Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked as CVE-2025-10932, affects the AS2 module and allows attackers to consume system resources without proper restrictions. Attribute…
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within Visual Studio Code (VS Code) extensions published in the marketplace. The action comes following a…
Researchers Develop Linux Rootkit That Evades Elastic EDR Protections
Security researchers have unveiled a sophisticated Linux rootkit capable of bypassing Elastic Security’s advanced detection mechanisms, demonstrating critical vulnerabilities in endpoint detection and response solutions. The Singularity rootkit employs multiple obfuscation and evasion techniques to defeat static signature analysis and…
Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign is the exploitation of the Windows shortcut (LNK) UI misrepresentation vulnerability—ZDI-CAN-25373, first disclosed in March…
IT Security News Hourly Summary 2025-10-31 09h : 11 posts
11 posts were published in the last hour 8:4 : Meta, Microsoft, Google Report Rising AI Expenses 8:4 : Equinix Lowers Expectations On Economic Uncertainty 8:4 : Virgin Media O2 To Offer Mobile Satellite Links In Rural Areas 8:4 :…
Meta, Microsoft, Google Report Rising AI Expenses
Three tech giants all report rapidly rising capital expenditures on AI, amid growing fears of a technology bubble This article has been indexed from Silicon UK Read the original article: Meta, Microsoft, Google Report Rising AI Expenses
Equinix Lowers Expectations On Economic Uncertainty
Major data centre operator lowers annual revenue forecast as wider economic uncertainty delays major lease deal This article has been indexed from Silicon UK Read the original article: Equinix Lowers Expectations On Economic Uncertainty
Virgin Media O2 To Offer Mobile Satellite Links In Rural Areas
Virgin Media O2 to offer satellite-based data connectivity to compatible smartphones in hard-to-reach areas through Starlink deal This article has been indexed from Silicon UK Read the original article: Virgin Media O2 To Offer Mobile Satellite Links In Rural Areas
CISA Alerts on Active Exploitation of VMware Tools and Aria Operations 0-Day
The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware Aria Operations. Tracked as CVE-2025-41244, this 0-day flaw poses significant risk to organizations managing virtualized…
NHS left with sick PCs as suppliers resist Windows 11 treatment
Hospitals told to upgrade, but some medical device makers haven’t prescribed compatibility yet NHS hospitals are being blocked from fully upgrading to Windows 11 by a small number of suppliers that have yet to make their medical devices compatible with…
Japan Issues OT Security Guidance for Semiconductor Factories
The 130-page document covers several important aspects and it’s available in both Japanese and English. The post Japan Issues OT Security Guidance for Semiconductor Factories appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
ImmuniWeb Continuous now enables always-on, AI-powered security testing
ImmuniWeb has unveiled an upgraded version of ImmuniWeb Continuous, designed for continuous penetration testing and 24/7 automated vulnerability scanning of web applications, APIs, and microservices. The new solution is a perfect fit for organizations that have more than ten web…
Kimsuky and Lazarus Hackers Deploy New Backdoor Tools for Remote Access Attacks
North Korean state-sponsored threat actors have escalated their cyber operations with the deployment of sophisticated new malware variants designed to establish persistent backdoor access to compromised systems. Recent investigations by threat intelligence researchers have uncovered two distinct toolsets from prominent…
Shadow AI: New ideas emerge to tackle an old problem in new form
Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe, Canada and Singapore, the…
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability…
LinkedIn AI opt-out, NSA leadership candidates, Python foundation withdraws
LinkedIn users have until Monday to opt out of its AI training program New names surface for NSA leadership Open-source security group pulls out of U.S. grant, citing DEI restrictions Huge thanks to our sponsor, Conveyor Security reviews don’t have…
WhatsApp Introduces Passkey Encryption for Enhanced Chat Message Backup Security
WhatsApp has unveiled passkey-encrypted backups, simplifying the protection of cherished chat histories without the burden of memorizing complex passwords. This feature allows users to secure their end-to-end encrypted backups using biometric methods like fingerprints, facial recognition, or device screen locks,…
Historic Great Firewall Breach – 500GB+ Censorship Data Exposed
In an unprecedented cybersecurity incident that occurred in September 2025, over 500 gigabytes of internal data from China’s Great Firewall infrastructure were exposed in what security experts are calling one of the most consequential breaches in digital surveillance history. The…
AI chatbots are sliding toward a privacy crisis
AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data without realizing the risks. Cybercriminals see the same opening, and it may only be a…
Massive Great Firewall Leak Exposes 500GB of Censorship Data
In a historic breach of China’s censorship infrastructure, over 500 gigabytes of internal data were leaked from Chinese infrastructure firms associated with the Great Firewall (GFW) in September 2025. Researchers now estimate the full dump is closer to approximately 600…
You can’t audit how AI thinks, but you can audit what it does
In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and emerging risks, and how leadership…
New Agent-Aware Cloaking Technique Uses ChatGPT Atlas Browser to Feed Fake Content
Security researchers have uncovered a sophisticated attack vector that exploits how AI search tools and autonomous agents retrieve web content. The vulnerability, termed “agent-aware cloaking,” allows attackers to serve different webpage versions to AI crawlers like OpenAI’s Atlas, ChatGPT, and…
Passwordless adoption moves from hype to habit
With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the shift…
Malicious Multilingual ZIP Files Strike Banks and Government Offices
A sophisticated phishing campaign leveraging multilingual ZIP file lures has emerged across East and Southeast Asia, targeting government institutions and financial organizations with unprecedented coordination. Security researchers utilizing Hunt.io’s AttackCapture™ and HuntSQL™ datasets have uncovered an interconnected network of 28…