battery crisis, and why ChatGPT is a terrible therapist - In episode 75 of The AI Fix, a Claude-powered robot gets so anxious about its dying batte... https://grahamcluley.com/the-ai-fix-75/ #artificialintelligence #securitythreats #theaifix #chatgpt #podcast #ai

Do robots dream of secure networking? Teaching cybersecurity to ...

2025-11-06T11:41:03Z

Do robots dream of secure networking? Teaching cybersecurity to AI systems - This blog explores how to equip autonomous AI agents with cybersecurity knowledge, enabli... https://blog.talosintelligence.com/do-robots-dream-of-secure-networking/ #tooltalk #ai

Keeper Security launches Forcefield to defend against ...

2025-11-06T11:01:04Z

Keeper Security launches Forcefield to defend against memory-based attacks on Windows devices - Keeper Security has unveiled Keeper Forcefield, a new kernel-level endpoint securi... https://www.itsecurityguru.org/2025/11/06/keeper-security-launches-forcefield-to-defend-against-memory-based-attacks-on-windows-devices/?utm_source=rss&utm_medium=rss&utm_campaign=keeper-security-launches-forcefield-to-defend-against-memory-based-attacks-on-windows-devices #pressreleases #featured

Sandworm hackers use data wipers to disrupt Ukraine's grain ...

2025-11-06T10:21:03Z

Sandworm hackers use data wipers to disrupt Ukraine's grain sector - Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware fami... https://www.bleepingcomputer.com/news/security/sandworm-hackers-use-data-wipers-to-disrupt-ukraines-grain-sector/ #security

2 Billion Email Addresses Were Exposed, and We Indexed Them All ...

2025-11-06T06:21:05Z

2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned - Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get ... https://www.troyhunt.com/2-billion-email-addresses-were-exposed-and-we-indexed-them-all-in-have-i-been-pwned/ #haveibeenpwned

Cloudflare Scrubs Aisuru Botnet from Top Domains List - For the ...

2025-11-06T02:21:02Z

Cloudflare Scrubs Aisuru Botnet from Top Domains List - For the past week, domains associated with the massive Aisuru botnet have repeatedly usur... https://krebsonsecurity.com/2025/11/cloudflare-scrubs-aisuru-botnet-from-top-domains-list/ #internetofthings(iot) #alittlesunshine #cloudflareradar #ddos-for-hire #alexgreenland #matthewprince #webfraud2.0 #googleapple #reneeburton #cloudflare #microsoft #infoblox #aisuru #amazon #epi

Gootloader malware is back with new tricks after 7-month break - ...

2025-11-05T22:01:03Z

Gootloader malware is back with new tricks after 7-month break - The Gootloader malware loader operation has returned after a 7-month absence and is once ... https://www.bleepingcomputer.com/news/security/gootloader-malware-is-back-with-new-tricks-after-7-month-break/ #security

Hyundai AutoEver America data breach exposes SSNs, drivers ...

2025-11-05T21:31:03Z

Hyundai AutoEver America data breach exposes SSNs, drivers licenses - Hyundai AutoEver America is notifying individuals that hackers breached the company's IT ... https://www.bleepingcomputer.com/news/security/hyundai-autoever-america-data-breach-exposes-ssns-drivers-licenses/ #security

CISA warns of critical CentOS Web Panel bug exploited in attacks ...

2025-11-05T18:31:03Z

CISA warns of critical CentOS Web Panel bug exploited in attacks - The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat... https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-centos-web-panel-bug-exploited-in-attacks/ #security #linux

Windows 11 Store gets Ninite-style multi-app installer feature - ...

2025-11-05T17:41:03Z

Windows 11 Store gets Ninite-style multi-app installer feature - The Microsoft Store on the web now lets you create a multi-app install package on Windows... https://www.bleepingcomputer.com/news/microsoft/windows-11-store-gets-ninite-style-multi-app-installer-feature/ #microsoft #software

SonicWall says state-sponsored hackers behind security breach in ...

2025-11-05T17:21:03Z

SonicWall says state-sponsored hackers behind security breach in September - SonicWall's investigation into the September security breach that exposed customers' fire... https://www.bleepingcomputer.com/news/security/sonicwall-says-state-sponsored-hackers-behind-security-breach-in-september/ #security

UK carriers to block spoofed phone numbers in fraud crackdown - ...

2025-11-05T16:51:03Z

UK carriers to block spoofed phone numbers in fraud crackdown - Under a new partnership with the government aimed at combating fraud, Britain's largest m... https://www.bleepingcomputer.com/news/security/uk-carriers-to-block-spoofed-phone-numbers-in-fraud-crackdown/ #security

University of Pennsylvania confirms data stolen in cyberattack - ...

2025-11-05T16:21:03Z

University of Pennsylvania confirms data stolen in cyberattack - The University of Pennsylvania has confirmed that a hacker breached numerous internal sys... https://www.bleepingcomputer.com/news/security/university-of-pennsylvania-confirms-data-stolen-in-cyberattack/ #education #security

Nearly Three-Quarters of US CISOs Faced Significant Cyber ...

2025-11-05T15:51:03Z

Nearly Three-Quarters of US CISOs Faced Significant Cyber Incident in the Past Six Months, Research Finds - A new research report from Nagomi Security has revealed that, over the past six months, n... https://www.itsecurityguru.org/2025/11/05/nearly-three-quarters-of-us-cisos-faced-significant-cyber-incident-in-the-past-six-months-research-finds/?utm_source=rss&utm_medium=rss&utm_campaign=nearly-three-quarters-of-us-cisos-faced-significant-cyber-incident-in-the-past-six-months-research-finds

Google warns of new AI-powered malware families deployed in the ...

2025-11-05T15:11:03Z

Google warns of new AI-powered malware families deployed in the wild - Google's Threat Intelligence Group (GTIG) has identified a major shift this year, with ad... https://www.bleepingcomputer.com/news/security/google-warns-of-new-ai-powered-malware-families-deployed-in-the-wild/ #artificialintelligence #security

Cyber theory vs practice: Are you navigating with faulty ...

2025-11-05T15:11:03Z

Cyber theory vs practice: Are you navigating with faulty instruments? - Security teams rely on dashboards and data feeds, but outdated or fragmented tools leave ... https://www.bleepingcomputer.com/news/security/cyber-theory-vs-practice-are-you-navigating-with-faulty-instruments/ #security

Police busts credit card fraud rings with 4.3 million victims - ...

2025-11-05T12:41:03Z

Police busts credit card fraud rings with 4.3 million victims - International authorities have dismantled three massive credit card fraud and money laund... https://www.bleepingcomputer.com/news/security/europol-credit-card-fraud-rings-stole-eur-300-million-from-43-million-cardholders/ #security

US sanctions North Korean bankers linked to cybercrime, IT worker ...

2025-11-05T10:51:03Z

US sanctions North Korean bankers linked to cybercrime, IT worker fraud - The U.S. Treasury Department imposed sanctions on two North Korean financial institutions... https://www.bleepingcomputer.com/news/security/us-treasury-sanctions-north-korean-bankers-linked-to-cybercrime-it-worker-fraud/ #security

Microsoft: October Windows updates trigger BitLocker recovery - ...

2025-11-05T09:11:03Z

Microsoft: October Windows updates trigger BitLocker recovery - Microsoft has warned that some systems may boot into BitLocker recovery after installing ... https://www.bleepingcomputer.com/news/microsoft/microsoft-october-windows-updates-trigger-bitlocker-recovery/ #microsoft

Hackers exploit WordPress plugin Post SMTP to hijack admin ...

2025-11-04T22:01:03Z

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts - Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin in... https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-post-smtp-to-hijack-admin-accounts/ #security

Apache OpenOffice disputes data breach claims by ransomware gang ...

