Author: Joe-W

Your AI reads the small print, and that’s a problem. This week in episode 433 of “Smashing Security” we dig into LegalPwn – malicious instructions tucked into code comments and disclaimers that sweet-talks AI into rubber-stamping dangerous payloads (or even pretending they’re a harmless calculator). Meanwhile, new research from Anthropic reveals that hackers have already … Read More “Smashing Security podcast #433: How hackers turned AI into their new henchman  – Graham Cluley” »

Jaguar Land Rover is restoring systems after a cyberattack disrupted production and sales, with a hacker group previously…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Streameast, the most popular and largest illicit live sports streaming network, was shut down following a coordinated law enforcement action conducted by Egyptian authorities last month, an antipiracy coalition of entertainment companies announced Wednesday. Egyptian authorities seized infrastructure powering Streameast and arrested two operators at their residences in El-Sheik Zaid, Egypt, a spokesperson for the … Read More “Streameast, world’s largest pirated live sports network, shut down by Egyptian authorities  – CyberScoop” »

Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised systems, signaling the trend of threat actors constantly on the lookout for new ways to distribute malware and fly under the radar. “The two npm packages … Read More “Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers  – The Hacker News” »

Israeli cybersecurity company Cato Networks has acquired AI security startup Aim Security in its first ever acquisition, reflecting the broader industry rush to address security challenges posed by artificial intelligence adoption. The deal combines Cato’s Secure Access Service Edge (SASE) networking platform with Aim’s AI security capabilities, allowing the company to protect customers from threats … Read More “Cato Networks acquires AI security startup Aim Security  – CyberScoop” »

Compiling an “ingredients list” for software can help organizations reduce cyber risks, avoid fines and save time, among other benefits, a Cybersecurity and Infrastructure Security Agency-led guide published Wednesday advises. The CISA document, produced with the National Security Agency and cyber agencies from 14 other countries, aims to produce a shared vision on advancing the … Read More “CISA guide seeks a unified approach to software ‘ingredients lists’  – CyberScoop” »

A House panel advanced legislation Wednesday that would reauthorize a major cyber threat information sharing law and a big-dollar state and local cyber grant program before they’re set to expire at the end of this month. Trump administration officials and nominees, as well as cybersecurity organizations and experts, have voiced support for renewing them both … Read More “House panel approves cyber information sharing, grant legislation as expiration deadlines loom  – CyberScoop” »

Discover why USDT stablecoin payments are becoming popular worldwide. Learn the benefits, risks, and practical tips for using…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The Federal Trade Commission announced a settlement Tuesday with a Chinese robot toy manufacturer, following an investigation that charged the company with illegally collecting the location data of U.S. children who buy its products. In a complaint filed in the U.S. Northern District Court of California, the Department of Justice on behalf of the FTC … Read More “FTC announces settlement with toy robot makers that tracked location of children  – CyberScoop” »

A newly published independent research report highlights Flowable’s rise in the digital process automation market. Built on open-source…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cloudflare mitigated the largest DDoS attack ever recorded, an 11.5 Tbps flood that lasted 35 seconds without disrupting…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and adoption of AI, it is more critical than ever to ensure the endpoint is adequately secured by a platform capable of not just keeping pace, … Read More “AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals  – The Hacker News” »

Google warned that two actively exploited zero-day vulnerabilities affecting Android devices have been patched in its September security update, which addresses 120 software defects total.  The zero-days — CVE-2025-38352 affecting the kernel and CVE-2025-48543 affecting Android Runtime — are both high-severity defects that don’t require user interaction for exploitation and could lead to escalation of … Read More “Google patches two Android zero-days, 120 defects total in September security update  – CyberScoop” »

For the second time, a court has ruled that President Donald Trump’s attempted firing of Federal Trade Commission members Rebecca Slaughter and Alvaro Bedoya was illegal and ordered the agency to reinstate the commissioners. By law, the FTC governs by a bipartisan 3-2 split, with the president’s party getting an extra seat and controlling the … Read More “Court rules ‘fired’ FTC commissioners be reinstated — again  – CyberScoop” »

Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said have been exploited in targeted attacks. The vulnerabilities are listed below – CVE-2025-38352 (CVSS score: 7.4) – A privilege escalation flaw in the Linux Kernel … Read More “Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack  – The Hacker News” »

In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According to the Wiz Research team, they identified a publicly accessible ClickHouse database belonging to DeepSeek. This allowed “full control over database operations, including the ability … Read More “Detecting Data Leaks Before Disaster  – The Hacker News” »

Threat actors are attempting to leverage a newly released artificial intelligence (AI) offensive security tool called HexStrike AI to exploit recently disclosed security flaws. HexStrike AI, according to its website, is pitched as an AI‑driven security platform to automate reconnaissance and vulnerability discovery with an aim to accelerate authorized red teaming operations, bug bounty hunting,  … Read More “Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure  – The Hacker News” »

