Cybersecurity News from Across the Internet
A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors. “We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during startup and passing all trust checks,” researchers Jesse … Read More “$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections – The Hacker News” »
A company affiliated with the Georgia Institute of Technology agreed to pay $875,000 to the U.S. government to settle a case involving allegations that it knowingly failed to meet cybersecurity requirements for obtaining Pentagon contracts, the Justice Department announced Tuesday. Two Georgia Tech whistleblowers who worked on the university’s cybersecurity team first filed suit in … Read More “DOJ, Georgia Tech affiliate company settle over alleged failure to meet DOD contract cyber requirements – CyberScoop” »
The Cybersecurity and Infrastructure Security Agency doesn’t have any plans in place for continuing a threat information-sharing program should a 2015 law that laid the groundwork for its creation expire Wednesday, according to a new watchdog report. The inspector general report points to yet more potential complications for threat data exchanges between industry and the … Read More “Watchdog: Cyber threat information-sharing program’s future uncertain with expected expiration of 2015 law – CyberScoop” »
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. “Phantom Taurus’ main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations,” Palo Alto Networks Unit 42 – Read More … Read More “Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware – The Hacker News” »
Cybersecurity researcher Jeremiah Fowler discovered a massive 10.7TB ClaimPix leak exposing 5.1M customer files, vehicle data, and Power of Attorney documents. Read the full details. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A massive data breach at RemoteCOM exposed 14,000 personal files and police contacts from the SCOUT software. Learn what this aggressive spyware records, and the high risks for all involved parties. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Posted by Ron E on Sep 30 A heap buffer overflow vulnerability exists in the geotifcp utility, distributed as part of libgeotiff. The flaw occurs in the function cpContig2ContigByRow_8_to_4 when processing TIFF images with an odd ImageWidth and using the -d option (downsampling from 8-bit to 4-bit). During conversion, the function iterates over pixels … Read More “libgeotiff 1.7.4 Heap Buffer Overflow in geotifcp (libgeotiff) During 8-to-4 Bit Downsample with Odd Image Width – Full Disclosure” »
Posted by Ron E on Sep 30 In the samtools coverage subcommand, the -w / –n-bins option allows the user to specify how many “bins” to produce in the coverage histogram. The code computes: stats[tid].bin_width = (stats[tid].end – stats[tid].beg) / n_bins; When the number of bins (n_bins) is extremely large relative to the region … Read More “Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow – Full Disclosure” »
Posted by Ron E on Sep 30 A denial-of-service vulnerability exists in Samtools and the underlying HTSlib when processing BED files containing extremely large interval values. The bed_index_core() function in bedidx.c uses the interval end coordinate to calculate allocation size without sufficient validation. By supplying a BED record with a crafted end coordinate (e.g., … Read More “Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1 macOS Sonoma 14.8.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125330. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: macOS Sonoma Impact: Processing … Read More “APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-6 visionOS 26.0.1 visionOS 26.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125338. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: Apple Vision Pro Impact: Processing a … Read More “APPLE-SA-09-29-2025-6 visionOS 26.0.1 – Full Disclosure” »
New smishing attacks exploit Milesight routers to send phishing texts targeting Belgian users – Read More –
Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-1 iOS 26.0.1 and iPadOS 26.0.1 iOS 26.0.1 and iPadOS 26.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125326. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: … Read More “APPLE-SA-09-29-2025-1 iOS 26.0.1 and iPadOS 26.0.1 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-2 iOS 18.7.1 and iPadOS 18.7.1 iOS 18.7.1 and iPadOS 18.7.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125327. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: … Read More “APPLE-SA-09-29-2025-2 iOS 18.7.1 and iPadOS 18.7.1 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1 macOS Tahoe 26.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125328. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: macOS Tahoe Impact: Processing … Read More “APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Sep 30 APPLE-SA-09-29-2025-4 macOS Sequoia 15.7.1 macOS Sequoia 15.7.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125329. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: macOS Sequoia Impact: Processing … Read More “APPLE-SA-09-29-2025-4 macOS Sequoia 15.7.1 – Full Disclosure” »
Anthropic’s new coding-focused large language model, Claude Sonnet 4.5, is being touted as one of the most advanced models on the market when it comes to safety and security, with the company claiming the additional effort put into the model will make it more difficult for bad actors to exploit and easier to leverage for … Read More “Anthropic touts safety, security improvements in Claude Sonnet 4.5 – CyberScoop” »
New Android RAT Klopatra is targeting financial institutions using advanced evasion techniques – Read More –
In episode 70 of The AI Fix, our hosts learn that AI makes people more dishonest, Waymo’s robo-cars save lives but get outsmarted by a bathroom mirror, a “rescue” bot slurps up victims head-first, and China shows off a fusion robot arm that can lift ten elephants (or 200,000 pigeons, if you’re scientific about it). … Read More “The AI Fix #70: AI behaves… until it knows you’re watching – Graham Cluley” »
Guidance for staff responsible for managing a cyber incident response within their organisation. – Read More – NCSC Feed
Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions – VMware … Read More “Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024 – The Hacker News” »
The Problem: Legacy SOCs and Endless Alert Noise Every SOC leader knows the feeling: hundreds of alerts pouring in, dashboards lighting up like a slot machine, analysts scrambling to keep pace. The harder they try to scale people or buy new tools, the faster the chaos multiplies. The problem is not just volume; it is … Read More “Stop Alert Chaos: Context Is the Key to Effective Incident Response – The Hacker News” »
Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a unified agentic platform with the general availability of the Sentinel data lake. In addition, the tech giant said it’s also releasing a public preview of Sentinel Graph and Sentinel Model Context Protocol (MCP) server. “With graph-based context, … Read More “Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake – The Hacker News” »
Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google’s Gemini artificial intelligence (AI) assistant that, if successfully exploited, could have exposed users to major privacy risks and data theft. “They made Gemini vulnerable to search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud – Read More – The Hacker News
The Trump administration wants CISA to transition to a “new model” for supporting local government agencies’ cyber strategy – Read More –
Tenable researchers have discovered three vulnerabilities in Google’s Gemini GenAI tool – Read More –
Two 17-year-olds have been arrested by Dutch authorities on suspicion of spying for pro-Russian hackers. The teenagers, who are said to have been recruited as “disposable agents” via Telegram, were reportedly arrested last week “on suspicion that are linked to government-sponsored interference.” Read more in my article on the Hot for Security blog. – Read … Read More “Dutch teens recruited on Telegram, accused of Russia-backed hacking plot – Graham Cluley” »
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior – Read … Read More “New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events – The Hacker News” »
Japanese brewery giant Asahi revealed that a cyber-attack had caused a “system failure”, with order and shipment operations suspended in Japan – Read More –
As more businesses rely on digital documents today, effective large file management has also become necessary. PDFs are… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Most UK cybersecurity professionals tell CIISec that their budgets are stagnating – Read More –
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London. The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the single largest such effort in the world, the … Read More “U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust – The Hacker News” »
The world of enterprise technology is undergoing a dramatic shift. Gen-AI adoption is accelerating at an unprecedented pace, and SaaS vendors are embedding powerful LLMs directly into their platforms. Organizations are embracing AI-powered applications across every function, from marketing and development to finance and HR. This transformation unlocks innovation and efficiency, but it also – … Read More “Evolving Enterprise Defense to Secure the Modern AI Supply Chain – The Hacker News” »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior … Read More “CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems – The Hacker News” »
Compliance is not a regulatory imperative anymore, neither is it a strategic, confidence, strength, and growth enabler in digital… The post Compliance Turns Digital Finance into Confidence appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
The Department of Homeland Security estimated over the weekend that it would send home about two-thirds of employees at the Cybersecurity and Infrastructure Security Agency in the event of a government shutdown. It’s the first time that the second Trump administration has released its contingency plan in response to what would happen if Congress doesn’t … Read More “Two-thirds of CISA personnel could be sent home under shutdown – CyberScoop” »
Dutch authorities arrest two teens recruited by pro-Russian hackers for spying missions. Learn how Russia is using disposable agents for sabotage across Europe. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Authorities arrested 260 cybercrime suspects during a two-week operation spanning 14 African countries, Interpol announced Friday. The globally coordinated summertime crackdown dubbed “Operation Contender 3.0” targeted criminal networks that facilitated romance scams and sextortion, officials said. Interpol said total losses attributed to the scam syndicates amounted to about $2.8 million, involving almost 1,500 victims. Authorities … Read More “Interpol operation disrupts romance scam and sextortion networks in Africa – CyberScoop” »
Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various regions, including Europe, the Americas, and the Asia, Middle East, and Africa (AMEA) region. … Read More “EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations – The Hacker News” »
While the exact suspicion was yet to be revealed it is linked to “foreign interference” – Read More –
Luxury retailer Harrods confirms 430,000 customer records (names, contacts) were stolen from a third-party provider in the latest UK retail cyberattack wave. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Microsoft Threat Intelligence stopped an AI-driven credential phishing campaign using SVG files disguised as PDFs – Read More –
The Five Eyes countries, Germany and the Netherlands are launching a standard for managing OT security – Read More –
Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden software bugs to massive DDoS attacks and new ransomware tricks, this week’s roundup gives you the biggest security moves to know. Whether you’re protecting key systems or locking down cloud apps, these are the updates you … Read More “⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More – The Hacker News” »
As the digital asset market matures and regulators worldwide work to set clear standards, one fact has become… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
eSentire TRU analyses the new DarkCloud V4.2 infostealer, rewritten in VB6. Find out how the malware steals browser data, crypto, and contacts via targeted phishing. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Security leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit breaking points. A comprehensive survey of 282 security leaders at companies across industries reveals a stark reality facing modern Security Operations Centers: alert volumes have reached unsustainable levels, forcing teams to leave critical threats uninvestigated. You can … Read More “The State of AI in the SOC 2025 – Insights from Recent Study – The Hacker News” »
A critical, longstanding piece of America’s cybersecurity infrastructure is perilously close to vanishing overnight. On Tuesday, the Cybersecurity Information Sharing Act (CISA) expires — and with it, the legal protections that enable countless organizations to share threat intelligence with the federal government. Without swift congressional action, we risk dismantling years of progress in collaborative cyber … Read More “Expired protections, exposed networks: The stakes of CISA’s sunset – CyberScoop” »
Recruitment and retention remain a significant challenge for security teams, amid growing pressures on cyber professionals – Read More –
