The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker This article has been indexed from www.infosecurity-magazine.com Read the original article: Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
US Telco Services Firm Reports Nation-State Hack
Hack on Ribbon Communications was in place for almost a year, recalling previous long-term cyber-espionage campaigns This article has been indexed from Silicon UK Read the original article: US Telco Services Firm Reports Nation-State Hack
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and public relations company Dentsu, one of the largest marketing agencies in…
Impenetrable Security for Non-Human Identities
The Strategic Importance of Non-Human Identities in Cybersecurity Have you ever considered how critical Non-Human Identities (NHIs) are to the security architecture of numerous sectors? With the increasing reliance on automated systems and cloud-based environments, NHIs have become pivotal in…
Free Your Organization from Identity Threats
Are Machine Identities the Key to Freeing Your Organization from Threats? When considering ways to protect organizations from emerging cybersecurity threats, one often-overlooked element is the management of Non-Human Identities (NHIs). With more organizations migrate to the cloud, the importance…
Amazon Brings ‘Rainier’ Data Centre Project Online
First phase of Amazon’s Project Rainier data centre cluster comes online to train and run Anthropic Claude AI models, using custom chips This article has been indexed from Silicon UK Read the original article: Amazon Brings ‘Rainier’ Data Centre Project…
New Malware Infects WooCommerce Sites Through Fake Plugins to Steal Credit Card Data
A sophisticated malware campaign is actively targeting WordPress e-commerce websites using the WooCommerce plugin, according to recent findings from the Wordfence Threat Intelligence Team. The malware campaign, which employs advanced evasion techniques and multi-layered attack strategies, disguises itself as a…
Privilege Escalation Exploit Targets Windows Cloud Files Minifilter
Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025. The flaw, assigned CVE-2025-55680, was originally discovered in March 2024 and represents a significant security concern for systems utilising OneDrive and similar cloud…
Akeyless introduces AI Agent Identity Security for safer AI operations
Akeylesshas released a new AI Agent Identity Security solution designed to secure the rise of autonomous AI systems. AI Agent identity crisis More than 95% of organizations are planning to adopt and use AI agents in the next 12 months.…
Confluent Private Cloud enables real-time data streaming and governance for regulated industries
Confluent has released Confluent Private Cloud, the simplest way to deploy, manage, and govern streaming data on private infrastructure. The solution addresses the challenge of scaling Apache Kafka on-premises in highly regulated industries by bringing Confluent’s most advanced cloud-native features…
Rare Earth Supply Constraints Hit German Manufacturers
German companies manufacturing electronic, optical gear report increased supply constraints amidst rising restrictions on rare-earths This article has been indexed from Silicon UK Read the original article: Rare Earth Supply Constraints Hit German Manufacturers
Chrome 142 Update Patches 20 Security Flaws Enabling Code Execution
Google has released Chrome version 142 to the stable channel, addressing multiple critical security vulnerabilities that could allow attackers to execute malicious code on affected systems. The update, now rolling out to Windows, Mac, and Linux users, contains fixes for…
Chrome 142 Released With Fix for 20 Vulnerabilities that Allows Malicious Code Execution
Google has officially promoted Chrome 142 to the stable channel, delivering critical security updates for Windows, Mac, and Linux users. The rollout begins immediately and will continue over the next few days or weeks, ensuring widespread protection against newly discovered…
StrongestLayer launches AI Advisor to verify unknown senders in real time
StrongestLayer has launched AI Advisor, an inbox-native security assistant designed to verify first-time senders and unknown contacts in real time. The Outlook and Gmail plugin provides instant, AI-powered analysis for any email that raises suspicion, reimagining security awareness by replacing…
New OpenText capabilities enhance enterprise defense with AI across identity, data, and apps
OpenText announced new cybersecurity capabilities designed to help enterprises embed AI into everyday security operations and enforce governance and compliance at scale. OpenText Cybersecurity unifies defenses across identity, data, applications, SecOps, and forensics, putting AI directly in the flow of…
IT Security News Hourly Summary 2025-10-30 09h : 4 posts
4 posts were published in the last hour 8:4 : US Senate Proposes AI Companion Ban For Minors 8:4 : 12 Malicious Extensions in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials 7:33 : How neighbors could spy on…
US Senate Proposes AI Companion Ban For Minors
Character.ai to restrict use by under-18s, after Senate proposes banning minors from use of ‘treacherous chatbots’ This article has been indexed from Silicon UK Read the original article: US Senate Proposes AI Companion Ban For Minors
12 Malicious Extensions in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials
The VSCode extension marketplace has become a critical vulnerability in the software supply chain. Security researchers at HelixGuard Team recently discovered 12 malicious extensions operating within the Microsoft VSCode Marketplace and OpenVSX, with four remaining active despite their detection. These…
How neighbors could spy on smart homes
Even with strong wireless encryption, privacy in connected homes may be thinner than expected. A new study from Leipzig University shows that someone in an adjacent apartment could learn personal details about a household without breaking any encryption. By monitoring…
LG Uplus confirms breach, Conduent attack impacts 10M+, hackers exploit tools against Ukraine
LG Uplus confirms cybersecurity incident 10 million+ impacted by Conduent breach Russian hackers exploit tools against Ukrainian targets Huge thanks to our sponsor, Conveyor Security reviews don’t have to feel like a hurricane. Most teams are buried in back-and-forth emails…
How the City of Toronto embeds security across governance and operations
In this Help Net Security interview, Andree Noel, Deputy CISO at City of Toronto, discusses how the municipality strengthens its cyber defense by embedding security into strategic objectives and digital governance. She outlines the City’s approach to addressing evolving threats…
Your photo could be all AI needs to clone your voice
A photo of someone’s face may be all an attacker needs to create a convincing synthetic voice. A new study from Australia’s national science agency explores this possibility, testing how well deepfake detectors perform against FOICE (Face-to-Voice), an attack attack…
WordPress Plugin Vulnerability Lets Attackers Read Any Server File
A critical security flaw has been discovered in the Anti-Malware Security and Brute-Force Firewall WordPress plugin, putting more than 100,000 websites at risk. The vulnerability, identified as CVE-2025-11705, allows authenticated attackers with basic subscriber-level access to read any file stored…
CISA Alerts on Active Exploitation of WSUS Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about active exploitation of a critical vulnerability affecting Windows Server Update Service (WSUS). The agency updated its alert on October 29, 2025, adding crucial information about identifying vulnerable…