Cybersecurity researcher Jeremiah Fowler discovered an unsecured and misconfigured server exposing 378 GB of internal Navy Federal Credit…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world. The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to broader offensive cyber activity undertaken by a group known as Homeland Justice. “Emails were … Read More “Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats  – The Hacker News” »

A new and clever ClickFix scam is using a fake AnyDesk installer and Windows search to bypass security,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cloudflare on Tuesday said it automatically mitigated a record-setting volumetric distributed denial-of-service (DDoS) attack that peaked at 11.5 terabits per second (Tbps). “Over the past few weeks, we’ve autonomously blocked hundreds of hyper-volumetric DDoS attacks, with the largest reaching peaks of 5.1 Bpps and 11.5 Tbps,” the web infrastructure and security company said in a … Read More “Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack  – The Hacker News” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain  – Read More  … Read More “CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation  – The Hacker News” »

Salesloft on Tuesday announced that it’s taking Drift temporarily offline “in the very near future,” as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens. “This will provide the fastest path forward to comprehensively review the application and build  … Read More “Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations  – The Hacker News” »

Cloudflare confirms a Salesforce-linked data breach via Salesloft Drift, exposing customer support case data but leaving core systems…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Nicholas Andersen is taking over a top leadership role at the Cybersecurity and Infrastructure Security Agency, CISA announced Tuesday. He will become executive assistant director of cybersecurity at the agency in a role that’s seen swift turnover in the past year. It’s a position that has, in the past, led CISA efforts on protecting federal … Read More “CISA taps Nicholas Andersen for executive assistant director of cybersecurity  – CyberScoop” »

Multiple security and technology companies have been swept up in a far-reaching attack spree originating at Salesloft Drift, including Cloudflare, PagerDuty, Palo Alto Networks, SpyCloud and Zscaler.  Victim organizations continue to come forward as customers of the third-party AI chat agent hunt for evidence of compromise or receive notices from Salesloft and other companies involved … Read More “Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler  – CyberScoop” »

The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ThemeForestRAT, and RemotePE. The attack, observed by NCC Group’s Fox-IT in 2024, targeted an organization in the decentralized finance (DeFi) sector, ultimately leading to the compromise of … Read More “Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE  – The Hacker News” »

Hackers exploited the Salesloft Drift app to steal OAuth tokens and access Salesforce data, exposing customer details at…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have disclosed a stealthy new backdoor called MystRodX that comes with a variety of features to capture sensitive data from compromised systems. “MystRodX is a typical backdoor implemented in C++, supporting features like file management, port forwarding, reverse shell, and socket management,” QiAnXin XLab said in a report published last week. “Compared to … Read More “Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control  – The Hacker News” »

In episode 66 of The AI Fix, ChatGPT gives Mark and Graham a terrible lesson in anatomy, boffins at Stanford ruin sushi, Google Gemini has a self-loathing meltdown, DeepSeek gets an “F” in stopping existential threats to humanity, a robot doesn’t give birth, and a team of AI agents stuns our hosts with an amazing … Read More “The AI Fix #66: OpenAI and Anthropic test each other, and everyone fails the apocalypse test  – Graham Cluley” »

Varonis has acquired SlashNext, an AI-driven email security company, for up to $150 million in a move that reflects the rising role of artificial intelligence in both attack and defense. The acquisition, announced Tuesday, brings together Varonis’ focus on data-centric security and threat detection with SlashNext’s technology for blocking phishing and social engineering attacks across … Read More “Varonis buys AI email security firm SlashNext  – CyberScoop” »

Leaked ChatGPT chats reveal users sharing sensitive data, resumes, and seeking advice on mental health, exposing risks of…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The Harsh Truths of AI Adoption MITs State of AI in Business report revealed that while 40% of organizations have purchased enterprise LLM subscriptions, over 90% of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4% of sensitive AI interactions are coming from personal email accounts, … Read More “Shadow AI Discovery: A Critical Part of Enterprise AI Governance  – The Hacker News” »

Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns targeting SSL VPN and RDP devices between June and July 2025. The activity originated from a Ukraine-based autonomous system FDN3 (AS211736), per French cybersecurity company Intrinsec. “We believe with a high level of confidence that FDN3 is part … Read More “Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices  – The Hacker News” »

Authorities and threat intelligence analysts alike relish taking ransomware operators off the board. Holding cybercriminals accountable through arrest, imprisonment, or genuine reform creates a powerful deterrent and advances the ultimate goal of a safer internet for everyone.  Getting to that point is a remarkably tough task for defenders. Ransomware attacks are often initiated by people … Read More “Prolific Russian ransomware operator living in California enjoys rare leniency awaiting trial  – CyberScoop” »

Check Point reports Silver Fox APT using a signed WatchDog driver flaw to disable Windows security and deliver…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto