Meta’s newest smart glasses have reignited concerns about privacy, as many believe the company is inching toward a world where constant surveillance becomes ordinary. Introduced at Meta’s recent Connect event, the glasses reflect the kind of future that science fiction…
Sweden Confirms Power Grid Breach Amid Growing Ransomware Concerns
Swedish power grid operator, Suderland, has confirmed it is investigating a security incident related to a potential ransomware attack aimed at decrypting sensitive data as part of its ongoing cybersecurity investigation, a revelation that has stirred alarm across Europe’s…
FBI Wants to Know Who Runs Archive.ph
The FBI has issued a federal subpoena to domain registrar Tucows, demanding extensive billing and session records to unmask the anonymous operator of Archive.ph (Archive.is and Archive.today). The site, known for bypassing paywalls, is now the subject of an undisclosed…
Microsoft Uncovers ‘Whisper Leak’ Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This leakage of data…
Google Maps Adds Feature for Businesses to Report Ransom Demands Over Reviews
Scammers are targeting businesses with a new extortion scheme, and Google Maps is fighting back with a dedicated reporting tool. Google has introduced a feature that allows business owners to report ransom demands directly to malicious actors who threaten them…
Seven QNAP Zero-Day Vulnerabilities Exploited at Pwn2Own 2025 Now Patched
QNAP has addressed seven critical zero-day vulnerabilities in its network-attached storage (NAS) operating systems, following their successful exploitation by security researchers at Pwn2Own Ireland 2025. These flaws, identified as CVE-2025-62847, CVE-2025-62848, CVE-2025-62849, and associated ZDI canonical entries ZDI-CAN-28353, ZDI-CAN-28435, ZDI-CAN-28436,…
Scanners-Box – Open-Source Reconnaissance and Scanning Toolkit
Scanners-Box is an open-source reconnaissance and scanning toolkit for red teams and security researchers. Curated collection of scanners and recon utilities. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the original article:…
IT Security News Hourly Summary 2025-11-08 15h : 2 posts
2 posts were published in the last hour 13:36 : Tech Giants Pour Billions Into AI Race for Market Dominance 13:8 : Google Maps Adds Feature for Businesses to Report Ransom Demands for Removing Bad Reviews
Tech Giants Pour Billions Into AI Race for Market Dominance
Tech giants are intensifying their investments in artificial intelligence, fueling an industry boom that has driven stock markets to unprecedented heights. Fresh earnings reports from Meta, Alphabet, and Microsoft underscore the immense sums being poured into AI infrastructure—from data…
Google Maps Adds Feature for Businesses to Report Ransom Demands for Removing Bad Reviews
Scammers are targeting businesses with a new extortion scheme, and Google Maps is fighting back with a dedicated reporting tool. Google has introduced a feature that allows business owners to report ransom demands directly to malicious actors who threaten them…
Who’s watching the watchers? This Mozilla fellow, and her Surveillance Watch map
Esra’a Al Shafei spoke with The Reg about the spy tech ‘global trade’ interview Digital rights activist Esra’a Al Shafei found FinFisher spyware on her device more than a decade ago. Now she’s made it her mission to surveil the…
IT Security News Hourly Summary 2025-11-08 12h : 3 posts
3 posts were published in the last hour 10:40 : The who, where, and how of APT attacks in Q2 2025–Q3 2025 10:40 : In memoriam: David Harley 10:40 : TISZA Világ – 198,520 breached accounts
The who, where, and how of APT attacks in Q2 2025–Q3 2025
ESET Chief Security Evangelist Tony Anscombe highlights some of the key findings from the latest issue of the ESET APT Activity Report This article has been indexed from WeLiveSecurity Read the original article: The who, where, and how of APT…
In memoriam: David Harley
Former colleagues and friends remember the cybersecurity researcher, author, and mentor whose work bridged the human and technical sides of security This article has been indexed from WeLiveSecurity Read the original article: In memoriam: David Harley
TISZA Világ – 198,520 breached accounts
In late October 2025, data breached from the Hungarian political party TISZA was published online before being extensively redistributed. Stemming from a compromise of the TISZA Világ service earlier in the month, the breach exposed 200k records of personal data…
Hackers Hijack Samsung Galaxy Phones via 0-Day Exploit Using a Single WhatsApp Image
A sophisticated spyware operation targeting Samsung Galaxy devices, dubbed LANDFALL, which exploited a zero-day vulnerability to infiltrate phones through seemingly innocuous images shared on WhatsApp. This campaign, active since mid-2024, allowed attackers to deploy commercial-grade Android malware capable of full…
IT Security News Hourly Summary 2025-11-08 09h : 1 posts
1 posts were published in the last hour 7:9 : AI-Powered Cyber Threats Rise: Attackers Target Manufacturing Sector
AI-Powered Cyber Threats Rise: Attackers Target Manufacturing Sector
A comprehensive new report reveals that manufacturing organizations are grappling with a dual challenge: rapidly adopting generative AI technologies while simultaneously defending against attackers who exploit these same platforms and trusted cloud services to launch sophisticated attacks. The findings underscore…
Honeypot: Requests for (Code) Repositories, (Sat, Nov 8th)
This is just a quick diary entry to report that I saw requests on my honeypot for (code) repositories: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Honeypot: Requests for (Code) Repositories,…
New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images
Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in Samsung Galaxy devices. The malware, dubbed LANDFALL, leveraged a critical vulnerability in Samsung’s image processing library to deliver commercial-grade surveillance…
Samsung Mobile Flaw Exploited as Zero-Day to Deploy LANDFALL Android Spyware
A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a “commercial-grade” Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an…
A Former Black Hat Hacker Advises Us On Security Weaknesses
Unveiling the Double-Edged Sword of AI in Cybersecurity with Brian Black In this episode of Cybersecurity Today, host Jim Love interviews Brian Black, the head of security engineering at Deep Instinct and a former black hat hacker. Brian shares his…
IT Security News Hourly Summary 2025-11-08 06h : 2 posts
2 posts were published in the last hour 5:4 : New Microsoft Teams Feature Exposes Users to Phishing and Malware Risks 4:38 : Atroposia Malware Offers Attackers Built-In Tools to Spy, Steal, and Scan Systems
New Microsoft Teams Feature Exposes Users to Phishing and Malware Risks
Microsoft is poised to roll out a significant update to Teams, enabling users to initiate chats with anyone using just an email address—even if the recipient isn’t a Teams user. While the feature, launching in targeted releases by early November…