Whats The Hax? 🔒 A Fraud, Infosec, and Security News Aggregator

Cybersecurity News & Threat Intelligence đŸ›Ąïž

Stay ahead of cyber threats with breaking security news, vulnerability alerts, and expert analysis. Coverage includes ransomware, data breaches, incident response, and cybersecurity best practices.

Disrupting the shadow economy of online betting in Europe and beyond: account theft, laundering, and cashouts ❧ Holiday hustle or holiday hassle? What to do when order behavior gets blurry ☙ ❧ The instability of stablecoin risk ❧ There’s a new X factor in holiday fraud risk ☙ ❧ Microsoft strengthens sovereign cloud capabilities with new services ❧ Enhancing software supply chain security with Microsoft’s Signing Transparency ☙ ❧ MY TAKE: Sam Altman is wielding OpenAI to usurp the browser, seize the user interface crown ❧ News Alert: Sendmarc taps veteran email security leader Dan Levinson to expand U.S. footprint ☙ ❧ STRATEGIC REEL: Inside the ‘Mind of a Hacker’ — turning attacker logic against them ❧ Cybersecurity jobs available right now: October 21, 2025 ☙ ❧ US NSA alleged to have launched a cyber attack on a Chinese agency ❧ Everyone thinks AI will transform their business - but only 13% are making it happen ☙ ❧ Over 75,000 WatchGuard security devices vulnerable to critical RCE ❧ Interested in learning basica ☙ ❧ How a fake AI recruiter delivers five staged malware disguised as a dream job ❧ 50+ Windows keyboard shortcuts that effectively improved my work productivity ☙ ❧ ISC Stormcast For Tuesday, October 21st, 2025 https://isc.sans.edu/podcastdetail/9664, (Mon, Oct 20th) ❧ NSO permanently barred from targeting WhatsApp users with Pegasus spyware ☙ ❧ Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases ❧ CISA: High-severity Windows SMB flaw now exploited in attacks ☙ ❧

darkreading
GISEC GLOBAL 2026 – The Middle East & Africa’s Largest Cybersecurity Event
Japanese Firms Suffer Long Tail of Ransomware Damage
Microsoft Fixes Exploited Zero Day in Light Patch Tuesday
Packer-as-a-Service Shanya Hides Ransomware, Kills EDR
Analysts Warn of Cybersecurity Risks in Humanoid Robots
Gemini Enterprise No-Click Flaw Exposes Sensitive Data
Apache Issues Max-Severity Tika CVE After Patch Miss
Exploitation Activity Ramps Up Against React2Shell
US Treasury Tracks $4.5B in Ransom Payments since 2013
'Broadside' Mirai Variant Targets Maritime Logistics Sector
cybersecurity
Why does CBC-Pad require padding even when the original plaintext length is an integer multiple of the block size, instead of allowing zero bytes of padding?
Former CYBERCOM Commanders Urge Caution on Push for New Military Cyber Service
ISC2 CC Exam Advice
What are the top 5 controls to mitigate ransomware?
Interviews with a network architect
VS Code Malware Attack: Trojan Themes & AI Tools Stealing Data
Looking for reading recs. Which of these are actually worth the time?
What technical questions do you use when interviewing cybersecurity engineers?
a Bash wrapper for pentestingscans with HTML reporting (AlienTec Recon V2.0)
Ignoring AI in the threat chain could be a costly mistake, experts warn
SecurityWeek
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Rockwell, Schneider
Intel, AMD Processors Affected by PCIe Vulnerabilities
UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare
Adobe Patches Nearly 140 Vulnerabilities
Microsoft Patches 57 Vulnerabilities, Three Zero-Days
Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyberdefense
Prime Security Raises $20 Million to Build Agentic Security Architect
Webinar Today: Inside the First 72 hours of a Cyber Event
React2Shell Attacks Linked to North Korean Hackers
Identity Security Firm Saviynt Raises $700 Million at $3 Billion Valuation
Technical Information Security Content & Discussion
Extending Burp Suite for fun and profit – The Montoya way – Part 9 - HN Security
Free Honey Tokens for Breach Detection - No Signup
Declarative Binary Parsing for Security Research with Kaitai Struct
Using Agents to Map SaaS Attack Surface via MITRE ATT&CK
Learning cloud exploits for redteam, alternative to SANS588 GCPN
New Prompt Injection Attack Vectors Through MCP Sampling
Free Security Canaries (SSH, AWS, Cookies, Email, more..) - Tracebit Community Edition
Publishing Malicious VS Code Extensions: Bypassing VS Code Marketplace Analysis and the Insecurity of OpenVSX (Cursor AI/Windsurf)
How (almost) any phone number can be tracked via WhatsApp & Signal – open-source PoC
Patching Pulse Oximeter Firmware
infosecurity-magazine.com
Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025
December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement
Malicious VS Code Extensions Deploy Advanced Infostealer
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data
DeadLock Ransomware Uses BYOVD to Evade Security Measures
Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware
UK NCSC Raises Alarms Over Prompt Injection Attacks
The UK’s National Cyber Security Centre has warned of the dangers of comparing prompt injection to SQL injection
Gartner Calls For Pause on AI Browser Use
Gartner has called for organizations to block today’s AI browsers on security concerns
ClayRat Android Spyware Expands Capabilities
A new version of ClayRat Android spyware features enhanced surveillance and device-control features
Marquis Software Breach Affects Over 780,000 Nationwide
A data breach at Marquis Software Solutions due to a firewall flaw has affected over 780,000 people across the US
Portugal Revises Cybercrime Law to Protect Security Researchers
Security researchers will now be protected from prosecution in Portugal as long as they meet certain conditions
React2Shell Under Active Exploitation by China-Nexus Hackers
React2Shell (CVE-2025-55182) is under active exploitation by Earth Lamia and Jackpot Panda, risking over two million instances worldwide
Security Affairs
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog.
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day
Microsoft Patch Tuesday security updates for December 2025 address 57 vulnerabilities, including three critical flaws.
Ivanti warns customers of new EPM flaw enabling remote code execution
Ivanti warns users to address a newly disclosed Endpoint Manager vulnerability that could let attackers execute code remotely.
Broadside botnet hits TBK DVRs, raising alarms for maritime logistics
Mirai-based Broadside botnet targets vulnerable TBK Vision DVRs, posing a potential threat to the maritime logistics sector, Cydome warns.
Polish Police arrest 3 Ukrainians for possessing advanced hacking tools
Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data.
FinCEN data shows $4.5B in ransomware payments, record spike in 2023
Ransomware payments reported to FinCEN exceeded $4.5B by 2024, with 2023 marking a record year at $1.1B across 1,512 incidents.
FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms
FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams.
Oracle EBS zero-day used by Clop to breach Barts Health NHS
Clop ransomware stole data from Barts Health NHS after exploiting a zero-day in its Oracle E-Business Suite, causing a database breach.
AWS: China-linked threat actors weaponized React2Shell hours after disclosure
Multiple China-linked threat actors began exploiting the CVE-2025-55182, aka React2Shell flaw, within hours, AWS Security warns.
U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a Meta React Server Components vulnerability to its Known Exploited Vulnerabilities catalog.
Latest news
T-Mobile will give you a free iPhone 17, no trade-in required - here's how to get one
Bring your number over to T-Mobile and get an iPhone 17 on them. We break down the details.
I tried using Instacart in ChatGPT, and ordered cookie ingredients for delivery - in minutes
It's fast and easy, and it all happens inside ChatGPT, with no Instacart+ required.
Reinventing your career for the AI age? Your technical skill isn't your most valuable asset
The future of work isn't just about exploiting AI. Successful professionals will focus on honing these capabilities.
Gartner urges businesses to 'block all AI browsers' - what's behind the dire warning
Analysts suggest that agentic browsers create an unacceptable risk for CISOs today, with data exposure now a top security concern - but far from the only one.
How to clear your Google search cache on Android (and why it makes such a big difference)
If you care about privacy, regularly clearing your Google search cache on Android is a must. Here's how to do it manually - and how to set up auto-delete.
