The company says names, contact details, and ID documents provided in connection with reservations and travel were stolen from its systems. The post Canadian Airline WestJet Says Hackers Stole Customer Data appeared first on SecurityWeek. This article has been indexed…
Fuel iX Fortify helps enterprises expose GenAI vulnerabilities at scale
TELUS Digital has released its continuous automated red-teaming application, Fuel iX Fortify. The solution helps enterprises test GenAI systems at scale and identify vulnerabilities by simulating real-world attack scenarios using advanced adversarial techniques. Fuel iX Fortify runs thousands of adversarial…
New FlipSwitch Hooking Method Overcomes Linux Kernel Defenses
A novel rootkit hooking method dubbed FlipSwitch has emerged, circumventing the latest Linux 6.9 kernel dispatch safeguards and reigniting concerns over kernel-level compromise. By manipulating the machine code of the new syscall dispatcher rather than the deprecated sys_call_table, FlipSwitch restores…
Implementing Governance on Databricks Using Unity Catalog
Data governance has historically been the least glamorous part of data engineering. Engineers thrive on building things, designing scalable pipelines, curating high-quality datasets, and enabling machine learning models that deliver real business impact due to business demands. Governance, on the…
Use of Generative AI in Scams
New report: “Scam GPT: GenAI and the Automation of Fraud.” This primer maps what we currently know about generative AI’s role in scams, the communities most at risk, and the broader economic and cultural shifts that are making people more…
New Chinese Nexus APT Hackers Attacking Organizations to Deliver NET-STAR Malware Suite
In recent weeks, security teams worldwide have observed a surge in covert operations orchestrated by a clandestine group known colloquially as the “Chinese Nexus” APT. This actor has been tailoring highly targeted campaigns against organizations in the finance, telecommunication, and…
New Battering RAM Attack Bypasses Latest Defenses on Intel and AMD Cloud Processors
Confidential computing promised to protect sensitive workloads in the public cloud. Yet a new low-cost hardware attack, Battering RAM, demonstrates that even up-to-date memory-encryption schemes on Intel and AMD processors can be defeated with a simple interposer costing under 50 dollars. Modern…
Red Hat Openshift AI Service Vulnerability Allow Attackers to Take Control of the Infrastructure
Red Hat published security advisory CVE-2025-10725, detailing an Important severity flaw in the OpenShift AI Service that could enable low-privileged attackers to elevate their permissions to full cluster administrator and compromise the entire platform. With a CVSS v3 base score…
Autonomous AI adoption stalls amid trust and governance crisis
Only 15% considering deployments and just 7% say it’ll replace humans in next four years Enterprises aren’t keen on letting autonomous agents take the wheel amid fears over trust and security as research once again shows that AI hype is…
Cybersecurity Awareness Month 2025: Prioritizing Identity to Safeguard Critical Infrastructure
This year’s theme focuses on government entities and small and medium-sized businesses that are vital to protecting the systems and services that keep our communities running. The post Cybersecurity Awareness Month 2025: Prioritizing Identity to Safeguard Critical Infrastructure appeared first…
Descope Raises $35 Million in Seed Round Extension
The identity and access management provider will invest in agentic identity R&D, expand to new regions, and hire new talent. The post Descope Raises $35 Million in Seed Round Extension appeared first on SecurityWeek. This article has been indexed from…
NIST Publishes Guide for Protecting ICS Against USB-Borne Threats
NIST Special Publication 1334 focuses on reducing cybersecurity risks associated with the use of removable media devices in OT environments. The post NIST Publishes Guide for Protecting ICS Against USB-Borne Threats appeared first on SecurityWeek. This article has been indexed…
Top Data Breaches In September 2025
September 2025 saw major data breaches affecting Volvo, Gucci, European airports, Wealthsimple, and Harrods. From HR data to critical infrastructure, attackers exploited vendor ecosystems and third-party systems. These incidents underscore the importance of robust third-party risk management, continuous threat exposure,…
Hackers Exploit Milesight Routers to Send Phishing SMS to European Users
Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022. French cybersecurity company SEKOIA said the attackers are exploiting the cellular…
2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising
Bitdefender’s 2025 Cybersecurity Assessment Report paints a sobering picture of today’s cyber defense landscape: mounting pressure to remain silent after breaches, a gap between leadership and frontline teams, and a growing urgency to shrink the enterprise attack surface. The annual…
IT Security News Hourly Summary 2025-10-01 12h : 7 posts
7 posts were published in the last hour 10:2 : Forensic journey: hunting evil within AmCache 10:2 : New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones 10:2 : New China-Aligned Hackers Hit State and Telecom Sectors…
Apple urges users to update iPhone and Mac to patch font bug
Apple released iOS and macOS updates to fix a flaw in font processing that could trigger a denial-of-service condition or memory corruption. Apple released iOS and macOS updates to address a medium-severity flaw, tracked as CVE-2025-43400, in font processing that…
Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure
This year’s theme focuses on government entities and small and medium-sized businesses that are vital to protecting the systems and services that keep our communities running. The post Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure appeared first on…
AI Tops Cybersecurity Investment Priorities, PwC Finds
PwC found that AI security has become a top investment priority in cyber budgets over the next 12 months, ahead of cloud and network security This article has been indexed from www.infosecurity-magazine.com Read the original article: AI Tops Cybersecurity Investment…
TOTOLINK X6000R: Three New Vulnerabilities Uncovered
Researchers identified vulnerabilities in TOTOLINK X6000R routers: CVE-2025-52905, CVE-2025-52906 and CVE-2025-52907. We discuss root cause and impact. The post TOTOLINK X6000R: Three New Vulnerabilities Uncovered appeared first on Unit 42. This article has been indexed from Unit 42 Read the…
Crowdsourced AI += Exodia Labs
We’re adding a new specialist to VirusTotal’s Crowdsourced AI lineup: Exodia Labs, with an AI engine focused on analyzing Chrome extension (.CRX) files. This complements our existing Code Insight and other AI contributors by helping users better understand this format…
New DNS Malware ‘Detour Dog’ Uses TXT Records to Deliver Strela Stealer
Detour Dog, a stealthy website malware campaign tracked since August 2023, has evolved from redirecting victims to tech-support scams into a sophisticated DNS-based command-and-control (C2) distribution system that delivers the Strela Stealer information stealer via DNS TXT records. Tens of…
Imgur yanks Brit access to memes as parent company faces fine
ICO investigation into platform’s lack of age assurance continues The UK’s data watchdog has described Imgur’s move to block UK users as “a commercial decision” after signaling plans to fine parent company MediaLab.… This article has been indexed from The…
Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts
Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) for months, there are still around 48,000 vulnerable appliances out there. The number is provided by the Shadowser…