Patch Now: Max-Severity Fortra GoAnywhere Bug Allows Command Injection

Exploitation of the flaw, tracked as CVE-2025-10035, is highly dependent on whether systems are exposed to the Internet, according to Fortra.

'ShadowLeak' ChatGPT Attack Allows Hackers to Invisibly Steal Emails

The loophole allows cyberattackers to exfiltrate company data via OpenAI's infrastructure, leaving no trace at all on enterprise systems.

Critical Azure Entra ID Flaw Highlights Microsoft IAM Issues

While the cloud vulnerability was fixed prior to disclosure, the researcher who discovered it says it could have led to catastrophic attacks.

7 Lessons for Securing AI Transformation From Former CIA Digital Guru

Jennifer Ewbank, former CIA deputy director of digital innovation, discusses resilience, cultural shifts, and cyber fundamentals in the AI era.

TikTok Deal Won't End Enterprise Risks

The proposed restructuring plan would address many concerns related to the social media platform, but risks remain for security teams.

SonicWall Breached, Firewall Backup Data Exposed

Threat actors breached the MySonicWall service and accessed backup firewall configuration files belonging to "fewer than 5%" of its install base, according to the company.

Mastering Digital Breadcrumbs to Stay Ahead of Evolving Threats

Digital forensics offers a challenging but rewarding career path for cybersecurity professionals willing to invest in specialized knowledge and continuous learning.

The Cloud Edge Is The New Attack Surface

The cloud now acts as the connecting infrastructure for many companies' assets — from IoT devices to workstations to applications and workloads — exposing the edge to threats.

Microsoft Disrupts 'RaccoonO365' Phishing Service

Phishing-as-a-service (PhaaS) kits have become an increasingly popular way for lower-skill individuals who want to get into cybercrime.

'Scattered Lapsus$ Hunters,' Others Announce End of Hacking Spree

Though the groups have shared their decision to go dark, threat researchers say there are signs that it's business as usual.

North Korean Group Targets South With Military ID Deepfakes

The North Korea-linked group Kimsuky used ChatGPT to create deepfakes of military ID documents in an attempt to compromise South Korean targets.

Critical Bugs in Chaos Mesh Enable Cluster Takeover

"Chaotic Deputy" is a set of four vulnerabilities in the chaos engineering platform that many organizations use to test the resilience of their Kubernetes environments.

'Vane Viper' Threat Group Tied to PropellerAds, Commercial Entities

Researchers say the commercial adtech platform and several other companies form the infrastructure of a massive cybercrime operation.

'HybridPetya' Ransomware Bypasses Secure Boot

The malware, which has traits of Petya ransomware and the infamous NotPetya wiper, is designed to target UEFI-based systems, according to researchers.

SecurityScorecard Buys AI Automation Capabilities, Boosts Vendor Risk Management

The company acquired HyperComply to help enterprises automate vendor security reviews and gain a real-time picture of the security of their entire supply chain.

FBI Warns of Threat Actors Hitting Salesforce Customers

The FBI's IC3 recently warned of two threat actors, UNC6040 and UNC6395, targeting Salesforce customers, separately and in tandem.

'Lies-in-the-Loop' Attack Defeats AI Coding Agents

Researchers convince Anthropic's AI-assisted coding tool to engage in dangerous behavior by lying to it, paving the way for a supply chain attack.

French Advisory Sheds Light on Apple Spyware Activity

CERT-FR's advisory follows last month's disclosure of a zero-day flaw Apple said was used in "sophisticated" attacks against targeted individuals.

'Gentlemen' Ransomware Abuses Vulnerable Driver to Kill Security Gear

By weaponizing the ThrottleStop.sys driver, attackers are disrupting antivirus and endpoint detection and response (EDR) systems.

AI-Enhanced Malware Sports Super-Stealthy Tactics

With legit sounding names, EvilAI's "productivity" apps are reviving classic threats like Trojans while adding new evasion capabilities against modern antivirus defenses.

Vidar Infostealer Back with a Vengeance

The pervasive Vidar infostealer has evolved with a suite of new evasion techniques and covert data exfiltration methods, according to researchers.

'K2 Think' AI Model Jailbroken Mere Hours After Release

Researchers discovered that measures designed to make AI more transparent to users and regulators can also make it easier for bad actors to abuse.

