As artificial intelligence becomes part of everyday life, cybercriminals are already exploiting its vulnerabilities. One major threat shaking up the tech world is the prompt injection attack — a method where hidden commands override an AI’s normal behavior, turning…
UK Government Finally Introduces Cyber Security and Resilience Bill
The UK government is overhauling cybersecurity laws for the first time since 2018 with the Cyber Security and Resilience Bill This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Finally Introduces Cyber Security and Resilience Bill
Bank Of England Defends Stablecoin Limits
Bank of England deputy governor says proposed limits necessary to ensure financial stability amid adoption of new technology This article has been indexed from Silicon UK Read the original article: Bank Of England Defends Stablecoin Limits
Microsoft SQL Server Vulnerability Allows Privilege Escalation
Microsoft has disclosed a critical SQL injection vulnerability in SQL Server that could allow authenticated attackers to escalate their privileges over a network. Tracked as CVE-2025-59499 and assigned an Important severity rating, the vulnerability stems from improper neutralization of special…
New KomeX Android RAT Advertised on Hacker Forums with Multiple Subscription Options
A newly identified Android remote access trojan (RAT) dubbed KomeX has surfaced on underground hacker forums, generating widespread concern within the cybersecurity community. Marketed by a threat actor under the alias “Gendirector,” KomeX is built atop the infamous BTMOB RAT…
ChatGPT Hacked Using Custom GPTs Exploiting SSRF Vulnerability to Expose Secrets
A Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT. The flaw, lurking in the Custom GPT “Actions” feature, allowed attackers to trick the system into accessing internal cloud metadata, potentially exposing sensitive Azure credentials. The bug, discovered by Open Security…
Google Launches ‘Private AI Compute’ — Secure AI Processing with On-Device-Level Privacy
Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has built Private AI Compute to “unlock the full speed and…
Google To Invest $6.4bn In Germany
Investments over four years include spending on two data centres as company spends tens of billions on AI infrastructure This article has been indexed from Silicon UK Read the original article: Google To Invest $6.4bn In Germany
Chrome Security Update Fixes Improper Implementation in V8 JavaScript Engine
Google has released a new stable Chrome update that addresses a serious flaw in its V8 JavaScript engine. The update, now available as version 142.0.7444.162/.163 for Windows, 142.0.7444.162 for Mac, and 142.0.7444.162 for Linux, will roll out to users over…
GitHub Copilot and Visual Studio Flaws Let Attackers Bypass Security Protections
Microsoft has disclosed two critical security vulnerabilities affecting GitHub Copilot and Visual Studio Code that could allow attackers to bypass important security protections. Both flaws were reported on November 11, 2025, and carry “Important” severity ratings, posing immediate risks to…
German Court Finds OpenAI Infringes Law Over Song Lyrics
ChatGPT developer infringes authors’ rights by failing to pay licence fees for song lyrics in ‘clear’ violation of rules, court finds This article has been indexed from Silicon UK Read the original article: German Court Finds OpenAI Infringes Law Over…
$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK
“Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), also known as the “Bitcoin Queen,” to 11 years…
SecureVibes – AI-backed Tool Uses Claude AI Agents to Scan for Vulnerabilities Across 11 Languages
In the fast-paced world of “vibecoding,” where developers use AI to build applications rapidly, a new open-source tool is stepping up to tackle security risks. SecureVibes, created by developer Anshuman Bhartiya, leverages Anthropic’s Claude AI through a multi-agent system to…
Windows Remote Desktop Services Vulnerability Let Attackers Escalate Privileges
Microsoft has disclosed a significant vulnerability in Windows Remote Desktop Services (RDS) that could allow authorized attackers to escalate their privileges on affected systems. Tracked as CVE-2025-60703, the flaw stems from an untrusted pointer dereference, a classic memory safety issue that…
New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials
A large-scale phishing campaign has emerged, exploiting Meta’s Business Suite to compromise credentials across thousands of small and medium-sized businesses worldwide. Check Point security researchers identified approximately 40,000 phishing emails distributed to more than 5,000 customers, primarily targeting industries including…
ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Rockwell, Aveva, Schneider
An Aveva vulnerability also impacts Schneider Electric products and both vendors have published advisories. The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Rockwell, Aveva, Schneider appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Google’s remote-wipe weapon, Qilin ransomware activity surges, GootLoader is back
Google’s Find Hub turns into remote-wipe weapon Qilin ransomware activity surges GootLoader is back Huge thanks to our sponsor, Vanta What’s your 2 AM security worry? Is it “Do I have the right controls in place?” Or “Are…
Chinese Bitcoin ‘Queen’ Handed Jail Term In London
Chinese woman who fled to London with nearly £5bn in Bitcoin jailed after embezzling funds from more than 100,000 elderly pensioners This article has been indexed from Silicon UK Read the original article: Chinese Bitcoin ‘Queen’ Handed Jail Term In…
IT Security News Hourly Summary 2025-11-12 09h : 4 posts
4 posts were published in the last hour 7:36 : Tor Browser 15.0.1 Update Patches Several High-Risk Security Flaws 7:36 : Chrome Patches High-severity Implementation Vulnerability in V8 JavaScript engine 7:36 : New Google Study Reveals Threat Protection Against Text…
Tor Browser 15.0.1 Update Patches Several High-Risk Security Flaws
The Tor Project has released a fresh update for its privacy-focused web browser. Tor Browser 15.0.1 is now available and addresses several high-risk security issues that could have compromised users’ privacy. This update is recommended for all users who want…
Chrome Patches High-severity Implementation Vulnerability in V8 JavaScript engine
Google has released Chrome version 142.0.7444.162/.163 to address a high-severity security vulnerability in the V8 JavaScript engine. The stable channel update is now rolling out across Windows, Mac, and Linux platforms over the coming days and weeks. The security fix…
New Google Study Reveals Threat Protection Against Text Scams
As Cybersecurity Awareness Month comes to an end, we’re concentrating on mobile scams, one of the most prevalent digital threats of our day. Over $400 billion in funds have been stolen globally in the past 12 months as a result…
University of Pennsylvania Hit by Hackers: Fake Emails, Data Leak Threats, and Political Backlash
The University of Pennsylvania is investigating a cybersecurity incident after unknown hackers gained access to internal email accounts and sent thousands of misleading messages to students, alumni, and staff on Friday morning. The fraudulent emails, which appeared to come…
Google regulation by the CMA in the UK
Google may soon be forced to make significant changes to its search engine in the UK, following regulatory action by the UK’s Competition and Markets… The post Google regulation by the CMA in the UK appeared first on Panda Security…