My favorite Linux search tools make it easier to find your files - no command line needed
Why bother with complicated regular expressions when you can point and click your way to finding the files and folders you need?
Want to save your old computer? Try one of these 9 Linux distros - for free
Here's how to save money, reduce e-waste, and extend the life of your old hardware at the same time.
The fastest-growing AI chatbot now isn't from OpenAI, Anthropic, or Google
'Different assistants map to different moments,' according to ComScore's latest report on the AI market.
The 7 Linux distros I recommend most for gaming in 2025 - including my favorite
Still think Linux isn't practical for gaming? Think again. Here are the best distros every gamer should try.
I wore Google's upcoming Android XR smart glasses, and it's a future I'd actually want to live in
From multimodal AI glasses to immersive headsets, Google's Android XR vision is more ambitious - yet clearer - than ever.
Help Net Security
BigID Activity Explorer enhances visibility for insider risk investigation
BigID Activity Explorer provides unified visibility and auditing across cloud and on-prem data to strengthen insider risk detection.
Apptega Policy Manager streamlines policy creation and compliance oversight
Apptega Policy Manager automates workflows for creating, maintaining and managing business policies across passwords, privacy, HR & more.
Protecto Vault adds API-first protection for safer AI agent workflows
Protecto launches Vault, a SaaS platform that secures enterprise data for AI agents with API-first protection, masking, and compliance.
Skyhigh Security debuts dashboard for unified data visibility and compliance
Skyhigh Security launches a dashboard delivering visibility and compliance insights for managing data security across cloud environments.
Henkel CISO on the messy truth of monitoring factories built across decades
Smart manufacturing struggles with fragile architectures, legacy devices, and uneven monitoring that create cybersecurity weaknesses.
The hidden dynamics shaping who produces influential cybersecurity research
Cybersecurity research trends show shifts in team structures, gender balance, and collaboration networks, offering insight into the field.
UTMStack: Open-source unified threat management platform
UTMStack is an open-source unified threat management platform that brings SIEM and XDR features into one system.
LLMs are everywhere in your stack and every layer brings new risk
LLMs are moving deeper into enterprise products and workflows, and that shift is creating new pressure on security leaders. A new guide from DryRun
Building SOX compliance through smarter training and stronger password practices
SOX compliance improves when password practices are consistent, traceable, and centralized, helping CISOs reduce risk and audit findings.
Holly Ventures launches $33 million fund focused on early-stage cyber innovation
Holly Ventures debuts a new cybersecurity fund focused on early-stage founders seeking hands-on support and strategic value.
The Hacker News
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Microsoft fixed 56 Windows security flaws, including an actively exploited privilege-escalation bug and two new command-injection zero-days.
Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
Vendors fix critical flaws across Fortinet, Ivanti, and SAP to prevent authentication bypass and remote code execution.
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage persistence.
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
GrayBravo drives four CastleLoader threat clusters using phishing, malvertising, and Booking-themed lures across multiple sectors.
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
Storm-0249 now employs ClickFix, fileless PowerShell, and DLL sideloading to gain stealthy access that enables ransomware operations.
How to Streamline Zero Trust Using the Shared Signals Framework
Zero Trust workflows strengthened as Tines converts Kolide device issues into SSF-compliant CAEP events for Okta.
Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats
Chrome adds new layered defenses to block prompt injections, restrict origin access, and prevent unsafe AI actions.
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
Sophos reports STAC6565 targeting nearly 40 victims, with 80% of attacks hitting Canadian firms and involving QWCrypt ransomware.
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT
Researchers detail JS#SMUGGLER, a multi-stage web attack using JavaScript, HTA, and PowerShell to deploy NetSupport RAT on targeted systems.
Cybersecurity News
Should Organizations Block AI Browsers? Security Leaders Discuss
Organizations are encouraged block agentic browsers. 
A Lack of AI Governance Leads to Additional Security Risks
Security leaders need concrete AI guidelines to prevent risks.
Security Leaders Discuss the Marquis Data Breach
Marquis Software Solutions experienced a data breach; security leaders discuss. 
State-Sponsored Actors Leverage Backdoor Malware, CISA Warns
State-sponsored cyber actors with the People’s Republic of China (PRC) are leveraging a sophisticated backdoor malware.
5 Cybersecurity Predictions for 2026
Quantum computing, biometrics and more — these are five predictions for the cybersecurity landscape in 2026.
After Email Hacking, University Targeted By Another Breach
After experiencing an email hacking incident on Oct. 31, the University of Pennsylvania has faced another cyberattack. 
34M Impacted by Coupang Breach, Security Leaders Respond
Security leaders discuss the Coupang data breach, which affected approximately 34 million customers. 
AI is Making Identity Verification More Difficult, Expert Warns
A recent press release by VPN.com reveals that the development of artificial intelligence (AI), robotics and neural implants are creating additional identification security concern...
Security Leaders Discuss SitusAMC Cyberattack
A real estate finance platform announced it experienced a cyberattack.
How to Stay Safe Online This Black Friday, According to a Cyber Expert
A cyber expert shares how individuals — and organizations — can stay safe during the holiday shopping season.
For [Blue|Purple] Teams in Cyber Defence
OGhidra: OGhidra bridges Large Language Models (LLMs) via Ollama with the Ghidra reverse engineering platform, enabling AI-driven binary analysis through natural language. Interact with Ghidra using conversational queries and automate complex reverse engineering workflows.
Suspicious PDFs with Embedded Shellcode & Hidden Transactions Found on Hawaii Bureau of Conveyances Server
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
CVE-2025-55182 Exploitation Hits the Smart Home - React
KustoHawk: KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Microsoft Sentinel environments.
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
NTDLL-Unhook
Silver Fox’s Russian Ruse: ValleyRAT Hits China via Fake Microsoft Teams Attack
GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries
New BYOVD loader behind DeadLock ransomware attack
Security at the speed of business – India | CSO Online
Polymorphic AI malware exists — but it’s not what you think
Understanding AI malware and how to separate real operational risk from vendor hype.
Key cybersecurity takeaways from the 2026 NDAA
A 4.1% increase in military cyber funding in the FY2026 NDAA budget underpins new requirements for hardened mobile devices, AI security frameworks, and expanded DoD cyber workforce...
Tools, um MCP-Server abzusichern
MCP-Server einzusetzen, liegt im Trend – und birgt Risiken. Diesen begegnen Sie mit den richtigen Tools.
Personal Branding geht auch ohne Agentur
Mit dem (neuen) B2B-Experten-Netzwerk von CSO Deutschland, Computerwoche und CIO.de.
GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments
Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud environments.
December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited
Attacker with local access could escalate privileges, Microsoft warns; analyst calls it ‘the most urgent concern’ this month.
Gemini for Chrome gets a second AI agent to watch over it
Google acknowledged the prompt injection risks in its browsing assistant, deploying a ‘user alignment critic’ to vet its actions
Racks, sprawl and the myth of redundancy: Why your failover isn’t as safe as you think
Today’s outages hit harder, so smart redundancy — backed by good policies, automation and testing — is the only way to keep traffic flowing when things inevitably break.
NIS2 umsetzen – ohne im Papierkrieg zu enden
NIS2 ist in Kraft und die To do Liste fĂŒr CISOs explodiert. Die hĂ€ufige Folge: unklare Vorgaben, riesige Doku Last und wenig Zeit.
Spotlight: Making the most of multicloud
Learn how to take advantage of the benefits of using multiple clouds, avoid common pitfalls, and ensure that multicloud is worth the investment.
Reverse Engineering
The stack circuitry of the Intel 8087 floating point chip, reverse-engineered
Declarative Binary Parsing for Security Research with Kaitai Struct
Ghidra 12.0 has been released!
