The OPNsense project has released version 25.7.7, delivering critical security improvements and performance enhancements to strengthen enterprise firewall deployments. This update represents a significant step forward in addressing infrastructure vulnerabilities while introducing user-requested operational enhancements that directly benefit network administrators…
FreeBSD-based OPNsense Firewall Released for Security Issues and Improvements
OPNsense has released an update focused on eliminating security vulnerabilities and improving firewall performance. The latest version includes third-party security updates, firewall improvements, and fixes that make the system more reliable for network administrators and security professionals. The development team…
Reddit Added To Australia Teen Social Media Ban
Reddit, livestreaming platform Kick to be restricted for under-16s as Australia prepares to enact restrictions next month This article has been indexed from Silicon UK Read the original article: Reddit Added To Australia Teen Social Media Ban
New Phishing Campaign Targets Travelers via Compromised Hotel Booking.com Accounts
Cybersecurity researchers have uncovered a sophisticated phishing campaign that exploits compromised hotel booking accounts to defraud travellers worldwide. The campaign, which has been active since at least April 2025, leverages stolen credentials from hotel administrators to impersonate legitimate Booking.com communications…
Hackers use Hyper-V, Cisco UCCX flaw, The Louvre’s password
Hackers use Windows Hyper-V to evade EDR detection Critical Cisco UCCX flaw lets attackers run commands as root The Louvre’s video security password was reportedly Louvre Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what…
Rockstar Games Accused Of ‘Blatant’ Union-Busting
Union members protest outside Rockstar and Take-Two offices after dozens of members sacked for alleged ‘gross misconduct’ This article has been indexed from Silicon UK Read the original article: Rockstar Games Accused Of ‘Blatant’ Union-Busting
Attackers Deploy LeakyInjector and LeakyStealer to Hijack Crypto Wallets and Browser Info
Cybersecurity researchers at Hybrid Analysis have uncovered a sophisticated two-stage malware campaign targeting cryptocurrency wallet users and browser data. The newly identified malware duo, dubbed LeakyInjector and LeakyStealer, represents a significant threat to digital asset security through its advanced evasion…
Influence of Chinese Hacker Organizations on U.S. Foreign Policy
Chinese cyber-espionage groups have once again demonstrated their determination and technical prowess in targeting U.S. organizations with ties to international policy-making, highlighting the persistent and evolving threat posed by state-linked cyber actors. Evidence indicates that the attackers sought to establish…
IT Security News Hourly Summary 2025-11-07 09h : 5 posts
5 posts were published in the last hour 7:36 : Postman expands platform with features for building AI-ready APIs 7:36 : November 2025 Patch Tuesday forecast: Windows Exchange Server EOL? 7:36 : Tufin Orchestration Suite R25-2 strengthens network, cloud, and…
Postman expands platform with features for building AI-ready APIs
Postman announced several updates bringing key enterprise features to its platform, so customers can build AI-ready APIs that meet the most critical enterprise specifications. As software increasingly shifts from applications to AI agents, the enterprise challenge has become clear: these…
November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?
October 2025 Patch Tuesday was one for the record books in so many ways. There was a big push by Microsoft to fix as many open vulnerabilities as possible in products that were reaching end-of-life (EOL). This included 116 CVEs…
Tufin Orchestration Suite R25-2 strengthens network, cloud, and SASE policy automation
Tufin announced Tufin Orchestration Suite (TOS) R25-2. The R25-2 release delivers expanded visibility, automation, and stronger security controls, enabling organizations to strengthen their security posture while simplifying operations across their hybrid environments. Security and network teams are forced to manage…
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in other words, vibe-coded. Secure Annex researcher John Tuckner, who flagged the…
Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story
In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, governance, and orchestration shape IT operations and why early collaboration between IT and security…
Cavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoor
In July 2025, Doctor Web’s anti-virus laboratory received a critical alert from a government-owned organization within the Russian Federation. The institution suspected a network compromise after discovering spam emails originating from one of their corporate email addresses. What began as…
Old privacy laws create new risks for businesses
Businesses are increasingly being pulled into lawsuits over how they collect and share user data online. What was once the domain of large tech firms is now a widespread legal risk for companies of all sizes. The latest analysis from…
What keeps phishing training from fading over time
When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as likely…
How Fast and Secure Customer Support Relies on Internet Privacy Tools
Discover how free VPNs enhance customer support speed, privacy, and trust by securing user connections and ensuring smooth, safe service interactions. The post How Fast and Secure Customer Support Relies on Internet Privacy Tools appeared first on Security Boulevard. This…
Elevating Customer Support with Smarter Access Solutions in an AI-Constrained World
Learn how unblocking AI tools enhances customer support speed, consistency, and reliability while maintaining strong security and compliance standards. The post Elevating Customer Support with Smarter Access Solutions in an AI-Constrained World appeared first on Security Boulevard. This article has…
Hospitals are running out of excuses for weak cyber hygiene
Healthcare leaders continue to treat cybersecurity as a technical safeguard instead of a strategic business function, according to the 2025 US Healthcare Cyber Resilience Survey by EY. The study, based on responses from 100 healthcare executives, outlines six areas where…
Innovative Tools and Tactics in Cybersecurity
In this episode of ‘Cybersecurity Today,’ hosted by Jim Love, the focus is on recent developments and tactics in cybersecurity. The episode discusses Meter’s networking solutions, the innovative tactics of the ransomware group Killen using common Windows tools, and three…
Amazon WorkSpaces for Linux Vulnerability Exposes Valid Auth Tokens to Attackers
A recently disclosed vulnerability in the Amazon WorkSpaces client for Linux exposes a critical security flaw that could allow attackers to gain unauthorized access to user environments due to improper handling of authentication tokens. The issue, tracked as CVE-2025-12779, has…
Sandworm Hackers Target Ukrainian Organizations With Data-Wiping Malware
Russia-aligned threat actor Sandworm has intensified its destructive cyber operations against Ukrainian organizations, deploying data wiper malware to cripple critical infrastructure and weaken the nation’s economy. Unlike other Russia-aligned advanced persistent threat groups that primarily engage in cyberespionage activities, Sandworm’s…
Claude Desktop Hit by Critical RCE Flaws Allowing Remote Code Execution
Security researchers have uncovered severe remote code execution vulnerabilities in three official Claude Desktop extensions developed and published by Anthropic. The Chrome, iMessage, and Apple Notes connectors, which collectively boast over 350,000 downloads and occupy prominent positions in Claude Desktop’s…