2025-11-04T21:31:03Z

Apache OpenOffice disputes data breach claims by ransomware gang - The Apache Software Foundation disputes claims that its OpenOffice project suffered an Ak... https://www.bleepingcomputer.com/news/security/apache-openoffice-disputes-data-breach-claims-by-ransomware-gang/ #security

Malicious Android apps on Google Play downloaded 42 million times ...

2025-11-04T20:41:03Z

Malicious Android apps on Google Play downloaded 42 million times - Hundreds of malicious Android apps on Google Play were downloaded more than 40 million ti... https://www.bleepingcomputer.com/news/security/malicious-android-apps-on-google-play-downloaded-42-million-times/ #security #mobile

News alert: Insider risk report finds behavioral blind spots ...

2025-11-04T19:51:03Z

News alert: Insider risk report finds behavioral blind spots leave most orgs exposed, confidence low - BALTIMORE, Nov. 4, 2025, CyberNewswire — he new 2025 Insider Risk Report, produced... https://www.lastwatchdog.com/news-alert-insider-risk-report-finds-behavioral-blind-spots-leave-most-orgs-exposed-confidence-low/ #newsalerts #topstories

Microsoft removing Defender Application Guard from Office - ...

2025-11-04T19:21:04Z

Microsoft removing Defender Application Guard from Office - Microsoft plans to remove Defender Application Guard from Office by December 2027, starti... https://www.bleepingcomputer.com/news/microsoft/microsoft-removing-defender-application-guard-from-office/ #microsoft #security

New Forescout report finds 65% of connected assets are outside ...

2025-11-04T17:11:03Z

New Forescout report finds 65% of connected assets are outside traditional IT visibility - Forescout® Technologies, a global leader in cybersecurity, has announced the launch of ey... https://www.itsecurityguru.org/2025/11/04/new-forescout-report-finds-65-of-connected-assets-are-outside-traditional-it-visibility/?utm_source=rss&utm_medium=rss&utm_campaign=new-forescout-report-finds-65-of-connected-assets-are-outside-traditional-it-visibility #featured

Data breach at major Swedish software supplier impacts 1.5 ...

2025-11-04T17:11:03Z

Data breach at major Swedish software supplier impacts 1.5 million - The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT s... https://www.bleepingcomputer.com/news/security/data-breach-at-major-swedish-software-supplier-impacts-15-million/ #security #legal

Media giant Nikkei reports data breach impacting 17,000 people - ...

2025-11-04T16:31:03Z

Media giant Nikkei reports data breach impacting 17,000 people - Japanese publishing giant Nikkei announced earlier today that its Slack messaging platfor... https://www.bleepingcomputer.com/news/security/media-giant-nikkei-reports-data-breach-impacting-17-000-people/ #security

Police arrests suspects linked to €600 million crypto fraud ...

2025-11-04T15:31:04Z

Police arrests suspects linked to €600 million crypto fraud ring - European law enforcement authorities have arrested nine suspected money launderers who se... https://www.bleepingcomputer.com/news/security/european-police-dismantles-600-million-crypto-investment-fraud-ring/ #security

The Top 3 Browser Sandbox Threats That Slip Past Modern Security ...

2025-11-04T15:31:03Z

The Top 3 Browser Sandbox Threats That Slip Past Modern Security Tools - Attackers exploit web browsers' built-in behaviors to steal credentials, abuse extensions... https://www.bleepingcomputer.com/news/security/the-top-3-browser-sandbox-threats-that-slip-past-modern-security-tools/ #security

APIContext Rolls Out Browser Monitoring to Assess Real-World ...

2025-11-04T15:11:04Z

APIContext Rolls Out Browser Monitoring to Assess Real-World Website Performance and SEO Outcomes - APIContext, the leader in resilience monitoring, today unveiled its new Browser Monitorin... https://www.itsecurityguru.org/2025/11/04/apicontext-rolls-out-browser-monitoring-to-assess-real-world-website-performance-and-seo-outcomes/?utm_source=rss&utm_medium=rss&utm_campaign=apicontext-rolls-out-browser-monitoring-to-assess-real-world-website-performance-and-seo-outcomes #news

TruffleHog, Fade In and BSAFE Crypto-C vulnerabilities - Cisco ...

