Tapo’s smart power strip packs six outlets and tracks real-time energy usage – even when devices are turned off. This article has been indexed from Latest news Read the original article: How I use a smart outlet to save money…
Meta wears Prada? Why its next-gen AR glasses might out-style the Ray-Bans
Reports point to Meta launching two new pairs of smart glasses at its Connect event next week. And there may be another unexpected wearable device as well. This article has been indexed from Latest news Read the original article: Meta…
CISA: CVE Program to Focus on Vulnerability Data Quality
CISA says it is time for the CVE Program to focus on improving trust, responsiveness, and the caliber of vulnerability data. The post CISA: CVE Program to Focus on Vulnerability Data Quality appeared first on SecurityWeek. This article has been…
France Warns Apple Users of New Spyware Campaign
Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency This article has been indexed from www.infosecurity-magazine.com Read the original article: France Warns Apple Users of New Spyware Campaign
IT Security News Hourly Summary 2025-09-12 12h : 7 posts
7 posts were published in the last hour 9:33 : Malware Campaign Uses SVG Email Attachments to Deploy XWorm and Remcos RAT 9:33 : How Everyday Apps Leak More Data Than You Realize 9:10 : Axios Vulnerability Enables Attackers to…
Buterat Backdoor Campaigns Targeting Enterprise Endpoint Control
Backdoor malware is a covert type of malicious software designed to bypass standard authentication mechanisms and provide persistent, unauthorized access to compromised systems. Unlike conventional malware that prioritizes immediate damage or data theft, backdoors focus on stealth and longevity, enabling…
UK train operator LNER (London North Eastern Railway) discloses a data breach
LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information. UK train operator LNER (London North Eastern Railway) reported a data breach through a third-party supplier, compromising customer contact details and other…
Navigating AI risk: Building a trusted foundation with Red Hat
Red Hat helps organizations embrace AI innovation by providing a comprehensive and layered approach to security and safety across the entire AI lifecycle. We use our trusted foundation and expertise in open hybrid cloud to address the challenges around AI…
Apple Warns Of Series Mercenary Spyware Attacks Targeting Users’ Devices
Apple has issued a warning regarding highly sophisticated “mercenary spyware” attacks targeting a select group of its users. The company’s threat notification system is designed to alert and support individuals who may have been targeted due to their profession or…
Microsoft To Depreciate VBScript In Windows Warns Developers To Adapt Their Projects
Microsoft has officially announced a multi-phase plan to deprecate VBScript in Windows, a move that signals a significant shift for developers, particularly those working with Visual Basic for Applications (VBA). The change, first detailed in May 2024, will gradually phase…
Windows Defender Firewall Vulnerabilities Let Attackers Escalate Privileges
Microsoft has addressed four elevation of privilege vulnerabilities in its Windows Defender Firewall service, all rated as “Important” in severity. The security flaws were detailed in Microsoft’s September 9, 2025, security update release. If exploited, these vulnerabilities could allow an…
Hack to school: Parents told to keep their little script kiddies in line
UK data watchdog says students behind most education cyberattacks The UK’s data protection watchdog says more than half of cyberattacks in schools are caused by students, and that parents should act early to prevent their offspring from falling into the…
Privacy activists warn digital ID won’t stop small boats – but will enable mass surveillance
Big Brother Watch says a so-called BritCard could turn daily life into one long identity check – and warn that Whitehall can’t be trusted to run A national digital ID could hand the government the tools for population-wide surveillance –…
VMScape: Academics Break Cloud Isolation With New Spectre Attack
Exploiting incomplete speculative execution attack mitigations extended to the branch predictor state, VMScape leaks arbitrary memory. The post VMScape: Academics Break Cloud Isolation With New Spectre Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Malware Campaign Uses SVG Email Attachments to Deploy XWorm and Remcos RAT
Recent threat campaigns have revealed an evolving use of BAT-based loaders to deliver Remote Access Trojans (RATs), including XWorm and Remcos. These campaigns typically begin with a ZIP archive—often hosted on seemingly legitimate platforms such as ImgKit—designed to entice user…
How Everyday Apps Leak More Data Than You Realize
Most mobile apps silently leak personal data to third parties, even trusted ones. From trackers in Google Play apps to high-profile breaches like Strava and British Airways, app data leakage is a growing privacy risk. Learn why apps leak data…
Axios Vulnerability Enables Attackers to Crash Node.js Applications via Data Handle Abuse
A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js applications through malicious data URL handling. The flaw, tracked as CVE-2025-58754, affects all versions of Axios before 1.11.0 and has been…
Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage intrusions across South Asia. Active since at…
Apple issues spyware warnings as CERT-FR confirms attacks
Apple warned users of a spyware campaign; France’s cyber agency confirmed targeted iCloud-linked devices may be compromised. Apple warned customers last week about new spyware attacks, the French national Computer Emergency Response Team (CERT-FR) said. The agency confirmed at least…
Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm
KioSoft was notified about a serious NFC card vulnerability in 2023 and only recently claimed to have released a patch. The post Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm appeared first on SecurityWeek. This…
Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage
The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default for modern enterprises, accelerating delivery but also expanding the attack surface in ways traditional security models can’t keep up with.…
FTC Opens Probe Into OpenAI, Google, Meta Over AI Risks
US trade regulator looks into how companies are protecting children and teenagers from negative impacts, after Senate launches probe This article has been indexed from Silicon UK Read the original article: FTC Opens Probe Into OpenAI, Google, Meta Over AI…
Black Box Testing vs. White Box: The Hidden Risks of Choosing Wrong
With attacks on applications growing rapidly, regular testing of web and mobile platforms has become critical. In fact, statistics show that web applications are involved in 26% of breaches, ranking as the second most exploited attack pattern. There are multiple…
HCL AppScan 360º 2.0 protects software supply chains
HCLSoftware launched HCL AppScan 360º version 2.0, a next-generation application security platform designed to help organizations regain control over their software supply chains. As open-source adoption accelerates and global data regulations tighten, HCL AppScan 360º delivers a cloud-native solution that…