Kids are making a mark in the U.K.’s cybersecurity arena, and not in the way their parents want them to. This article has been indexed from Security News | TechCrunch Read the original article: Kids in the UK are hacking…
Google fixes critical Chrome flaw, researcher earns $43K
Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution. A researcher earned $43000 from Google for reporting a critical Chrome vulnerability, tracked as CVE-2025-10200, in the Serviceworker component. A use-after-free (UAF) occurs…
Cisco Patches High-Severity IOS XR Vulnerabilities
High-severity flaws in IOS XR could lead to ISO image verification bypass and denial-of-service conditions. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cisco Patches…
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September and earlier this year, the attackers are affiliates of the Akira…
Wyden Urges FTC Investigation Over Ascension Ransomware Hack
Senator Ron Wyden of Oregon has urged the FTC to investigate Microsoft for cybersecurity lapses linked to ransomware attacks on US critical infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Wyden Urges FTC Investigation Over Ascension…
How the Infamous APT 1 Report Exposing China’s PLA Hackers Came to Be
This is the first in a series of pieces I’ll publish that take an in-depth look at significant events, people and cases in security and surveillance from the past. If there’s something you think would make a good topic for…
UK Train Operator LNER Passengers Data Accessed In Cyber Attack
London North Eastern Railway (LNER) has confirmed that passenger data was accessed following a cyber attack on one of its third-party suppliers. The breach involved unauthorized access to files containing customer contact details and information related to previous journeys. LNER…
CoreDNS Vulnerability Let Attackers Pin DNS Cache And Deny Service Updates
A significant vulnerability has been discovered in CoreDNS that could allow attackers to disrupt services by pinning DNS cache entries, effectively creating a denial of service for updates. The flaw, residing in the CoreDNS etcd plugin stems from a critical…
PoisonSeed Threat Actor Registering New Domains in Attempt to Compromise Enterprise Credentials
In recent months, cybersecurity researchers have observed a surge in malicious domain registrations linked to an emerging e-crime group known as PoisonSeed. First identified in April 2025, this actor has focused its efforts on impersonating legitimate cloud-based email platforms, most…
Cornwell Quality Tools Data Breach – 100,000 Users Data Was Compromised
Cornwell Quality Tools has disclosed a significant data breach that compromised the sensitive information of nearly 104,000 individuals. The incident involved unauthorized access to the company’s network, resulting in the exposure of both personally identifiable information (PII) and protected health…
kkRAT Employs Network Communication Protocol to Steal Clipboard Contents
In early May 2025, cybersecurity researchers began tracking a novel Remote Access Trojan (RAT) targeting Chinese-speaking users via phishing sites hosted on GitHub Pages. Masked as legitimate installers for popular applications, the initial ZIP archives contained malicious executables engineered to…
F5 moves to secure generative AI with CalypsoAI acquisition
F5 announced its intent to acquire CalypsoAI, whose platform brings real-time threat defense, red teaming at scale, and data security to enterprises racing to deploy generative and agentic AI. These capabilities will be integrated into the F5 Application Delivery and…
Threat Actors Leveraging Open-Source AdaptixC2 in Real-world Attacks
In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to infect enterprise systems. Unlike many high-profile command-and-control (C2) platforms, AdaptixC2 has flown under the radar, with scant public documentation demonstrating its use in live adversary…
Global Cyber Threats August 2025: Agriculture in the Crosshairs
In August 2025, the global cyber threat landscape presented a complex interplay of stability and alarming new challenges. Organizations around the world confronted an average of nearly 2,000 cyber attacks each week—a slight 1% decrease from July but a stark…
Apple’s Big Bet to Eliminate the iPhone’s Most Targeted Vulnerabilities
Alongside new iPhones, Apple released a new security architecture on Tuesday: Memory Integrity Enforcement aims to eliminate the most frequently exploited class of iOS bugs. This article has been indexed from Security Latest Read the original article: Apple’s Big Bet…
UK Train Operator LNER Warns Customers of Data Breach
LNER said the security incident involved a third-party supplier and resulted in contact information and other data being compromised. The post UK Train Operator LNER Warns Customers of Data Breach appeared first on SecurityWeek. This article has been indexed from…
Cybercriminals Weaponize AI for Large-Scale Extortion and Ransomware Attacks
AI company Anthropic has uncovered alarming evidence that cybercriminals are weaponizing artificial intelligence tools for sophisticated criminal operations. The company’s recent investigation revealed three particularly concerning applications of its Claude AI: large-scale extortion campaigns, fraudulent recruitment schemes linked to…
AdaptixC2 Raises Security Alarms Amid Active Use in Cyber Incidents
During this time, when digital resilience has become more important than digital innovation, there is an increasing gap between strengthened defences and the relentless adaptability of cybercriminals, which is becoming increasingly evident as we move into the next decade.…
Jaguar Land Rover Cyberattack Breaches Data and Halts Global Production
Jaguar Land Rover (JLR), the UK’s largest automaker and a subsidiary of Tata Motors, has confirmed that the recent cyberattack on its systems has not only disrupted global operations but also resulted in a data breach. The company revealed during…
Android’s App Freedom Shrinks As Google Tightens Rules
For years, the Android vs. iOS debate has centered around one key argument: freedom of choice. Nothing highlighted this more than sideloading apps. “But iOS is a walled garden. Apple controls what you can and can’t install on your…
Box Shield Pro monitors AI workflows and sensitive data
Box announced Box Shield Pro, a new suite of security capabilities powered by AI, that builds on the company’s flagship content protection solution, Box Shield. With Box Shield Pro, customers can automatically apply AI-driven classification, accelerate threat response with agentic…
N-able’s Cat-MIP standardizes terminology for AI automation
N-able has introduced Cat-MIP, a solution designed to standardize and document terminology for AI automation and MCP Server behaviors across MSP and IT ecosystems. This breakthrough enables IT service providers to harness AI more effectively for enhanced business and cybersecurity…
IT Security News Hourly Summary 2025-09-11 15h : 11 posts
11 posts were published in the last hour 12:43 : Attackers Abuse Kubernetes DNS to Extract Git Credentials from ArgoCD 12:43 : Kenyan Filmmakers Targeted with FlexiSPY Spyware Tracking Messages and Social Media 12:43 : CoreDNS Vulnerability Allows Attackers to…
UK Rail Operator LNER Confirms Cyber Attack Exposing Passenger Data
LNER cyber attack exposes passenger contact details and journey data. No financial information or passwords were taken, but… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: UK Rail…