French parliamentary committee concludes six-month investigation urging social media ban for those under 15 over ‘dangerous content’ This article has been indexed from Silicon UK Read the original article: French Lawmakers Urge Social Media Ban For Under-15s
New K2 Think AI Model Falls to Jailbreak in Record Time
A groundbreaking vulnerability has emerged in the newly released K2 Think AI model from UAE’s Mohamed bin Zayed University of Artificial Intelligence (MBZUAI) in collaboration with G42. Security researchers have successfully jailbroken the advanced reasoning system within hours of its…
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dassault Systèmes DELMIA Apriso flaw, tracked as CVE-2025-5086 (CVSS score of 9.0), to its Known Exploited…
Boost Your Confidence With Robust NHI Management
Does Your Organization Understand the Strategic Importance of NHI Management? With corporations increasingly shift operations to the cloud, they face the daunting task of managing a vast array of Non-Human Identities (NHIs) – machine identities used in cybersecurity. With the…
How Protected Are Your NHIs in Dynamic Networks?
Unraveling the Core Structure: What are NHIs? Are you really protecting your Non-Human Identities (NHIs) to the best of your ability? NHIs are an often misunderstood but vitally important component. They are machine identities created by combining a “Secret” and…
Your heartbeat could reveal your identity, even in anonymized datasets
A new study has found that electrocardiogram (ECG) signals, often shared publicly for medical research, can be linked back to individuals. Researchers were able to re-identify people in anonymous datasets with surprising accuracy, raising questions about how health data is…
Microsoft Patches Zero Day And More
Cybersecurity Today: Microsoft Patches, Canadian Data Breach, NVIDIA’s New Tool, and a Senator’s Call for Investigation In this episode of Cybersecurity Today, host Jim Love discusses Microsoft’s September patch update addressing 81 security flaws, including two zero-day vulnerabilities. Highlights include…
Daikin Security Gateway Vulnerability Allows Unauthorized System Access
A critical security flaw in Daikin Security Gateway systems has been discovered that could enable attackers to bypass authentication and gain unauthorized access to industrial control systems. The vulnerability, tracked as CVE-2025-10127, affects organizations worldwide that rely on Daikin’s security infrastructure…
VirtualBox 7.2.2 Update Released with Fix for Guest GUI Crashes
Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significant improvement in the virtualization software’s…
New ToneShell Variant Uses Task Scheduler COM Service to Maintain Persistence
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enhanced persistence mechanisms and sophisticated anti-analysis capabilities that pose…
Microsoft Teams Launches Automatic Alerts for Malicious Links
Microsoft is significantly enhancing security for its Teams platform by introducing automatic warning systems that alert users about malicious links in chat messages. This new protective feature represents a crucial advancement in safeguarding collaboration platforms from increasingly sophisticated cyber threats…
New VMScape Spectre-BTI Attack Targets Isolation Flaws in AMD and Intel CPUs
Cybersecurity researchers at ETH Zurich have disclosed a critical new Spectre-based attack called VMSCAPE that exploits incomplete branch predictor isolation in virtualized cloud environments. The attack, tracked as CVE-2025-40300, affects multiple generations of AMD and Intel processors and enables malicious virtual machines to…
Attackers are coming for drug formulas and patient data
In the pharmaceutical industry, clinical trial data, patient records, and proprietary drug formulas are prime targets for cybercriminals. These high-value assets make the sector a constant focus for attacks. Disruptions to research or medicine distribution can have life-threatening consequences. “During…
CISOs brace for a new kind of AI chaos
AI is being added to business processes faster than it is being secured, creating a wide gap that attackers are already exploiting, according to the SANS Institute. The scale of the problem Attackers are using AI to work at speeds…
Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories
A security weakness has been disclosed in the artificial intelligence (AI)-powered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program. The issue stems from the fact that an out-of-the-box security setting…
IT Security News Hourly Summary 2025-09-12 06h : 3 posts
3 posts were published in the last hour 4:3 : New infosec products of the week: September 12, 2025 3:33 : EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks 3:33 : Microsoft Teams Introduces Automatic Alerts for…
Cornwell Quality Tools Suffers Data Breach, 100,000 User Records Exposed
Cornwell Quality Tools, a leading automotive and industrial tool supplier, has confirmed a significant data breach that compromised the personal information of 103,782 individuals. The cybersecurity incident occurred on December 12, 2024, when unauthorized attackers gained access to the company’s…
Microsoft Exchange Online Outage for Users Accessing Email via Exchange Online Methods
Microsoft is investigating a significant Exchange Online service disruption that is preventing users in North and South America from accessing their mailboxes. The ongoing incident, tracked under the ID EX1151485 in the admin center, impacts all methods of connecting to…
Are cybercriminals hacking your systems – or just logging in?
As bad actors often simply waltz through companies’ digital front doors with a key, here’s how to keep your own door firmly locked tight This article has been indexed from WeLiveSecurity Read the original article: Are cybercriminals hacking your systems…
Ransomware, vendor outages, and AI attacks are hitting harder in 2025
Ransomware, third-party disruptions, and the rise of AI-powered attacks are reshaping the cyber risk landscape in 2025. A new midyear analysis from Resilience shows how these forces are playing out in real-world incidents and how they are changing the financial…
New infosec products of the week: September 12, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Cynomi, DataLocker, Gigamon, Lookout, and Relyance AI. Cynomi simplifies vendor risk management Cynomi’s TPRM provides MSPs and MSSPs with a scalable way to deliver these…
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
Combining AI-generated code and social engineering, EvilAI operators are executing a rapidly expanding campaign, disguising their malware as legitimate applications to bypass security, steal credentials, and persistently compromise organizations worldwide. This article has been indexed from Trend Micro Research, News…
Microsoft Teams Introduces Automatic Alerts for Malicious Links from Attackers
Microsoft to enhance security for its Teams platform by automatically warning users about malicious links in chat messages. The new feature, part of Microsoft Defender for Office 365, is designed to protect users from phishing, spam, and malware attacks by…
Exabeam Extends Proven Insider Threat Detection to AI Agents with Google Cloud
BROOMFIELD, Colo. & FOSTER CITY, Calif. – September 9, 2025 – At Google Cloud’s pioneering Security Innovation Forum, Exabeam, a global leader in intelligence and automation that powers security operations, today announced the integration of Google Agentspace and Google…