The company says customer contact information was stolen from a third-party service provider’s platform. The post Automotive Titan Stellantis Discloses Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Automotive Titan Stellantis…
Back to School Means Back to Breaches
Cybercriminals are increasingly targeting schools and universities. Learn how students, parents, and educators can strengthen cybersecurity defenses. The post Back to School Means Back to Breaches appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read…
Why Strong Search Engine and AI Visibility Depends on Strong Security
SEO and cybersecurity are now inseparable. Learn how site performance, trust signals, and attack surface management impact rankings and digital trust. The post Why Strong Search Engine and AI Visibility Depends on Strong Security appeared first on Security Boulevard. This…
BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells
Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity,…
Jaguar Land Rover Extends Production Pause Again
UK carmaker Jaguar Land Rover has said production will remain shuttered until October 1 This article has been indexed from www.infosecurity-magazine.com Read the original article: Jaguar Land Rover Extends Production Pause Again
Lectora Desktop and Online XSS Vulnerability Enables JavaScript Injection
A critical cross-site scripting (XSS) vulnerability affecting both Lectora Desktop and Lectora Online has been disclosed, enabling attackers to inject JavaScript through crafted URL parameters. Discovered by security researcher Mohammad Jassim and documented by the CERT® Coordination Center on September…
Nimbus Manticore Targets Defense and Telecom Industries with New Malware Attack
Check Point Research has identified a long-running campaign by the Iranian-aligned threat actor Nimbus Manticore—also known as UNC1549, Smoke Sandstorm, and the “Iranian Dream Job” operation—targeting defense manufacturers, telecommunications, and aviation entities aligned with IRGC priorities. Recent activity demonstrates a…
Canada’s RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust
RCMP shuts down TradeOgre, seizing $40M from crime, the first crypto exchange closure and largest asset seizure in Canada’s history. The Royal Canadian Mounted Police shut down the crypto exchange TradeOgre and seized $40M worth of crypto assets. This is…
European Airport Disruptions Caused by Sophisticated Ransomware Attack
Over the weekend, a sophisticated ransomware attack compromised Collins Aerospace’s Muse check-in and boarding systems, forcing key hubs including Heathrow, Brussels, and Berlin to return to manual processes. Airlines reported hundreds of delayed and cancelled flights as security teams raced…
Libraesva ESG Vulnerability Let Attackers Inject Malicious Commands
A critical security flaw in Libraesva ESG email security gateways has been identified and patched, allowing threat actors to execute arbitrary commands through specially crafted email attachments. The vulnerability, tracked as CVE-2025-59689, affects multiple versions of the popular email security…
European Airport Operations Disrupted by Ransomware
Passengers across Europe are facing another day of flight delays after a cyber-attack struck the company behind the check-in and boarding software used at many airports. London Heathrow, Brussels, Dublin and Berlin have been worst hit since Friday, when the…
EDR-Freeze, DeepMind persuasion, vendors exit ATT&CK
EDR-Freeze tool suspends security software DeepMind updates Frontier Safety Framework Major vendors withdraw from MITRE EDR Evaluations Huge thanks to our sponsor, Conveyor Security reviews don’t have to feel like a hurricane. Most teams are buried in back-and-forth emails and…
Apple Disables AirPods Live Translation In EU
Apple says it will not allow Live Translation to work for EU users as it criticises regulatory efforts forcing it to open up ecosystem This article has been indexed from Silicon UK Read the original article: Apple Disables AirPods Live…
Hackers Using SVG Files to Deliver Malicious Payloads
A recent malware campaign making the rounds in Latin America offers a stark example of how cybercriminals are evolving and finetuning their playbooks. Victims receive emails dressed up to look as though they come from trusted institutions, warning of lawsuits…
22.2 Tbps DDoS Attack Breaks Internet With New World Record
Cloudflare announced it had autonomously mitigated the largest distributed denial-of-service (DDoS) attack ever recorded. The hyper-volumetric attack peaked at an unprecedented 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps), setting a new and alarming benchmark for…
Libraesva ESG Vulnerability Allows Attackers to Execute Malicious Commands
A critical command injection vulnerability in Libraesva ESG email security gateways has been discovered, allowing attackers to execute arbitrary commands through specially crafted compressed email attachments. The vulnerability, designated CVE-2025-59689, affects versions starting from 4.5 and has already been exploited…
Hackers Exploit GitHub Notifications to Launch Phishing Attacks
Cybersecurity researchers have uncovered a new phishing campaign that exploits GitHub’s official notification system to deliver malicious links and credential-stealing payloads. By capitalizing on the trust that open-source contributors place in GitHub’s communication channels, cybercriminals are able to bypass traditional…
EV charging biz zaps customers with data leak scare
Names, emails unplugged in DCS support snafu – but ‘billing is safe’ An electric vehicle charging point provider is telling users that their data may be compromised, following a recent security “incident” at a service provider.… This article has been…
Cybercriminals are going after law firms’ sensitive client data
Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been more at risk. Cybercriminals are targeting law firms by exploiting vulnerabilities, weak passwords, outdated systems, and…
Fake Job Offers Used to Deliver Advanced Malware Targeting Job Seekers
Iranian threat actors are exploiting job seekers’ aspirations through sophisticated fake recruitment campaigns designed to deploy advanced malware across Europe’s critical infrastructure sectors. The attack methodology demonstrates remarkable operational security and state-sponsored tradecraft characteristics. Nimbus Manticore, also known as UNC1549…
Windows 11 24H2 KB5064081 Update Causes Video Playback Issues
Microsoft’s latest Windows 11 update is causing significant problems for users trying to play protected video content. The KB5064081 update, released on August 29, 2025, has disrupted video playback functionality across multiple applications, leaving users frustrated with black screens and…
Review: Practical Purple Teaming
Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective purple team exercises that improve detection and response and strengthen trust between teams. About…
Top 10 Best Supply Chain Risk Management Solutions in 2025
In today’s rapidly evolving global market, supply chain risk management has become more crucial than ever before. Organizations face risks like geopolitical issues, market unpredictability, compliance challenges, supplier failures, and even cyber threats. To maintain resilience, companies must adopt robust…
Gartner: Preemptive cybersecurity to dominate 50% of security spend by 2030
By 2030, preemptive cybersecurity solutions will account for 50% of IT security spending, up from less than 5% in 2024, replacing standalone detection and response (DR) solutions as the preferred approach to defend against cyberthreats, according to Gartner. Preemptive security…