A sophisticated malware campaign has emerged targeting financial and legal sectors in the Russian Federation, delivering the notorious Cobalt Strike remote access tool to organizations handling sensitive business transactions. Security researchers have identified over twenty initial infection files involved in…
Authorities Arrested Hackers With Specialized FLIPPER Hacking Equipment Used to Attack IT Systems
Authorities in Warsaw have arrested three suspected hackers found carrying specialized FLIPPER hacking equipment. Other tools are allegedly intended to attack IT and telecommunications systems. The suspects, all Ukrainian citizens aged 43, 42, and 39, were detained during a routine…
AI-Powered Free Security-Audit Checklist for 2026 – ISO 27001, SOC 2, NIST, NIS 2 and GDPR Compliance
In many companies, audit preparation in 2025 still feels like 2005: Excel lists, scattered evidence, copy & paste from old answers, long coordination loops. At the same time, requirements are increasing – ISO 27001:2022, SOC 2, NIST CSF, NIS 2,…
UK finally vows to look at 35-year-old Computer Misuse Act
As Portugal gives researchers a pass under cybersecurity law Portugal has become the latest country to carve out protections for researchers under its cybersecurity law.… This article has been indexed from The Register – Security Read the original article: UK…
US To Permit Nvidia To Ship H200 To China
US Commerce Department expected to allow Nvidia to ship H200 AI accelerator chips to China in major lobbying win This article has been indexed from Silicon UK Read the original article: US To Permit Nvidia To Ship H200 To China
Whitehall rejects £1.8B digital ID price tag – but won’t say what it will cost
Officials insist OBR relied on ‘early estimate’ and real figure won’t emerge until next year The head of the department delivering the UK government’s digital identity scheme has rejected the £1.8 billion cost forecast by the Office for Budget Responsibility…
Over 300,000 Individuals Impacted by Vitas Hospice Data Breach
Vitas, the largest for-profit hospice chain in the United States, discovered a cybersecurity intrusion in October. The post Over 300,000 Individuals Impacted by Vitas Hospice Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565. Cybersecurity company Sophos said it investigated almost 40 intrusions linked to the threat actor between February 2024 and August…
ByteDance Limits Mobile AI Agent After Pushback
ByteDance restricts capabilities of Doubao AI agent built into new smartphone, after major platforms block it This article has been indexed from Silicon UK Read the original article: ByteDance Limits Mobile AI Agent After Pushback
Gartner Calls For Pause on AI Browser Use
Gartner has called for organizations to block today’s AI browsers on security concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Gartner Calls For Pause on AI Browser Use
Chinese Open-Source AI Shows Huge Rise This Year
Chinese open-source AI models account for nearly 30 percent of worldwide generative AI tokens, a sharp rise since late 2024 This article has been indexed from Silicon UK Read the original article: Chinese Open-Source AI Shows Huge Rise This Year
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered…
Trains Halted Over Hoax Image On Social Media
Network Rail stops trains in Lancashire after suspected AI-generated hoax image spread on social media shows serious damage to bridge This article has been indexed from Silicon UK Read the original article: Trains Halted Over Hoax Image On Social Media
Ransomware costs billions, cybercrime leads to real violence, three arrested for hacking tools
Ransomware payments pass $4.5 billion Cybercrime networks orchestrate real-world violence Three arrested over possessing hacking tools Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI.…
IT Security News Hourly Summary 2025-12-09 09h : 6 posts
6 posts were published in the last hour 8:2 : EU Fines X €120m Over ‘Deceptive’ Blue Checkmarks 8:2 : From Idea to Proof of Concept to MVP – 3 article series 8:2 : Burp Suite’s Scanning Arsenal Powered With…
EU Fines X €120m Over ‘Deceptive’ Blue Checkmarks
EU imposes fine on X for ‘deceptive’ blue checkmarks, lack of transparency around advertising system and public research data This article has been indexed from Silicon UK Read the original article: EU Fines X €120m Over ‘Deceptive’ Blue Checkmarks
From Idea to Proof of Concept to MVP – 3 article series
This is a a developer focused guide in three parts to evolving code, architecture, and processes with the purpose of turning a raw concept into a usable product. This process is one of the hardest parts of software development. Teams…
Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities
PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE-2025-66478). This server-side request forgery (SSRF) flaw in React applications allows attackers to execute arbitrary shell…
500+ Apache Tika Toolkit Instances Vulnerable to Critical XXE Attack Exposed Online
Over 565 internet-exposed Apache Tika Server instances are vulnerable to a critical XML External Entity (XXE) injection flaw. That could enable attackers to steal sensitive data, launch denial-of-service attacks, or conduct server-side request forgery operations. The vulnerability, tracked as CVE-2025-66516,…
SAP Security Patch Day: Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Products
SAP released 14 new security notes on its monthly Security Patch Day on December 9, 2025, addressing vulnerabilities across key products, including SAP Solution Manager, NetWeaver, Commerce Cloud, and more. Three critical flaws with CVSS scores exceeding 9.0 demand immediate…
AI-driven threats are heading straight for the factory floor
In this Help Net Security interview, Natalia Oropeza, Chief Cybersecurity Officer at Siemens, discusses how industrial organizations are adapting to a shift in cyber risk driven by AI. She notes that in-house capability, especially for OT response and recovery, is…
Researchers spot 700 percent increase in hypervisor ransomware attacks
Get your Hyper-V and VMware ESXi setups in order, people Researchers at security software vendor Huntress say they’ve noticed a huge increase in ransomware attacks on hypervisors and urged users to ensure they’re as secure as can be and properly…
New image signature can survive cropping, stop deepfakes from hijacking trust
Deepfake images can distort public debate, fuel harassment, or shift a news cycle before anyone checks the source. A new study from researchers at the University of Pisa examines one specific part of this problem. They introduced a way to…
AI agents break rules in unexpected ways
AI agents are starting to take on tasks that used to be handled by people. These systems plan steps, call tools, and carry out actions without a person approving every move. This shift is raising questions for security leaders. A…