2025-11-04T14:51:03Z

TruffleHog, Fade In and BSAFE Crypto-C vulnerabilities - Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnera... https://blog.talosintelligence.com/trufflehog-fade-in-and-bsafe-crypto-c-vulnerabilities/ #vulnerabilityroundup

Russian hackers abuse Hyper-V to hide malware in Linux VMs - The ...

2025-11-04T14:21:03Z

Russian hackers abuse Hyper-V to hide malware in Linux VMs - The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass... https://www.bleepingcomputer.com/news/security/russian-hackers-abuse-hyper-v-to-hide-malware-in-linux-vms/ #security

Zensar and Saviynt forge global alliance to elevate identity ...

2025-11-04T14:01:03Z

Zensar and Saviynt forge global alliance to elevate identity governance and privilege management - Zensar Technologies, a leading experience, engineering, and engagement technology solutio... https://www.itsecurityguru.org/2025/11/04/zensar-and-saviynt-forge-global-alliance-to-elevate-identity-governance-and-privilege-management/?utm_source=rss&utm_medium=rss&utm_campaign=zensar-and-saviynt-forge-global-alliance-to-elevate-identity-governance-and-privilege-management #news

Windows 10 update bug triggers incorrect end-of-support alerts - ...

2025-11-04T13:51:03Z

Windows 10 update bug triggers incorrect end-of-support alerts - Microsoft says the October 2025 updates trigger incorrect end-of-support warnings on Win... https://www.bleepingcomputer.com/news/microsoft/windows-10-update-bug-triggers-incorrect-end-of-support-alerts/ #microsoft

Hackers exploit critical auth bypass flaw in JobMonster WordPress ...

2025-11-04T09:21:03Z

Hackers exploit critical auth bypass flaw in JobMonster WordPress theme - Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme th... https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-auth-bypass-flaw-in-jobmonster-wordpress-theme/ #security

MY TAKE: From AOL-Time Warner to OpenAI-Amazon — is the next ...

2025-11-04T05:01:03Z

MY TAKE: From AOL-Time Warner to OpenAI-Amazon — is the next tech bubble already inflating? - Anyone remember the dot-com bubble burst? The early warning came in January 2000, ... https://www.lastwatchdog.com/my-take-from-aol-time-warner-to-openai-amazon-is-the-next-tech-bubble-already-inflating/ #topstories #mytake

Creating a Linux Application Using VSCodium, Cline, OpenRouter, ...

2025-11-04T01:01:03Z

Creating a Linux Application Using VSCodium, Cline, OpenRouter, and Claude - In March I created a Windows Application Using Visual Studio Code, Cline, OpenRout... https://taosecurity.blogspot.com/2025/11/creating-linux-application-using.html #vibecoding #linux

Hacker steals over $120 million from Balancer DeFi crypto ...

2025-11-03T22:01:03Z

Hacker steals over $120 million from Balancer DeFi crypto protocol - The Balancer Protocol announced that hackers had targeted its v2 pools, with losses repor... https://www.bleepingcomputer.com/news/cryptocurrency/hacker-steals-over-120-million-from-balancer-defi-crypto-protocol/ #cryptocurrency

Fake Solidity VSCode extension on Open VSX backdoors developers - ...

2025-11-03T20:51:04Z

Fake Solidity VSCode extension on Open VSX backdoors developers - A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extens... https://www.bleepingcomputer.com/news/security/fake-solidity-vscode-extension-on-open-vsx-backdoors-developers/ #security

Microsoft: SesameOp malware abuses OpenAI Assistants API in ...

2025-11-03T18:41:03Z

Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks - Microsoft security researchers have discovered a new backdoor malware that uses the OpenA... https://www.bleepingcomputer.com/news/security/microsoft-sesameop-malware-abuses-openai-assistants-api-in-attacks/ #microsoft #security

Defeating KASLR by Doing Nothing at All - Posted by Seth Jenkins, ...

2025-11-03T18:21:03Z

Defeating KASLR by Doing Nothing at All - Posted by Seth Jenkins, Project ZeroIntroductionI've recently been researching Pi... https://googleprojectzero.blogspot.com/2025/11/defeating-kaslr-by-doing-nothing-at-all.html

US cybersecurity experts indicted for BlackCat ransomware attacks ...

2025-11-03T17:31:03Z

US cybersecurity experts indicted for BlackCat ransomware attacks - Three former employees of cybersecurity incident response companies DigitalMint and Sygni... https://www.bleepingcomputer.com/news/security/us-cybersecurity-experts-indicted-for-blackcat-ransomware-attacks/ #security

Hackers use RMM tools to breach freighters and steal cargo ...

2025-11-03T17:01:05Z

Hackers use RMM tools to breach freighters and steal cargo shipments - Threat actors are targeting freight brokers and trucking carriers with malicious links an... https://www.bleepingcomputer.com/news/security/hackers-use-rmm-tools-to-breach-freighters-and-steal-cargo-shipments/ #security

OAuth Device Code Phishing: Azure vs. Google Compared - Device ...

2025-11-03T15:31:03Z

OAuth Device Code Phishing: Azure vs. Google Compared - Device code phishing abuses the OAuth device flow — Azure can yield very powerful tokens ... https://www.bleepingcomputer.com/news/security/oauth-device-code-phishing-azure-vs-google-compared/ #security

Microsoft: Patch for WSUS flaw disabled Windows Server ...

2025-11-03T15:31:03Z

Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching - An out-of-band (OOB) security update that patches an actively exploited Windows Server Up... https://www.bleepingcomputer.com/news/microsoft/microsoft-patch-for-wsus-flaw-disabled-windows-server-hotpatching/ #microsoft #security

Proton Brings Privacy-Focused AI to the Workplace with Lumo for ...

2025-11-03T13:31:03Z

Proton Brings Privacy-Focused AI to the Workplace with Lumo for Business - Proton, the company best known for Proton Mail and Proton VPN, has launched Lumo for Busi... https://www.itsecurityguru.org/2025/11/03/proton-brings-privacy-focused-ai-to-the-workplace-with-lumo-for-business/?utm_source=rss&utm_medium=rss&utm_campaign=proton-brings-privacy-focused-ai-to-the-workplace-with-lumo-for-business #aiandmachinelearning #news

Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody - A ...

2025-11-03T10:51:03Z

Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody - A Ukrainian man indicted in 2012 for conspiring with a prolific hacking group to steal te... https://krebsonsecurity.com/2025/11/alleged-jabber-zeus-coder-mricq-in-u-s-custody/ #federalbureauofinvestigation #evgeniymikhailovichbogachev #u.s.departmentofjustice #vyacheslavtankpenchukov #target:smallbusinesses #yuriyigorevichrybtsov #neer-do-wellnews #alittlesunshine #lawrencebaldwin #maksimyakubets #jabberzeus #leprechaun #zeustrojan #bbc

Microsoft: Windows Task Manager won’t quit after KB5067036 ...

2025-11-03T10:21:03Z

Microsoft: Windows Task Manager won’t quit after KB5067036 update - Microsoft has confirmed a known issue that is preventing users from quitting the Windows ... https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-task-manager-wont-quit-after-kb5067036-update/ #microsoft

Weekly Update 476 - Presently sponsored by: Report URI: Guarding ...

2025-11-03T09:11:03Z

Weekly Update 476 - Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get ... https://www.troyhunt.com/weekly-update-476/ #weeklyupdate

Penn hacker claims to have stolen 1.2 million donor records in ...

2025-11-02T22:11:03Z

Penn hacker claims to have stolen 1.2 million donor records in data breach - A hacker has taken responsibility for last week's University of Pennsylvania "We got hack... https://www.bleepingcomputer.com/news/security/university-of-pennsylvania-hacker-claims-1.2-million-donor-data-breach/ #security

Open VSX rotates access tokens used in supply-chain malware ...

2025-11-02T22:01:05Z

Open VSX rotates access tokens used in supply-chain malware attack - The Open VSX registry rotated access tokens after they were accidentally leaked by develo... https://www.bleepingcomputer.com/news/security/open-vsx-rotates-tokens-used-in-supply-chain-malware-attack/ #security

OpenAI is going Meta route, as it considers memory-based ads on ...

2025-11-02T22:01:04Z

OpenAI is going Meta route, as it considers memory-based ads on ChatGPT - OpenAI is planning to introduce ads on ChatGPT, as it continues to struggle with revenue ... https://www.bleepingcomputer.com/news/artificial-intelligence/openai-is-going-meta-route-as-it-considers-memory-based-ads-on-chatgpt/ #artificialintelligence #technology

Google confirms AI search will have ads, but they may look ...

2025-11-01T17:21:04Z

Google confirms AI search will have ads, but they may look different - Google Ads are not going anywhere. Eventually, AI Search results on Google and likely oth... https://www.bleepingcomputer.com/news/google/google-confirms-ai-search-will-have-ads-but-they-may-look-different/ #technology #google

Windows 11 Build 26220.7051 released with “Ask Copilot” ...

2025-11-01T17:21:03Z

Windows 11 Build 26220.7051 released with “Ask Copilot” feature - Windows 11 Build 26220.7051 is now rolling out to testers in the Windows Insider Program,... https://www.bleepingcomputer.com/news/microsoft/windows-11-build-262207051-released-with-ask-copilot-feature/ #microsoft #software

Windows 11 Build 26220.7051 released with three features for ...

2025-11-01T16:31:03Z

Windows 11 Build 26220.7051 released with three features for Insiders - Windows 11 Build 26220.7051 is now rolling out to testers in the Windows Insider Program,... https://www.bleepingcomputer.com/news/microsoft/windows-11-build-262207051-released-with-three-features-for-insiders/ #microsoft #software

China-linked hackers exploited Lanscope flaw as a zero-day in ...

2025-11-01T16:11:03Z

China-linked hackers exploited Lanscope flaw as a zero-day in attacks - China-linked cyber-espionage actors tracked as 'Bronze Butler' (Tick) exploited a Motex L... https://www.bleepingcomputer.com/news/security/china-linked-hackers-exploited-lanscope-flaw-as-a-zero-day-in-attacks/ #security

MY TAKE: Microsoft pitches an AI ‘protopian’ future — while ...

2025-10-31T22:51:03Z

MY TAKE: Microsoft pitches an AI ‘protopian’ future — while civic groups pedal to stay upright - SEATTLE — At a well-meaning civic forum hosted inside a south Seattle community sp... https://www.lastwatchdog.com/my-take-microsoft-pitches-an-ai-protopian-future-while-civic-groups-pedal-to-stay-upright/ #topstories #mytake

Windows 11 tests shared Bluetooth audio support, but only for AI ...

2025-10-31T21:01:03Z

Windows 11 tests shared Bluetooth audio support, but only for AI PCs - If you have two headphones, speakers, earbuds, or any other Bluetooth hardware, you can n... https://www.bleepingcomputer.com/news/microsoft/windows-11-tests-shared-bluetooth-audio-support-but-only-for-ai-pcs/ #microsoft #software

Offensive 'We got hacked' emails sent in Penn security ...

2025-10-31T18:41:04Z

Offensive 'We got hacked' emails sent in Penn security incident - The University of Pennsylvania suffered a cybersecurity incident on Friday, where student... https://www.bleepingcomputer.com/news/security/offensive-we-got-hacked-emails-sent-in-penn-security-incident/ #security

Why API Security Is Central to AI Governance - APIs are now the ...