/r/ReverseEngineering's Weekly Questions Thread
Patching Pulse Oximeter Firmware
GhidrAssist Ghidra LLM plugins reached v1.0
elfpeek - small C tool to inspect ELF64 headers/sections/symbols
free, open-source file scanner
Made yet another ApkTool GUI (at least I think it's pretty)
PalmOS on FisherPrice Pixter Toy
SANS Internet Storm Center, InfoCON: green
ISC Stormcast For Wednesday, December 10th, 2025 https://isc.sans.edu/podcastdetail/9732, (Wed, Dec 10th)
ISC Stormcast For Wednesday, December 10th, 2025 https://isc.sans.edu/podcastdetail/9732, Author: Johannes Ullrich
Microsoft Patch Tuesday December 2025, (Tue, Dec 9th)
Microsoft Patch Tuesday December 2025, Author: Johannes Ullrich
ISC Stormcast For Tuesday, December 9th, 2025 https://isc.sans.edu/podcastdetail/9730, (Tue, Dec 9th)
ISC Stormcast For Tuesday, December 9th, 2025 https://isc.sans.edu/podcastdetail/9730, Author: Johannes Ullrich
ISC Stormcast For Monday, December 8th, 2025 https://isc.sans.edu/podcastdetail/9728, (Mon, Dec 8th)
ISC Stormcast For Monday, December 8th, 2025 https://isc.sans.edu/podcastdetail/9728, Author: Johannes Ullrich
AutoIT3 Compiled Scripts Dropping Shellcodes, (Fri, Dec 5th)
AutoIT3 Compiled Scripts Dropping Shellcodes, Author: Xavier Mertens
ISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, (Fri, Dec 5th)
ISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, Author: Johannes Ullrich
ISC Stormcast For Thursday, December 4th, 2025 https://isc.sans.edu/podcastdetail/9724, (Thu, Dec 4th)
ISC Stormcast For Thursday, December 4th, 2025 https://isc.sans.edu/podcastdetail/9724, Author: Johannes Ullrich
Nation-State Attack or Compromised Government? [Guest Diary], (Thu, Dec 4th)
Nation-State Attack or Compromised Government? [Guest Diary], Author: Guy Bruneau
Attempts to Bypass CDNs, (Wed, Dec 3rd)
Attempts to Bypass CDNs, Author: Johannes Ullrich
ISC Stormcast For Wednesday, December 3rd, 2025 https://isc.sans.edu/podcastdetail/9722, (Wed, Dec 3rd)
ISC Stormcast For Wednesday, December 3rd, 2025 https://isc.sans.edu/podcastdetail/9722, Author: Johannes Ullrich
Trend Micro Research, News, Perspectives
Trend Vision Oneℱ Integration with AWS Security Hub CSPM: Unifying Cloud Security
Learn about the new Trend Vision Oneℱ Integration with AWS security hub CSPM that unifies cloud security.
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know
Project View: A New Era of Prioritized and Actionable Cloud Security
Learn more about Trend's Cloud Risk Management project view, designed to address challenges by focusing on comprehensive asset visibility, effective prioritization, and swift remed...
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Through AI-driven code conversion and a layered infection chain involving different file formats and scripting languages, the threat actors behind Water Saci are quickly upgrading ...
What’s your CNAPP maturity?
Elevate Your Cloud Security Strategy
Learn to elevate your cloud security strategy & overcome complexity with Vision Oneℱ.
Shai-hulud 2.0 Campaign Targets Cloud and Developer Ecosystems
Shai-hulud 2.0 campaign features a sophisticated variant capable of stealing credentials and secrets from major cloud platforms and developer services, while automating the backdoo...
Trend & AWS Partner on Cloud IPS: One-Click Protection
In the race to secure cloud infrastructure, intrusion prevention systems (IPS) remain one of the most critical yet complex at the cloud network layer of defense. For many organizat...
Krebs on Security
Microsoft Patch Tuesday, December 2025 Edition
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug ...
Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious connections to a Kremlin-connected oligarch whose Russ...
SMS Phishers Pivot to Points, Taxes, Fake Retailers
China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday sho...
Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’
A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters" made headlines regularly this year by stealing data from and publicly mass extorting dozens of major co...
Is Your Android TV Streaming Box Part of a Botnet?
On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-vi...
Mozilla Says It’s Finally Done With Two-Faced Onerep
In March 2024, Mozilla said it was winding down its collaboration with Onerep -- an identity protection service offered with the Firefox web browser that promises to remove users f...
The Cloudflare Outage May Be a Security Roadmap
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet's top destinations offline. Some affected Cloudflare customers were able to pivot away from the...
Microsoft Patch Tuesday, November 2025 Edition
Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is...
Google Sues to Disrupt Chinese SMS Phishing Triad
Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of tru...
Drilling Down on Uncle Sam’s Proposed TP-Link Ban
The U.S. government is reportedly preparing to ban the sale of wireless routers and other networking gear from TP-Link Systems, a tech company that currently enjoys an estimated 50...
BleepingComputer
SAP fixes three critical vulnerabilities across multiple products
SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws.
Windows PowerShell now warns when running Invoke-WebRequest scripts
Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from execut...
Microsoft releases Windows 10 KB5071546 extended security update
Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws.
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
Microsoft's December 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities.
Fortinet warns of critical FortiCloud SSO login auth bypass flaws
Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCl...
Windows 11 KB5072033 & KB5071417 cumulative updates released
Microsoft has released Windows 11 KB5072033 and KB5071417 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features.
Ivanti warns of critical Endpoint Manager code execution flaw
American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager (EPM) solution that could allow attackers to execute cod...
Maintaining enterprise IT hygiene using Wazuh SIEM/XDR
Poor IT hygiene, such as unused accounts, outdated software, and risky extensions, creates hidden exposure in your infrastructure. Wazuh, the open-source XDR and SIEM, shows how co...
Spain arrests teen who stole 64 million personal data records
The National Police in Spain have arrested a suspected 19-year-old hacker in Barcelona, for allegedly stealing and attempting to sell 64 million records obtained from breaches at n...
North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks
A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communica...
The Record from Recorded Future News
California man pleads guilty to RICO charges as DOJ indicts crypto theft gang
Evan Tangeman became the ninth person to plead guilty as part of a wider Justice Department takedown of a criminal group known as the Social Engineering Enterprise.
Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware
A French judge will determine whether investigators should proceed with a complaint from the widow of slain writer Jamal Khashoggi alleging that Saudi Arabia deployed spyware on he...
Seoul cyber investigators seize data, devices from ‘South Korea’s Amazon’ following data breach
Cyber investigators from the Seoul Metropolitan Police Agency seized devices and data from one of the country's largest tech firms to find evidence uncovering how the breach took p...
Trump plans executive order curbing state AI laws
Legislators at both the state and federal level have increasingly scrutinized how AI models suck up data for training purposes.
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) released a study last week covering 4,194 ransomware incidents that were reported through the Bank Secrecy A...
Microsoft Security Blog
Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack
The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publi...
Changing the physics of cyber defense
Cyber defense is evolving. Find out how graph-powered strategies and AI can help organizations detect threats faster and improve security hygiene.
Stronger together: New Beazley collaboration enhances cyber resilience
To bolster security for our customers, we need to align with our ecosystem partners. Our new collaboration with Beazley as an incident response partner is a step in that direction.
Microsoft named a leader in the 2025 Gartner¼ Magic Quadrantℱ for Email Security
Microsoft has been named a Leader in the 2025 Gartner¼ Magic Quadrantℱ for Email Security, which we believe highlights the innovative capabilities of Microsoft Defender for Office ...
Cybersecurity strategies to prioritize now​​
Learn how to strengthen cyber hygiene, modernize security standards, leverage fingerprinting, and more to defend against today’s evolving threats.
How to build forward-thinking cybersecurity teams for tomorrow
To secure the future, we must future-proof our cybersecurity talent and develop teams that are agile, innovative, and perpetually learning.
Charting the future of SOC: Human and AI collaboration for better security
Microsoft named a Leader in the Gartner¼ Magic Quadrantℱ for Access Management for the ninth consecutive year
We’re happy to share that Microsoft has been recognized as a Leader in the 2025 Gartner¼ Magic Quadrantℱ for Access Management for the ninth consecutive year.
Agents built into your workflow: Get Security Copilot with Microsoft 365 E5
At Microsoft Ignite 2025, we are not just announcing new features—we are redefining what’s possible, empowering security teams to shift from reactive responses to proactive strateg...