Russian APT Attacks Kazakhstan's Largest Oil Company

Researchers say a likely Russian APT used a compromised employee email account to attack Kazakhstan's biggest company, though the oil and gas firm claims it was a pen test.

Students Pose Inside Threat to Education Sector

The threats may not be malicious, but they are more than many security teams can handle.

Chinese Hackers Allegedly Pose as US Lawmaker

Chinese state-backed threat actors are suspected of posing as Michigan congressman John Moolenaar in a series of spearphishing attacks.

EoP Flaws Again Lead Microsoft Patch Day

Nearly half the CVEs Microsoft disclosed in its September security update, including one publicly known bug, enable escalation of privileges.

Qantas Reduces Executive Pay Following Cyberattack

The data breach, which occurred earlier this year, saw threat actors compromise a third-party platform to obtain Qantas customers' personal information.

Huge NPM Supply-Chain Attack Goes Out With Whimper

Threat actors phished Qix's NPM account, then used their access to publish poisoned versions of 18 popular open-source packages accounting for more than 2 billion weekly downloads.

Salty2FA Takes Phishing Kits to Enterprise Level

Cybercriminal operations use the same strategy and planning as legitimate organizations as they arm adversarial phishing kits with advanced features.

SentinelOne Announces Plans to Acquire Observo AI

The combined company will help customers separate data ingestion from SIEM, to improve detection and performance.

'MostereRAT' Malware Blends In, Blocks Security Tools

A threat actor is using a sophisticated EDR-killing malware tool in a campaign to maintain long-term, persistent access on Windows systems.

Salesloft Breached via GitHub Account Compromise

The breach kickstarted a massive supply chain attack that led to the compromise of hundreds of Salesforce instances through stolen OAuth tokens.

45 New Domains Linked to Salt Typhoon, UNC4841

The China-backed threat actors have used the previously undiscovered infrastructure to obtain long-term, stealthy access to targeted organizations.

Scammers Are Using Grok to Spread Malicious Links on X

It's called "grokking," and gives spammers a way to skirt X's ban on links in promoted posts and reach larger audiences than ever before.

Anyone Using Agentic AI Needs to Understand Toxic Flows

The biggest vulnerabilities may lie at the boundaries of where the AI agent connects with the enterprise system.

ISC2 Aims to Bridge DFIR Skill Gap with New Certificate

The Nonprofit organization launched the Threat Handling Foundations Certificate amid mounting incident and breach disclosures.

Czech Warning Highlights China Stealing User Data

Czech cyber agency NÚKIB warned of the risks of using products and software that send data back to China.

Blast Radius of Salesloft Drift Attacks Remains Uncertain

Many high-profile Salesloft Drift customers have disclosed data breaches as a result of a recent supply-chain attack, but the extent and severity of this campaign are unclear.

Japan, South Korea Take Aim at North Korean IT Worker Scam

With the continued success of North Korea's IT worker scams, Asia-Pacific nations are working with private firms to blunt the scheme's effectiveness.

Cloudflare Holds Back the Tide on 11.5Tbps DDoS Attack

It's the equivalent of watching more than 9,350 full-length HD movies or streaming 7,480 hours of high-def video nonstop in less than a minute.

Hacked Routers Linger on the Internet for Years, Data Shows

While trawling Internet scan data for signs of compromised infrastructure, researchers found that asset owners may not know for years their devices had been hacked.

Amazon Stymies APT29 Credential Theft Campaign

A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft's device code authentication flow.

Zscaler, Palo Alto Networks Breached via Salesloft Drift

Two major security firms suffered downstream compromises as part of a large-scale supply chain attack involving Salesloft Drift, a marketing SaaS application from Salesforce.

Jaguar Land Rover Shuts Down in Scramble to Secure 'Cyber Incident'

The luxury automaker said its retail and production activities have been "severely disrupted."

JSON Config File Leaks Azure ActiveDirectory Credentials

In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments.

Hackers Are Sophisticated & Impatient — That Can Be Good

You can't negotiate with hackers from a place of fear — but you can turn their urgency against them with the right playbook, people, and preparation.

NIST Enhances Security Controls for Improved Patching

The U.S. National Institute of Standards and Technology released Security and Privacy Control version 5.2.0 to help organizations be more proactive regarding patching.