2025-10-31T18:31:03Z

Why API Security Is Central to AI Governance - APIs are now the action layer of AI that make up your API fabric. Every LLM workflow, age... https://www.itsecurityguru.org/2025/10/31/why-api-security-is-central-to-ai-governance/?utm_source=rss&utm_medium=rss&utm_campaign=why-api-security-is-central-to-ai-governance #featured #features #insight

Microsoft Edge gets scareware sensor for faster scam detection - ...

2025-10-31T17:31:03Z

Microsoft Edge gets scareware sensor for faster scam detection - Microsoft is introducing a new scareware sensor for the Microsoft Edge web browser, which... https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-gets-scareware-sensor-for-faster-scam-detection/ #microsoft #security

Australia warns of BadCandy infections on unpatched Cisco devices ...

2025-10-31T15:51:04Z

Australia warns of BadCandy infections on unpatched Cisco devices - The Australian government is warning about ongoing cyberattacks against unpatched Cisco I... https://www.bleepingcomputer.com/news/security/australia-warns-of-badcandy-infections-on-unpatched-cisco-devices/ #security

UK Organisations Trail Global Peers on Zero Trust Adoption, ...

2025-10-31T15:51:03Z

UK Organisations Trail Global Peers on Zero Trust Adoption, Research Finds - A new research report by Keeper Security has revealed global insights from security profe... https://www.itsecurityguru.org/2025/10/31/uk-organisations-trail-global-peers-on-zero-trust-adoption-research-finds/?utm_source=rss&utm_medium=rss&utm_campaign=uk-organisations-trail-global-peers-on-zero-trust-adoption-research-finds #editorsnews #featured #features

Why password controls still matter in cybersecurity - Passwords ...

2025-10-31T14:21:03Z

Why password controls still matter in cybersecurity - Passwords still matter — and weak policies leave the door wide open. Specops Software exp... https://www.bleepingcomputer.com/news/security/why-password-controls-still-matter-in-cybersecurity/ #security

Alleged Meduza Stealer malware admins arrested after hacking ...

2025-10-31T14:01:03Z

Alleged Meduza Stealer malware admins arrested after hacking Russian org - The Russian authorities have arrested three individuals in Moscow who are believed to be ... https://www.bleepingcomputer.com/news/security/alleged-meduza-stealer-malware-admins-arrested-after-hacking-russian-org/ #security

AI Can Transform the Restaurant Industry But Only If It’s Built ...

2025-10-31T13:51:03Z

AI Can Transform the Restaurant Industry But Only If It’s Built Securely - AI is transforming how restaurants operate. It’s automating calls, managing orders, handl... https://www.itsecurityguru.org/2025/10/30/ai-transform-restaurant-industry-if-built-securely/?utm_source=rss&utm_medium=rss&utm_campaign=ai-transform-restaurant-industry-if-built-securely #aiandmachinelearning

CISA: High-severity Linux flaw now exploited by ransomware gangs ...

2025-10-31T13:31:03Z

CISA: High-severity Linux flaw now exploited by ransomware gangs - CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux ke... https://www.bleepingcomputer.com/news/security/cisa-linux-privilege-escalation-flaw-now-exploited-in-ransomware-attacks/ #security

Google says Search AI Mode will know everything about you - ...

2025-10-31T12:01:03Z

Google says Search AI Mode will know everything about you - Google wants 'AI mode' on Search to be as personal as possible, and it'll soon tap into s... https://www.bleepingcomputer.com/news/google/google-says-search-ai-mode-will-know-everything-about-you/ #artificialintelligence #google

Windows zero-day actively exploited to spy on European diplomats ...

2025-10-31T11:51:03Z

Windows zero-day actively exploited to spy on European diplomats - A China-linked hacking group is exploiting a Windows zero-day in attacks targeting Europe... https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-windows-zero-day-to-spy-on-european-diplomats/ #security

The cryptography behind electronic passports - Did you know that ...

2025-10-31T11:11:03Z

The cryptography behind electronic passports - Did you know that most modern passports are actually embedded devices containing a... https://blog.trailofbits.com/2025/10/31/the-cryptography-behind-electronic-passports/

Ukrainian extradited from Ireland on Conti ransomware charges - A ...

2025-10-31T09:51:03Z

Ukrainian extradited from Ireland on Conti ransomware charges - A Ukrainian national believed to be a member of the Conti ransomware operation has been e... https://www.bleepingcomputer.com/news/security/ukrainian-extradited-from-ireland-on-conti-ransomware-charges/ #security

OpenAI confirms GPT-5 is now better at handling mental and ...

2025-10-30T22:21:03Z

OpenAI confirms GPT-5 is now better at handling mental and emotional distress - OpenAI confirmed that it shipped an update on October 5, which allows GPT-5 to better han... https://www.bleepingcomputer.com/news/artificial-intelligence/openai-confirms-gpt-5-is-now-better-at-handling-mental-and-emotional-distress/ #artificialintelligence #technology

Massive surge of NFC relay malware steals Europeans’ credit ...

2025-10-30T20:21:04Z

Massive surge of NFC relay malware steals Europeans’ credit cards - Near-Field Communication (NFC) relay malware has grown massively popular in Eastern Europ... https://www.bleepingcomputer.com/news/security/massive-surge-of-nfc-relay-malware-steals-europeans-credit-cards/ #security #mobile

CISA orders feds to patch VMware Tools flaw exploited by Chinese ...

2025-10-30T20:21:04Z

CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers - CISA has ordered federal agencies to patch a high-severity vulnerability in Broadcom's VM... https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-vmware-tools-flaw-exploited-since-october-2024/ #security

How Android provides the most effective protection to keep you ...

2025-10-30T20:11:03Z

How Android provides the most effective protection to keep you safe from mobile scams - Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Niet... http://security.googleblog.com/2025/10/how-android-protects-you-from-scams.html #androidsecurity #android

Major telecom services provider Ribbon breached by state hackers ...

2025-10-30T19:11:03Z

Major telecom services provider Ribbon breached by state hackers - Ribbon Communications, a provider of telecommunications services to the U.S. government a... https://www.bleepingcomputer.com/news/security/major-telecom-services-provider-ribbon-breached-by-state-hackers/ #security

BPO giant Conduent confirms data breach impacts 10.5 million ...

2025-10-30T19:01:03Z

BPO giant Conduent confirms data breach impacts 10.5 million people - American business services giant Conduent has confirmed that a 2024 data breach has impac... https://www.bleepingcomputer.com/news/security/bpo-giant-conduent-confirms-data-breach-impacts-105-million-people/ #security

Trick, treat, repeat - Welcome to this week’s edition of the ...

2025-10-30T19:01:03Z

Trick, treat, repeat - Welcome to this week’s edition of the Threat Source newsletter. This one is pretty much a... https://blog.talosintelligence.com/trick-treat-repeat/ #threatsourcenewsletter

News alert: Aembit extends Workload IAM to close the ...

2025-10-30T18:51:03Z

News alert: Aembit extends Workload IAM to close the access-control gap in enterprise AI deployments - SILVER SPRING, Md., Oct. 30, 2025, CyberNewswire — Aembit today announced the laun... https://www.lastwatchdog.com/news-alert-aembit-extends-workload-iam-to-close-the-access-control-gap-in-enterprise-ai-deployments/ #newsalerts #topstories

WhatsApp adds passwordless chat backups on iOS and Android - ...

2025-10-30T18:11:03Z

WhatsApp adds passwordless chat backups on iOS and Android - WhatsApp is rolling out passkey-encrypted backups for iOS and Android devices, enabling u... https://www.bleepingcomputer.com/news/security/whatsapp-adds-passwordless-chat-backups-on-ios-and-android/ #security