The rise of Secure Network as a Service (NaaS) is transforming how Managed Security Service Providers (MSSPs) deliver secure, scalable, and flexible networking solutions to their clients. As organizations shift toward cloud-first strategies and remote work, the demand for robust,…
Category: EN
Best SOC 2 Type 2 Certified Complaint Solutions – 2025
In today’s digital-first business landscape, SOC 2 Type 2 compliance is no longer optional for organizations handling sensitive customer data. As cyber threats escalate and regulatory scrutiny intensifies, demonstrating robust security controls and continuous monitoring is essential for trust, growth,…
ChatGPT Tricked into Disclosing Windows Home, Pro, and Enterprise Editions Keys
A sophisticated jailbreak technique that bypasses ChatGPT’s protective guardrails, tricking the AI into revealing valid Windows product keys through a cleverly disguised guessing game. This breakthrough highlights critical vulnerabilities in current AI content moderation systems and raises concerns about the…
Microsoft Outlook Down: Users Unable to Access Mailboxes
In a significant disruption for millions of users worldwide, Microsoft Outlook has been experiencing a major outage since Wednesday, July 9, 2025, starting at 10:20 PM UTC. The issue has left users unable to access their mailboxes through any connection…
Rhadamanthys Infostealer Leveraging ClickFix Technique to Steal Login Credentials
Rhadamanthys first surfaced in 2022 as a modular stealer sold under the Malware-as-a-Service model, but its latest campaign shows how quickly it is innovating. At the centre of the new wave is a booby-trapped CAPTCHA page dubbed ClickFix, which instructs…
Tribunal Ruling Brings ICO’s £12.7m TikTok Fine Closer
The UK ICO has welcomed a ruling in its favor in a long-running battle to issue a fine to TikTok This article has been indexed from www.infosecurity-magazine.com Read the original article: Tribunal Ruling Brings ICO’s £12.7m TikTok Fine Closer
Rethinking API Security: Confronting the Rise of Business Logic Attacks (BLAs)
BLAs exploit the intended behavior of an API, abusing workflows, bypassing controls and manipulating transactions in ways that traditional security tools often miss entirely. The post Rethinking API Security: Confronting the Rise of Business Logic Attacks (BLAs) appeared first on…
Ransomware Activity Spikes Amid Qilin’s New Wave of Targeted Attacks
The Qilin group emerged as the leading player in the ransomware ecosystem, which saw a notable rise in activity during June 2025 in a startling escalation of cyber dangers. According to the latest Deep Web and Dark Web trend report,…
Qantas Confirms 5.7 Million Customers Hit by Data Breach
Qantas says nearly six million passengers were impacted by a recent data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Qantas Confirms 5.7 Million Customers Hit by Data Breach
Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners
The AhnLab Security Intelligence Center (ASEC) has confirmed that unpatched GeoServer instances are still facing relentless attacks by threat actors exploiting a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2024-36401. GeoServer, an open-source Geographic Information System (GIS) server developed…
Researchers Trick ChatGPT into Leaking Windows Product Keys
Security researchers have successfully demonstrated a sophisticated method to bypass ChatGPT’s protective guardrails, tricking the AI into revealing legitimate Windows product keys through what appears to be a harmless guessing game. This discovery highlights critical vulnerabilities in AI safety mechanisms…
New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages
A newly discovered man-in-the-middle exploit dubbed “Opossum” has demonstrated the unsettling ability to compromise secure communications over Transport Layer Security (TLS) by injecting unauthorized messages into an active session. Researchers warn that Opossum targets a wide range of widely used…
Review: How Passwork 7 helps tame business passwords
A simple interface and new roles-based capabilities make this venerable password manager an attractive proposition Sponsored feature Passwords are necessary for businesses, but look away for a minute and they quickly get out of control. If your users do things…
At last, a use case for AI agents with sky-high ROI: Stealing crypto
Boffins outsmart smart contracts with evil automation Using AI models to generate exploits for cryptocurrency contract flaws appears to be a promising business model, though not necessarily a legal one.… This article has been indexed from The Register – Security…
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now…
At last, a use case for AI agents with high sky-high ROI: Stealing crypto
Boffins outsmart smart contracts with evil automation Using AI models to generate exploits for cryptocurrency contract flaws appears to be a promising business model, though not necessarily a legal one.… This article has been indexed from The Register – Security…
Cynomi’s platform updates enable service providers to prioritize their security efforts
Cynomi has launched new business impact analysis (BIA) and business continuity planning (BCP) features. Designed to help cybersecurity professionals identify and protect mission-critical business processes, these new capabilities enable service providers to prioritize security efforts effectively, streamline continuity planning, and…
AMD has CPU meltdown, Mozilla Thunderbird has vulnerabilities, Indian defense sector attacked
AMD warns of new Meltdown, Spectre-like bugs affecting CPUs Multiple vulnerabilities in Mozilla Thunderbird could allow for arbitrary code execution Bitcoin Depot breach exposes data of nearly 27,000 crypto users, More than $40 million stolen from GMX crypto platform Huge…
Massive Scraper Botnet of 3,600+ Devices Targets US and UK Websites
GreyNoise has discovered an undiscovered version of a scraper botnet with more than 3,600 distinct IP addresses worldwide, which is a major cybersecurity development. This botnet, first observed on April 19, 2025, exhibits a distinct behavioral footprint that makes it…
McDonald’s AI Hiring Bot With Password ‘123456’ Leaks Millions of Job-Seekers Data
A severe security vulnerability in McDonald’s AI-powered hiring system has exposed the personal information of potentially 64 million job applicants to unauthorized access. Key Takeaways1. McDonald’s AI hiring bot exposed 64 million job applicants’ personal data through weak security using…