​​Ambient and autonomous security for the agentic era​​
Discover how Microsoft is securing the agentic AI era with new solutions announced at Microsoft Ignite—including tools powered by Microsoft Defender, Entra, Purview, Intune, and Se...
CyberScoop
Organizations can now buy cyber insurance that covers deepfakes
Cybersecurity insurer Coalition said it will start covering certain incidents where AI and deepfakes lead to reputational harm.
Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day
Microsoft closed out the year with 1,139 total defects patched, making it the second-largest year in volume behind 2020, according to Trend Micro.
Officials offer $10M reward for information on IRGC-linked leader and close associate
Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government.
Is ransomware finally on the decline? Treasury data offers cautious hope
Payments declined one-third to $734M, yet the number of victims confronting ransomware still remains a largely unchanged epidemic, sliding just 2% last year.
UK cyber agency warns LLMs will always be vulnerable to prompt injection
The comments echo many in the research community who have said the flaw is an inherent trait of generative AI technology.
Defense bill addresses secure phones, AI training, cyber troop mental health
The Defense Department would require that senior leaders have secure mobile phones, that personnel would get cybersecurity training that includes a focus on artificial intelligence...
Attackers hit React defect as researchers quibble over proof
A debate over actual exploitation is muddying response efforts. Multiple researchers say they’ve observed working proof of concepts while others assert evidence of attacks is lacki...
More evidence your AI agents can be turned against you
Aikido found that AI coding tools from Google, Anthropic, OpenAI and others regularly embed untrusted prompts into software development workflows.
Bipartisan health care cybersecurity legislation returns to address a cornucopia of issues
The bill, first introduced late last year, deals with regulations, training, grants and more.
Intellexa remotely accessed Predator spyware customer systems, investigation finds
It was one of a trio of reports about the spyware vendor over the course of a day, with additional evidence about further infections among the findings.
hacking: security in practice
What could go wrong?
The 2026 CRINK Threat Stack: From Espionage to Infrastructure
is it possible to reprogram this display?
It's 3am, I am tired from developing... but made a video anyway to show what KaliX-Terminal is.
Parrot CTFs
🚀 HttpScanner.com: Open-Source HTTP Header Analyzer
Okay, a secure p2p terminal calling
FUD Crypters in 2025?
What other options are there when all methods of debugging a binary are unsuccessful?
Should I learn the CCNA or network+ curriculum to learn the computer networking part of cybersecurity and bug bounties if I am just starting out?
Malware Analysis & Reports
hi! i think Jam is using your browser to mine cryptos
Viruses in public chat
Open Call for Contributors: Democratizing Ransomware Recovery Knowledge
Scam Telegram: Uncovering a network of groups spreading crypto drainers
Be careful of the job offer links you get on your LinkedIn DMs
Discord "Game Demo" Scam
LIVE from inside Lazarus APT's IT workers scheme
Spear Phishing/Loader Distribution to Malware Analysts
CVE Proof-of-Concept Finder: A Direct Lens Into Exploit Code
Analyzing Malicious Email Attachments - Static & Dynamic Analysis Techniques
Fraud Prevention Archives | PYMNTS.com
Instant Payments Shift Fraud Liability Into Real Time
The rise in AI-driven fraud means banks must up their tech to guard against credential compromise, account takeovers and impersonation scams.
78% of Shoppers Worry About Holiday Fraud Surge
Holiday transactions climb, and so do fraud concerns. Merchants now balance stronger safeguards with the need to maintain customer trust.
AI Fraudsters Crash Identity Systems Built for Yesterday
Trulioo’s Zac Cohen and WEX’s William Fitzgerald discuss digital trust that is built on an understanding of what “identity” now means.
Visa Reports 3X Leap in Fraud Attempts on Black Friday
Visa reported it blocked 280% more suspected fraud attempts on Black Friday in the U.K. this year and 140% more across Europe.
Banks Face Fraud Spike As Scams Stress Legacy Systems
Fraud is moving faster than the systems built to stop it, and the next phase of fraud defense will separate the prepared from the exposed.
JPMorganChase to Host Educational Workshops to Help Consumers Avoid Scams
JPMorganChase will host free educational workshops across the United States this week to mark International Fraud Awareness Week.
Financial Scams Are the New Customer-Churn Crisis for Banks
New PYMNTS data reveals how financial scams erode consumer trust and drive customers away from their banks.
Inside the ‘Perfect Storm’ Disrupting Fraud and Risk Management
i2c’s Matthew Pearce discusses how it’s possible to redefine what fraud resilience means in financial services while delivering performance.
Bad Customer Service Drives 85% of Consumers to Seek Chargebacks
Holiday fraud is a trust problem. PYMNTS Intelligence finds that most disputes start when merchants fail to resolve complaints quickly.
Mastercard Debuts Threat Intelligence Solution for Issuers and Acquirers
Mastercard has introduced a threat intelligence solution designed to help issuing and acquiring banks combat payment fraud.
Graham Cluley
California man admits role in $263 million cryptocurrency theft that funded lavish lifestyle
A 22-year-old from Newport Beach, California has pleaded guilty to his role in a sophisticated criminal network that stole approximately US $263 million in cryptocurrency from vict...
The AI Fix #80: DeepSeek’s cheap GPT-5 rival, Antigravity fails, and your LLM likes it when you’re rude
Privacy concerns raised as Grok AI found to be a stalker’s best friend
Grok, the AI chatbot developed by Elon Musk's xAI, has been found to exhibit more alarming behaviour - this time revealing the home addresses of ordinary people upon request.
Why the record-breaking 30 Tbps DDoS attack should concern every business
Smashing Security podcast #446: A hacker doxxes himself, and social engineering-as-a-service
A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer
 and accidentally hands over the keys to his real-world identity. Meanwhile

FBI warns of surge in account takeover (ATO) fraud schemes – what you need to know
The AI Fix #79: Gemini 3, poetry jailbreaks, and do we even need safe robots?
Asahi cyber attack spirals into massive data breach impacting almost 2 million people
Asahi Group Holdings, the makers of the popular Japanese beer Asahi Super Dry, has confirmed that the ransomware attack that disrupted its operations in late September also saw a s...
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartpho...
Smashing Security podcast #445: The hack that brought back the zombie apocalypse
America’s airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to

Malwarebytes
Prompt injection is a problem that may never be fixed, warns NCSC
The NCSC warns that prompt injection is unlikely to be mitigated in the same way SQL injection was. How do they compare?
EU fines X $140m, tied to verification rules that make impostor scams easier
The core problem persists: anyone can still buy a 'verified' checkmark from X, so don't take their authenticity for granted.
Deepfakes, AI resumes, and the growing threat of fake applicants
Attackers are blending automation, impersonation, and social engineering to get inside organizations. Here’s how to spot the signs.
How phishers hide banking scams behind free Cloudflare Pages
We found a campaign that hosts fake login pages on Cloudflare Pages and sends the stolen info straight to Telegram.
Scammers harvesting Facebook photos to stage fake kidnappings, warns FBI
Family photos pulled from social media are being used as "proof-of-life" in virtual kidnapping scams, the FBI warns.
A week in security (December 1 – December 7)
A list of topics we covered in the week of December 1 to December 7 of 2025
Leaks show Intellexa burning zero-days to keep Predator spyware running
A fresh investigation uncovers how Predator spyware still reaches victims through high-priced, newly bought zero-days.
How scammers use fake insurance texts to steal your identity
We follow the trail of a simple insurance text scam to show how it can spiral into full-blown identity theft.
Canadian police trialing facial recognition bodycams
Facial recognition software has long been criticized for accuracy issues and past wrongful arrests.
Update Chrome now: Google fixes 13 security issues affecting billions
Google has pushed out a Chrome update with 13 security fixes, including a high-severity flaw in Digital Credentials.
Sophos News
Sophos Firewall v22 is now available
Secure by Design.
Sophos Named One of Computerworld’s 2026 Best Places to Work in IT
Sophos has been named one of Computerworld’s 2026 Best Places to Work in IT for the second consecutive year, earning 10th place among large organizations for its innovative, people...
