Apple has issued a warning regarding highly sophisticated “mercenary spyware” attacks targeting a select group of its users. The company’s threat notification system is designed to alert and support individuals who may have been targeted due to their profession or…
Category: EN
Sublime Security enhances threat protection with AI agent
Sublime Security released the Autonomous Detection Engineer (ADÉ), an end-to-end AI agent that turns attack telemetry into transparent and auditable protection that security teams can trust. Email attacks are advancing as adversaries weaponize generative AI to create highly targeted and…
Apple Warns of Mercenary Spyware Attacks Targeting User Devices
Apple has issued urgent warnings about sophisticated spyware attacks targeting specific users worldwide, including journalists, activists, politicians, and diplomats. Mercenary spyware attacks differ significantly from regular cybercriminal activity. These attacks cost millions of dollars and target only a small number…
Microsoft to Deprecate VBScript in Windows, Urges Developers to Update Projects
Microsoft announced the phased deprecation of VBScript in Windows, significantly impacting VBA developers who rely on VBScript libraries for regular expressions and external script execution. The company outlined a comprehensive timeline and provided migration guidance to help developers future-proof their…
Huntress’s ‘hilarious’ attacker surveillance splits infosec community
Ethical concerns raised after crook offered themselves up on silver platter Security outfit Huntress has been forced onto the defensive after its latest research – described by senior staff as “hilarious” – split opinion across the cybersecurity community.… This article…
SonicWall VPM exploits, Fed cyberchief’s priorities, U.S spyware investment triples
SonicWall SSL VPN flaws now being actively exploited Acting federal cyber chief outlines his priorities U.S. based investors in spyware firms nearly tripled in 2024 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls…
French Lawmakers Urge Social Media Ban For Under-15s
French parliamentary committee concludes six-month investigation urging social media ban for those under 15 over ‘dangerous content’ This article has been indexed from Silicon UK Read the original article: French Lawmakers Urge Social Media Ban For Under-15s
New K2 Think AI Model Falls to Jailbreak in Record Time
A groundbreaking vulnerability has emerged in the newly released K2 Think AI model from UAE’s Mohamed bin Zayed University of Artificial Intelligence (MBZUAI) in collaboration with G42. Security researchers have successfully jailbroken the advanced reasoning system within hours of its…
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dassault Systèmes DELMIA Apriso flaw, tracked as CVE-2025-5086 (CVSS score of 9.0), to its Known Exploited…
Boost Your Confidence With Robust NHI Management
Does Your Organization Understand the Strategic Importance of NHI Management? With corporations increasingly shift operations to the cloud, they face the daunting task of managing a vast array of Non-Human Identities (NHIs) – machine identities used in cybersecurity. With the…
How Protected Are Your NHIs in Dynamic Networks?
Unraveling the Core Structure: What are NHIs? Are you really protecting your Non-Human Identities (NHIs) to the best of your ability? NHIs are an often misunderstood but vitally important component. They are machine identities created by combining a “Secret” and…
Your heartbeat could reveal your identity, even in anonymized datasets
A new study has found that electrocardiogram (ECG) signals, often shared publicly for medical research, can be linked back to individuals. Researchers were able to re-identify people in anonymous datasets with surprising accuracy, raising questions about how health data is…
Microsoft Patches Zero Day And More
Cybersecurity Today: Microsoft Patches, Canadian Data Breach, NVIDIA’s New Tool, and a Senator’s Call for Investigation In this episode of Cybersecurity Today, host Jim Love discusses Microsoft’s September patch update addressing 81 security flaws, including two zero-day vulnerabilities. Highlights include…
Daikin Security Gateway Vulnerability Allows Unauthorized System Access
A critical security flaw in Daikin Security Gateway systems has been discovered that could enable attackers to bypass authentication and gain unauthorized access to industrial control systems. The vulnerability, tracked as CVE-2025-10127, affects organizations worldwide that rely on Daikin’s security infrastructure…
VirtualBox 7.2.2 Update Released with Fix for Guest GUI Crashes
Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significant improvement in the virtualization software’s…
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enhanced persistence mechanisms and sophisticated anti-analysis capabilities that pose…
Microsoft Teams Launches Automatic Alerts for Malicious Links
Microsoft is significantly enhancing security for its Teams platform by introducing automatic warning systems that alert users about malicious links in chat messages. This new protective feature represents a crucial advancement in safeguarding collaboration platforms from increasingly sophisticated cyber threats…
New VMScape Spectre-BTI Attack Targets Isolation Flaws in AMD and Intel CPUs
Cybersecurity researchers at ETH Zurich have disclosed a critical new Spectre-based attack called VMSCAPE that exploits incomplete branch predictor isolation in virtualized cloud environments. The attack, tracked as CVE-2025-40300, affects multiple generations of AMD and Intel processors and enables malicious virtual machines to…
Attackers are coming for drug formulas and patient data
In the pharmaceutical industry, clinical trial data, patient records, and proprietary drug formulas are prime targets for cybercriminals. These high-value assets make the sector a constant focus for attacks. Disruptions to research or medicine distribution can have life-threatening consequences. “During…
CISOs brace for a new kind of AI chaos
AI is being added to business processes faster than it is being secured, creating a wide gap that attackers are already exploiting, according to the SANS Institute. The scale of the problem Attackers are using AI to work at speeds…