Attorney general’s motion seeks to block Amazon from colluding with merchants, rivals on alleged price-fixing scheme This article has been indexed from Silicon UK Read the original article: California Asks For Amazon Price-Fixing Injunction
Lazarus APT group deployed Medusa Ransomware against Middle East target
North Korea’s Lazarus Group used Medusa ransomware in an attack on an unnamed Middle East organization, researchers report. The North Korea-linked Lazarus APT Group, also known as Diamond Sleet and Pompilus, has been spotted deploying Medusa ransomware against an unnamed…
Canadian Tire – 38,306,562 breached accounts
In October 2025, retailer Canadian Tire was the victim of a data breach that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses. Passwords were stored as PBKDF2 hashes and…
Ad Tech Company Optimizely Targeted in Cyberattack
The company says the attackers accessed internal business systems such as Zendesk and Salesforce. The post Ad Tech Company Optimizely Targeted in Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Ad Tech…
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below –…
Hacked in 30 minutes, Claude distillation, DeFi shutdown after attack
Threat actors break out in under 30 minutes Claude allegedly hit with distillation attacks DeFi platform shutting down after crypto theft Get links to all of today’s news in our show notes here: https://cisoseries.com/cybersecurity-news-hacked-in-30-minutes-claude-distillation-defi-shutdown-after-attack/ Thanks to today’s episode sponsor, Adaptive…
AI Agents Involved In Two Amazon Outages
At least two Amazon Web Services disruptions reportedly involved engineers allowing Amazon’s own AI programming tools to make changes This article has been indexed from Silicon UK Read the original article: AI Agents Involved In Two Amazon Outages
Nvidia Cancels $100bn OpenAI Deal
AI chipmaker reportedly negotiating $30bn investment as part of broader OpenAI funding round to replace earlier multi-year deal This article has been indexed from Silicon UK Read the original article: Nvidia Cancels $100bn OpenAI Deal
Android RAT SURXRAT Grants Hackers Full Device Control and Data Exfiltration
SURXRAT is an actively developed Android Remote Access Trojan (RAT) sold as a commercial malware-as-a-service (MaaS) on Telegram, giving attackers full device control and powerful data‑stealing capabilities. It combines large‑scale affiliate distribution, cloud‑hosted command‑and‑control, and even experimental AI modules, making…
Microsoft Released Updates for Windows 11, Version 25H2 and 24H2 Systems
An optional non-security update, KB5077241, has been released for Windows 11 versions 25H2 and 24H2, improving overall functionality, performance, and reliability without addressing security vulnerabilities. The release, which brings the OS builds to 26200.7922 and 26100.7922, includes enhancements to user…
Microsoft Warns of Hackers Attacking Developers with Malicious Next.js Repositories
A coordinated attack campaign is actively targeting software developers through malicious repositories disguised as legitimate Next.js projects and technical assessment materials. The attackers rely on job-themed lures, presenting fake recruitment challenges that convince developers to clone and run poisoned code…
Multiple Vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker Allow Root Access and Credential Theft
Multiple vulnerabilities have been discovered in CryptoPro Secure Disk (CPSD) for BitLocker, a widely used encryption solution. These flaws could allow an attacker with physical access to a device to gain persistent root access and steal sensitive credentials. The issues…
IT Security News Hourly Summary 2026-02-25 09h : 3 posts
3 posts were published in the last hour 7:5 : Threat Actors Exploit Apache ActiveMQ Vulnerability to Gain RDP Access, Deploy LockBit Ransomware 7:5 : Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP Access and Deploy LockBit Ransomware…
Threat Actors Exploit Apache ActiveMQ Vulnerability to Gain RDP Access, Deploy LockBit Ransomware
Threat actors recently abused a critical Apache ActiveMQ vulnerability to gain deep access to a Windows environment, eventually deploying LockBit ransomware over RDP. The attack shows how failing to patch CVE-2023-46604 can give adversaries repeat access and time to turn an initial…
Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP Access and Deploy LockBit Ransomware
A critical vulnerability in Apache ActiveMQ has been actively exploited by threat actors, leading to a full LockBit ransomware deployment across an enterprise network. Attackers leveraged CVE-2023-46604, a remote code execution flaw in the ActiveMQ messaging broker, to break into…
Cyber valuations climb as capital concentrates, AI security expands
Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total capital invested approached $150 billion for the year, with a disproportionate share flowing into…
Microsoft adds domain libraries and Copilot integration to the quantum development kit
The Microsoft Quantum Development Kit (QDK) is an open-source toolkit that runs on laptops and in common development environments. It includes code, simulators, libraries, and workflows that work with Visual Studio Code and GitHub Copilot. Integration with these tools gives…
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a…
OAuth Vulnerabilities in Entra ID Could Exploit ChatGPT to Breach User Email Accounts
OAuth consent attacks in Microsoft Entra ID are giving threat actors a stealthy path to cloud email, and even trusted apps like ChatGPT can become a vehicle if permissions are abused. In this hypothetical case, a user in an Entra…
Threat intelligence supply chain is full of weak links, researchers find
And they’re being stressed by geopolitical concerns that threaten to slow important data-sharing efforts Researchers from Georgia Tech have found that the supply chain for threat intelligence data is susceptible to adversarial action, and proposed a method to improve data…
Airline brands become launchpads for phishing, crypto fraud
Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike domains tied to these brands, targeting travelers, employees, and business partners. Recent threat intelligence from…
Microsoft Alerts Developers of Malicious Next.js Repositories Used in Ongoing Hacker Attacks
Microsoft has warned that threat actors are weaponizing malicious Next.js repositories to compromise developers through what appear to be legitimate projects and recruiting‑style technical assessments. The campaign abuses normal workflows in Visual Studio Code and Node.js to reach a staged…
IBM X-Force Report Surfaces Increased Exploitation of Public-Facing Apps
An analysis of cybersecurity attacks published today by the X-Force arm of IBM finds there was a 44% increase in the exploitation of public-facing applications in 2025. More troubling still, out of the 40,000 vulnerabilities tracked by IBM X-Force, more…
Edge systems take the brunt of internet-wide exploitation attempts
Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions recorded over 162 days. The concentration on edge infrastructure aligns with how attackers pursue initial access across…