Inside Shanya, a packer-as-a-service fueling modern attacks
The ransomware scene gains another would-be EDR killer
Sharpening the knife: GOLD BLADE’s strategic evolution
Updates include novel abuse of recruitment platforms, modified infection chains, and expansion into a hybrid operation that combines data theft and ransomware deployment
Introducing Sophos Intelix for Microsoft 365 Copilot
Bringing Sophos threat intelligence directly into Microsoft 365 Copilot.
Introducing Sophos Intelix for Microsoft Security Copilot
Elevating threat intelligence for all Security Copilot users.
The State of Ransomware in Manufacturing and Production 2025
332 IT and cybersecurity leaders reveal the ransomware realities for manufacturing and production organizations today.
Introducing Sophos DNS Protection for Endpoints
Join the early access program for this new product.
Modernizing trust: How UADY transformed campus security with Sophos
At the Autonomous University of Yucatån (UADY), technology has long been central to supporting academic excellence.  As the university expanded to serve more than 20,000 students a...
The Sophos Central UAE region is now live!
Expanding customer choice and bringing Sophos Central closer to customers and partners across the Middle East.
Schneier on Security
AI vs. Human Drivers
Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an op-ed that honestly sounds like it was paid for by Waymo, the author call...
Substitution Cipher Based on The Voynich Manuscript
Here’s a fun paper: “The Naibbe cipher: a substitution cipher that encrypts Latin and Italian as Voynich Manuscript-like ciphertext“: Abstract: In this article, I investigate the h...
Friday Squid Blogging: Vampire Squid Genome
The vampire squid (Vampyroteuthis infernalis) has the largest cephalopod genome ever sequenced: more than 11 billion base pairs. That’s more than twice as large as the biggest squi...
New Anonymous Phone Service
A new anonymous phone service allows you to sign up with just a zip code.
Like Social Media, AI Requires Difficult Choices
In his 2020 book, “Future Politics,” British barrister Jamie Susskind wrote that the dominant question of the 20th century was “How much of our collective life should be determined...
Banning VPNs
This is crazy. Lawmakers in several US states are contemplating banning VPNs, because
think of the children! As of this writing, Wisconsin lawmakers are escalating their war on pri...
Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach
A meter-long flying neon squid (Ommastrephes bartramii) was found dead on an Israeli beach. The species is rare in the Mediterranean.
Prompt Injection Through Poetry
In a new paper, “Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models,” researchers found that turning LLM prompts into poetry resulted in jai...
Huawei and Chinese Surveillance
This quote is from House of Huawei: The Secret History of China’s Most Powerful Company. “Long before anyone had heard of Ren Zhengfei or Huawei, Wan Runnan had been China’s star e...
Four Ways AI Is Being Used to Strengthen Democracies Worldwide
Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expect...
Alerts
CISA Releases Three Industrial Control Systems Advisories
Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems
CISA Releases Nine Industrial Control Systems Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
CISA, Australia, and Partners Author Joint Guidance on Securely Integrating Artificial Intelligence in Operational Technology
CISA Releases Five Industrial Control Systems Advisories
All CISA Advisories
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Releases Three Industrial Control Systems Advisories
Universal Boot Loader (U-Boot)
Multiple India-based CCTV Cameras
Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure
Festo LX Appliance
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Releases Nine Industrial Control Systems Advisories
Securelist
Goodbye, dark Telegram: Blocks are pushing the underground out
Kaspersky researchers analyze changes in the lifespan of a shadow Telegram channel, blocks, and migration to other platforms.
Shai Hulud 2.0, now with a wiper flavor
Kaspersky researchers uncover new version of Shai Hulud nom worm, which attacks targets in Russia, India, Brazil, China and other countries, and has wiper features.
Exploits and vulnerabilities in Q3 2025
This report provides statistical data on vulnerabilities published and exploits we researched during the third quarter of 2025. It also includes summary data on the use of C2 frame...
Kaspersky Security Bulletin 2025. Statistics
Kaspersky Security Bulletin contains statistics on various cyberthreats for the period from November 2024 to October 2025, which are based on anonymized data voluntarily provided b...
Tomiris wreaks Havoc: New tools and techniques of the APT group
Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Di...
Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025
This article covers NTLM relay, credential forwarding, and other NTLM-related vulnerabilities and cyberattacks discovered in 2025.
To buy or not to buy: How cybercriminals capitalize on Black Friday
How cybercriminals prepare for Black Friday: phishing, scams and malware targeting online shoppers and gamers, fake sales in spam and real sales on the dark web.
ToddyCat: your hidden email assistant. Part 1
Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealin...
Inside the dark web job market
This report examines how employment and recruitment function on the dark web, based on over 2,000 job-related posts collected from shadow forums between January 2023 and June 2025.
Blockchain and Node.js abused by Tsundere: an emerging botnet
Kaspersky GReAT experts discovered a new campaign featuring the Tsundere botnet. Node.js-based bots abuse web3 smart contracts and are spread via MSI installers and PowerShell scri...
MSRC Security Update Guide
CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability
CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability
CVE-2025-62454 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2025-62457 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2025-62458 Win32k Elevation of Privilege Vulnerability
CVE-2025-62466 Windows Client-Side Caching Elevation of Privilege Vulnerability
CVE-2025-62469 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-62470 Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2025-62472 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Recorded Future
GrayBravo’s CastleLoader Activity Clusters Target Multiple Industries
November 2025 CVE Landscape: 10 Critical Vulnerabilities Show 69% Drop from October
November 2025 CVE landscape: 10 exploited critical vulnerabilities, a 69% drop from October, and why Fortinet and Samsung flaws need urgent patching.
5 Real-Word Third-Party Risk Examples
Explore 5 third-party risk examples, from vendor data breaches to supply chain attacks and learn how third-party risk management can prevent cyberattacks.
When the Digital World Turns Physical: The Expanding Role of Threat Intelligence in Executive Protection
Discover how converged threat intelligence protects executives from deepfakes, doxxing, and cyber-enabled physical threats with Recorded Future.
Critical React2Shell Vulnerability Under Active Exploitation by Chinese Threat Actors
A critical vulnerability in React Server Components is allegedly being actively exploited by multiple Chinese threat actors, Recorded Future recommends organizations patch their sy...
The Bug That Won't Die: 10 Years of the Same Mistake
Explore a decade of deserialization vulnerabilities, from Java to React/Next.js CVEs, and learn how to harden apps and stay ahead with Recorded Future.
The Hidden Cascade: Why Law Firm Breaches Destroy More than Data
Discover how law firm breaches expose decades of M&A intelligence, client data, and privileged strategy—and how to reduce cascading vendor risk before it hits.
Intellexa’s Global Corporate Web
The Maturity Gap: The Next Frontier in Threat Intelligence
Learn what advanced threat intelligence maturity really means and how to close the gap between current capabilities and predictive, autonomous operations.
Inside the CopyCop Playbook: How to Fight Back in the Age of Synthetic Media
Uncover how Russia’s CopyCop network uses AI-generated news and fake media sites to influence global audiences—and learn the key defenses against synthetic media threats.
Cisco Security Advisory
Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025
On December 3, 2025, the React team released a security advisory regarding a vulnerability, CVE-2025-55182, in the React server that could allow an unauthenticated, remote attacker...
Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to either disclose...
Multiple Cisco Contact Center Products Vulnerabilities
Multiple vulnerabilities in Cisco Unified Contact Center Express (Unified CCX), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Packaged Contact Center Enterprise (Pac...
Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious w...
Cisco Catalyst Center Privilege Escalation Vulnerability
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need v...
Cisco Catalyst Center Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack agains...
Cisco Catalyst Center REST API Command Injection Vulnerability
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. Th...
Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnera...
Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the Java Remote Method Invocation (RMI) process of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to...
Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an una...
Blog – Forter
New at Forter: Introducing Forter Prism
Meet Forter Prism, an AI copilot for e-commerce teams to gain instant insights, smarter decisions, and stronger protections against fraud.
Web Authentication is Broken
“The real trouble with this world of ours is not that it is an unreasonable world, nor even that it is a reasonable one. The commonest kind of trouble is that it is nearly reasonab...
The Age of Agentic AI: How to Thrive in the Next Era of Commerce
Agentic AI is transforming commerce. Learn how top brands like AWS, Shopify & Forter are preparing for AI-driven shopping, payments & fraud at scale.
The Agentic AI Questions Commerce Leaders Must Ask
Explore how agentic AI is transforming digital commerce — redefining trust, identity, and customer journeys with intelligent automation
The Next Era of Commerce: Why Agentic AI is the Shift You Can’t Ignore
Learn how agentic AI is transforming e-commerce. Discover strategies to optimize fraud prevention, trust, and CX in AI-powered digital commerce.
Proposing a Trusted Agentic Commerce Protocol
Introducing the Trusted Agentic Commerce Protocol, a new standard to unlock AI-powered commerce for merchants and developers.
Redefining Customer Loyalty in an AI-First World
AI agents are changing the rules of commerce. Here’s how merchants can stay relevant when the buyer might not be human.
Returns Abuse: Double-Dipping Fraud Doubles Down
Returns abuse is surging — and double-dipping fraud is leading the charge. Learn how to spot it, stop it, and protect your profits.
Smarter Authentication in an AI-Driven World
Learn how smarter, low-friction authentication improves security, increases approval rates, and delivers a seamless experience in an AI-powered world.
“Clean Slate” Travel Fraud Is On The Rise
Combat Clean Slate Fraud in the Travel Industry – Learn How to Protect Your Vouchers, Loyalty Programs, and Customer Trust.
Proofpoint News Feed
Proofpoint Completes Acquisition of Hornetsecurity
Strategic acquisition expands Proofpoint’s global leadership in human- and agent-centric security, deepens commitment to MSP and SMB markets
Yippee-ki-yay, cybercriminals!
Welcome in! You’ve entered, Only Malware in the Building. Wrap yourself in a warm blanket, pour your favorite mug of tea, and join us each month as we unwrap the season’s juiciest ...
Proofpoint Named a Leader in 2025 Gartner Magic Quadrant for Email Security
Proofpoint evaluated as a Leader based on Completeness of Vision and Ability to Execute   SUNNYVALE, Calif. – December 1, 2025 – Proofpoint, Inc., a leading
Proofpoint Appoints Chief Marketing Officer
Former Zscaler CMO appointment to power Proofpoint’s next chapter of growth, strengthening its leadership in human-centric data security in the age of AI
How to Stay Vigilant During End-of-Year Online Scams This Holiday Season
Crime Rings Enlist Hackers to Hijack Trucks
By breaking into carriers’ online systems, cyber-powered criminals are making off with truckloads of electronics, beverages and other goods
The 10 Hottest Cybersecurity Products Of 2025
The hottest cybersecurity products of 2025 include new tools for AI security and data protection from CrowdStrike, Palo Alto Networks, SentinelOne, Zscaler and Netskope.
Proofpoint Satori Emerging Threats Intelligence Agent Now Generally Available for Microsoft Security Copilot
SUNNYVALE, Calif. – November 18, 2025 – Proofpoint, Inc., a leading cybersecurity and compliance company, today announced the general availability of its Proofpoint Satoriℱ Emergin...
Operation Endgame targets malware networks in global crackdown
Rhadamanthys, VenomRAT, and the Elysium botnet were targeted in the takedowns.
Iran's Elusive "SmudgedSerpent' APT Phishes Influential US Policy Wonks
Security Latest
Oh Crap, Kohler’s Toilet Cameras Aren’t Really End-to-End Encrypted
Plus: The Trump administration declines to issue sanctions over Salt Typhoon’s hacking spree, officials warn of a disturbingly stealthy Chinese malware specimen, and more.
Huge Trove of Nude Images Leaked by AI Image Generator Startup’s Exposed Database
An AI image generator startup’s database was left accessible to the open internet, revealing more than 1 million images and videos, including photos of real people who had been “nu...
‘Signalgate’ Inspector General Report Wants Just One Change to Avoid a Repeat Debacle
The United States Inspector General report reviewing Secretary of Defense Pete Hegseth’s text messaging mess recommends a single change to keep classified material secure.
Cloudflare Has Blocked 416 Billion AI Bot Requests Since July 1
Cloudflare CEO Matthew Prince claims the internet infrastructure company’s efforts to block AI crawlers are already seeing big results.
FBI Says DC Pipe Bomb Suspect Brian Cole Kept Buying Bomb Parts After January 6
The 30-year-old Virginia resident evaded capture for years after authorities discovered pipe bombs planted near buildings in Washington, DC, the day before the January 6, 2021, Cap...
A New Anonymous Phone Carrier Lets You Sign Up With Nothing but a Zip Code
Privacy stalwart Nicholas Merrill spent a decade fighting an FBI surveillance order. Now he wants to sell you phone service—without knowing almost anything about you.
The Louisiana Department of Wildlife and Fisheries Is Detaining People for ICE
Louisiana’s hunting and wildlife authority is one of more than 1,000 state and local agencies that have partnered with US immigration authorities this year alone.
Russia Wants This Mega Missile to Intimidate the West, but It Keeps Crashing
One of Vladimir Putin’s favorite sabers to rattle seems to have lost its edge.
Your Data Might Determine How Much You Pay for Eggs
A newly enacted New York law requires retailers to say whether your data influences the price of basic goods like a dozen eggs or toilet paper, but not how.
Flock Uses Overseas Gig Workers to Build Its Surveillance AI
An accidental leak revealed that Flock, which has cameras in thousands of US communities, is using workers in the Philippines to review and classify footage.
CISA Cybersecurity Advisories
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure
CISA Shares Lessons Learned from an Incident Response Engagement
Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System
CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
#StopRansomware: Interlock
Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
Russian GRU Targeting Western Logistics Entities and Technology Companies
Fast Flux: A National Security Threat
#StopRansomware: Medusa Ransomware
Blog Articles - Identity Insights | Trulioo
Enhanced Due Diligence: A Comprehensive Guide
Enhanced due diligence (EDD) procedures minimize risk & maintain effective compliance standards when onboarding high-risk customers.
Know Your Agent (KYA) Meets the Market: The Maturing Landscape of Agentic Commerce
Agentic commerce is here. Discover how Trulioo and PayOS’s Know Your Agent (KYA) framework builds trust and identity for AI-driven transactions.
Building Trust in a Fragmented Landscape: Money20/20 USA Recap
At Money20/20 USA, Trulioo and industry leaders shared how collaboration, innovation and trust can unify fragmented compliance systems.
Can AI Beat AI? Inside the New Fraud Arms Race
Generative AI is reshaping fraud. Learn how Trulioo and industry leaders use AI to fight AI, strengthen identity and build digital trust.
PYMNTS Report Highlights the Importance of Global Identity Platforms
Global firms lose 3.1% in revenue yearly due to weak identity verification. See how global identity platforms help fight fraud and boost onboarding.
Efficiency in Action: How 2025’s Digital Identity Trends Took Shape
From cleaner data to real-time verification, explore how 2025’s digital identity trends proved that efficiency is the new measure of trust and innovation.
What Is Money Laundering? [With Examples]
Understand what is money laundering and its impact on crime and finance. Learn about AML controls and regulations for businesses.
Building Secure Cross-Border Payments: A Verification Strategy for Global Growth
Discover how payments leaders can enable trusted global growth through automated verification, fraud prevention and compliance with Trulioo.
Automated KYC Verification Explained
Explore the benefits of automated KYC verification, enhancing compliance accuracy and efficiency for organizations globally.
3 Key Insights: Fighting Fraud and Verifying Faster with Intelligent KYC and KYB Automation
Discover how intelligent KYC and KYB automation reduces onboarding costs, accelerates verification, and strengthens compliance. Learn 3 proven strategies from Trulioo to fight frau...
Microsoft 365 Blog
Advancing Microsoft 365: New capabilities and pricing update
Today we are announcing expanded availability of AI, security, and management capabilities coming to Microsoft 365 offerings in 2026.
Microsoft 365 Copilot Business: The future of work for small businesses
Microsoft announced the general availability of Microsoft 365 Copilot Business—a comprehensive, full-featured AI solution for SMBs. Learn more.
Why Microsoft Copilot Studio is the foundation for agentic business transformation
Explore new Microsoft Copilot Studio updates to shape agent behavior, enforce standards, and support agentic business transformation.
Microsoft Agent 365: The control plane for AI agents
Learn how Agent 365 delivers unified observability across your entire agent fleet through telemetry, dashboards, and alerts.
Microsoft Ignite 2025: Copilot and agents built to power the Frontier Firm
Discover the latest Microsoft Ignite 2025 announcements, including new Microsoft 365 Copilot features, AI-powered agents, and Work IQ innovations.
What’s new in Copilot Studio: October 2025
In this edition of our monthly roundup, we’re recapping new features released in Microsoft Copilot Studio in October 2025. Learn more.
Microsoft offers in-country data processing to 15 countries to strengthen sovereign controls for Microsoft 365 Copilot
Microsoft is pleased to announce that we are making in-country data processing for customers’ Microsoft 365 Copilot interactions available in 15 countries.
Microsoft 365 Copilot now enables you to build apps and workflows
Create apps, automate workflows, and build agents using App Builder and Workflows agents in Microsoft 365 Copilot and Copilot Studio.
What’s new in Copilot Studio: September 2025
In this edition of our monthly roundup, we’re recapping new features released in Microsoft Copilot Studio in September 2025.
Meet Microsoft 365 Premium: Your AI and productivity powerhouse
Microsoft is taking a big step forward with major updates to our individual subscription lineup, combining the best of AI and productivity at an unbeatable price.
WeLiveSecurity
Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture
Identity is effectively the new network boundary. It must be protected at all costs.
MuddyWater: Snakes by the riverbank
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook.
Oversharing is not caring: What’s at stake if your employees post too much online
From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into trouble.
This month in security with Tony Anscombe – November 2025 edition
Data leaks by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news
What parents should know to protect their children from doxxing
Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake.
Influencers in the crosshairs: How cybercriminals are targeting content creators
Social media influencers can provide reach and trust for scams and malware distribution. Robust account protection is key to stopping the fraudsters.
MDR is the answer – now, what’s the question?
Here's why your business needs the best-of-breed combination of technology and human expertise
The OSINT advantage: Find your weak spots before attackers do
Here’s how open-source intelligence helps uncover your digital footprint and weak points, plus a few essential tools to connect the dots.
PlushDaemon compromises network devices for adversary-in-the-middle attacks
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks.
What if your romantic AI chatbot can’t keep a secret?
Does your chatbot know too much? Think twice before you tell your AI companion everything.
WeLiveSecurity
Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture
Identity is effectively the new network boundary. It must be protected at all costs.
MuddyWater: Snakes by the riverbank
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook.
Oversharing is not caring: What’s at stake if your employees post too much online
From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into trouble.
This month in security with Tony Anscombe – November 2025 edition
Data leaks by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month's cybersecurity news
What parents should know to protect their children from doxxing
Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake.
Influencers in the crosshairs: How cybercriminals are targeting content creators
Social media influencers can provide reach and trust for scams and malware distribution. Robust account protection is key to stopping the fraudsters.
MDR is the answer – now, what’s the question?
Here's why your business needs the best-of-breed combination of technology and human expertise
The OSINT advantage: Find your weak spots before attackers do
Here’s how open-source intelligence helps uncover your digital footprint and weak points, plus a few essential tools to connect the dots.
PlushDaemon compromises network devices for adversary-in-the-middle attacks
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks.
What if your romantic AI chatbot can’t keep a secret?
Does your chatbot know too much? Think twice before you tell your AI companion everything.
Security – Ars Technica
Admins and defenders gird themselves against maximum-severity server vuln
Open source React executes malicious code with malformed HTML, no auth needed.
Fraudulent gambling network may actually be something more nefarious
Researchers say there’s more to the network, which has operated for 14 years.
This hacker conference installed a literal antivirus monitoring system
Organizers had a way for attendees to track CO2 levels throughout the venue—even before they arrived.
Oops. Cryptographers cancel election results after losing decryption key.
Voting system required three keys. One of them has been “irretrievably lost.”

How to know if your Asus router is one of thousands hacked by China-state hackers
So far, the hackers are laying low, likely for later use.
Critics scoff after Microsoft warns AI feature can infect machines and pilfer data
Integration of Copilot Actions into Windows is off by default, but for how long?
Bonkers Bitcoin heist: 5-star hotels, cash-filled envelopes, vanishing funds
Bitcoin mining hardware exec falls for sophisticated crypto scam to tune of $200k

5 plead guilty to laptop farm and ID theft scheme to land North Koreans US IT jobs
Fleets of laptops run from US residences gave appearance workers were in the US.
Researchers question Anthropic claim that AI-assisted attack was 90% autonomous
The results of AI-assisted hacking aren’t as impressive as many might have us believe.
ClickFix may be the biggest security threat your family has never heard of
Relatively new technique can bypass many endpoint protections.
Heimdal Security Blog
ITDR Best Practices: How to Detect, Prevent, and Contain Critical Identity Threats
Key takeaways: ITDR monitors identity-based threats that traditional security tools miss, like hackers logging in with stolen credentials Effective ITDR requires integration with p...
When Buyers Discount MSPs With One Big Customer
Your biggest customer loves you. Three years together. They trust you, pay on time, and refer others. From where you sit, that’s loyalty. From where a buyer sits, that’s a $$$ disc...
You’re Not Technical? That Excuse Just Expired!
The world in which there are three groups of people, technical, not technical and those in between, is dead. AI just killed it, And if you’re a business leader still hiding behind ...
Tool Sprawl Taxes Your Business More Than You Think
Ross Brouse has a name for what he sees every day. The Frankenstack. “The lack of operational simplicity comes from piling on tools, building that Frankenstack, as I call it,” says...
Heimdal 5.1.0 RC Dashboard: Smarter Automation, Stronger Compliance, and Smoother Control
Explore Heimdal 5.1.0 RC: smarter automation, easier compliance, better visibility, and streamlined endpoint control for modern IT teams.
Can Generative AI Be Weaponized for Cyberattacks?
Generative AI has emerged as one of the most powerful technologies of our era. Capable of producing realistic text, images, voice, and even code, these systems are revolutionizing ...
Digital Warfare and the New Geopolitical Frontline
This article follows our recent article on the source of cybercrime attacks – read it here – we’re now exploring the global, commercial, and political dimensions of digital warfare...
Nearly 40% of 2024 Ransomware Payouts May Have Gone to Russia, China & North Korea
Ransomware victims paid an estimated $813 million in 2024. Nearly 40 percent of that may have gone to actors in Russia, China and North Korea, according to new analysis from cybers...
What is Managed ITDR? Key Definitions, Features, and Benefits
Key takeaways: MITDR explained: Managed ITDR combines identity threat detection with expert-led response. Why it matters: Get better protection and lower costs without building a f...
Retail cybersecurity statistics for 2026
Cyber attacks against retail businesses have made headlines in 2025. Read this retail cybersecurity statistics rundown to understand more. 
Fraud Prevention – Riskified
Disrupting the shadow economy of online betting in Europe and beyond: Account theft, laundering, and cashouts
Blog
A New Way to Think About Fraud Risk Assessment
It is time to redesign the fraud risk assessment process and incorporate an understanding of how these fraud risk statements operate in the real world. 
Where is the beef? Developing a Deeper Understanding of Potential Fraud Schemes
The fraud auditing profession needs to provide better guidance or better examples of what is meant by a deeper understanding of fraud risk statements.
An Auditor's Obligation to Understand Fraud Schemes
Auditors can gain a deeper understanding of fraud risk schemes by developing fraud risk intelligence through studying fraud risk in the real world.
Is your fraud risk assessment designed to fail?
If you want to do a successful fraud risk assessment, you need to consider that people commit fraud, not internal controls.
Does Our Professional Guidance Provide Sufficient Guidance for Effective Fraud Risk Management
Does the professional guidance provided by the fraud risk management industry provide enough insights for companies to manage fraud risk?
Is Fraud Risk Assessment Simply an Academic Exercise?
Fraud risk assessments are prepared to identify risk and ensure that internal controls manage that risk, but are they more than an academic exercise?
The Fraud Auditor: What Does This Person Look Like?
What does a fraud auditor need? Superior knowledge of fraud risk, superior research skills, superior debating skills, and, superior audit skills.
What is a Fraud Scheme?
The fraud auditing industry uses so many terms interchangeably that it creates confusion. Let's cut the confusion and implement better fraud definitions.
Gaining a Deeper Understanding of Fraud Schemes
If you are conducting an expenditure audit, purchasing audit or an accounts payable audit, consider the likelihood of a pass-through scheme.
Proactive Approach to Fraud Detection: A New State of Mind
If the fraud audit profession wants a “more proactive approach to fraud detection” it is time to recognize that auditors must develop a new set of skills.
InfoSec Insights
A Guide to PKI Authentication with 8 Examples
Discover how PKI authentication works to help secure your organization, sensitive data, and customers against old and new digital threats.
How to Open 443 Port and Check If It Is Enabled or Not
Port 443 is foundational to secure internet communications. Here’s how to open the 443 port in Windows & Linux, and how to tell if it’s open in the Windows Defender and Linux Uncom...
4 Key SMB Takeaways from OWASP’s GenAI Security Incident Response Guide
Explore 4 takeaways from OWASP's GenAI Security Incident Response Guide to learn why it’s fundamental to every organization’s cybersecurity.
The Ultimate Guide to Software Supply Chain Security Risks, Threats, and Mitigations
This ultimate guide tells everything you need to know to successfully identify, analyze & mitigate the most common software supply chain security risks.
5 Real-World Software Nightmares That Code Integrity Verification Could Have Prevented
Learn from the past to prepare for the future with these 5 infamous cyber attacks (and their disastrous consequences) that could have been prevented with code integrity check. Oper...
How Does PKI Work? A Look at the Inner Workings of Public Key Infrastructure
How does PKI work? How public key infrastructure protects data using authentication, cryptographic key, digital certificates& a trust chain.
8 Practical PKI Uses & Applications That Drive SMB Security
Explore eight practical PKI uses and applications you can implement right now as a small or mid-size business owner (8 SMB PKI use cases).
Demystifying PKI Technology: An Essential Guide for IT Security Professionals
Learn what PKI technology is & the role PKI IT security plays in securing environments by enabling data privacy, integrity, and authentication
10 Digital Identity Examples for Small Business Owners
Explore 10 digital identity examples that you can implement within your small or mid-size business without breaking the bank.
Industry Leaders Approve the Move to a 47-Day SSL Certificate Validity Period
Get the latest news relating to SSL/TLS certificate validity period changes from the CA/B Forum, which will move to 47-day validity by 2029.
Security | Microsoft Azure Blog | Microsoft Azure
Microsoft strengthens sovereign cloud capabilities with new services
Discover new Microsoft digital sovereignty capabilities and upcoming features across AI, security, and productivity, to address sovereign cloud needs.
Enhancing software supply chain security with Microsoft’s Signing Transparency
Microsoft Signing Transparency delivers verifiable code integrity and tamper-evident software releases for stronger supply chain security.
Oracle Database@Azure offers new features, regions, and programs to unlock data and AI innovation
Migrate Oracle solutions to the cloud with a trusted, enterprise-ready platform from Microsoft and Oracle. Learn more.
Building secure, scalable AI in the cloud with Microsoft Azure
Forrester Research shows how Azure helps enterprises scale generative AI securely, unlocking real business value. Learn more.
Navigating the 2024 holiday season: Insights into Azure’s DDoS defense
Learn more on how Azure DDoS is keeping you prepared for this years trends in advanced attack tactics to keep your data secure.
6 insights to make your data AI-ready, with Accenture’s Teresa Tung
Windows Server 2025 now generally available, with advanced security, improved performance, and cloud agility
Enhance your security options and take advantage of new hybrid cloud capabilities with Windows Server 2025. Learn more.
Accelerating industry-wide innovations in datacenter infrastructure and security
Developer insights: Building resilient end-to-end security
Microsoft Trustworthy AI: Unlocking human potential starts with trust
YouTube Video
ZDI: Upcoming Advisories
ZDI-CAN-28304: Docker
Fraud Prevention Archives - Alloy Silverstein
Beware of Misleading Tax Advice on Social Media
Each year the IRS educates taxpayers on the most trending fraud schemes that could deceive individuals and businesses during tax season. In late 2024, The IRS took to warning the p...
Scammers Up Their Game With AI
Learn how to spot the threats and protect yourself from scammers using AI for phishing and deepfakes with smart security practices.
The Essential Guide to Safeguarding Your Online Passwords
Protect your personal and business data with strong passwords, two-factor authentication, and smart cybersecurity practices.
Beware: Tax Season is Scam Season
Tax season is also prime time for tax scams. To safeguard your personal information, consider these key points: Communication methods The IRS initiates contact primarily through ma...
Stop Scams: Fraud Prevention Starts with Your Employees
You can be as proactive and protective as possible when it comes to cyber security for your business, but there’s one vulnerability you cannot eliminate: human error. In fact, stat...
‘Tis the Season for Holiday Shopping Scams
The holidays are typically the time of year for gifting presents to friends and family or donations to charity. Unfortunately, not-so-jolly fraudsters take advantage of this genero...
IRS Issues “Dirty Dozen” Fraud Warnings
Each year, the IRS releases a “Dirty Dozen” series to highlight the most common fraud schemes taxpayers should be aware of.
IRS Identity Theft Season Begins Now
Each year thieves try to steal billions in federal withholdings by stealing your identity. As the IRS focuses more attention on this quickly growing problem, now is the time of yea...
Five Ways to Protect Your Finances from Fraud
With fraud on the rise, it’s important to understand how to best protect yourself and your financial accounts. Here are five ways you can stay proactive to avoid fraudulent credit ...
Safeguarding Your Business’s Cash with Segregation of Duties
Pop quiz: Is fraud and embezzlement more common in small or large businesses? Unfor­tunately for small businesses, since they often lack the internal controls that are typically in...
Microsoft Security Response Center
Why XSS still matters: MSRC’s perspective on a 25-year-old threat
BlueHat Asia 2025: Closing soon: Submit your papers by September 14, 2025
postMessaged and Compromised
Microsoft Bounty Program year in review: $17 million in rewards
Zero Day Quest: Join the largest hacking event with up to $5 million in total bounty awards
.NET Bounty Program now offers up to $40,000 in awards
How Microsoft defends against indirect prompt injection attacks
Customer guidance for SharePoint vulnerability CVE-2025-53770
Congratulations to the MSRC 2025 Most Valuable Security Researchers!
Congratulations to the top MSRC 2025 Q2 security researchers!
Threatpost
Student Loan Breach Exposes 2.5M Records
2.5 million people were affected, in a breach that could spell more trouble down the line.
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Ransomware Attacks are on the Rise
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter Whistleblower Complaint: The TL;DR Version
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Firewall Bug Under Active Attack Triggers CISA Warning
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Fake Reservation Links Prey on Weary Travelers
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
iPhone Users Urged to Update to Patch 2 Zero-Days
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Google Patches Chrome’s Fifth Zero-Day of the Year
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
First Six Last Four
Why SaaS Companies are Becoming Payments Facilitators [PayFac]
Why PCI-DSS is a Scam Designed to Catch Out Small Businesses
Payments Fraud Pattern & Issue Analysis Using SQL
Links to the key 2021 Payments Reports
Fraud detection techniques: Links
Beginners Guide to Payment Fraud Detection & Prevention
Offsite passive fraud checks & data vendors
Payment fraud attacks, spikes and patterns
5 Things You Can do Today to Reduce Fraud
Full List of IP Address Data Providers