Cybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness in Microsoft Teams cookie encryption, enabling attackers to steal user chat messages and other sensitive communications. The vulnerability stems from…
Hack Exposes Kansas City’s Secret Police Misconduct List
A major breach of the Kansas City, Kansas, Police Department reveals, for the first time, a list of alleged officer misconduct including dishonesty, sexual harassment, excessive force, and false arrest. This article has been indexed from Security Latest Read the…
Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks
PowerShell and .NET variants of the malware abuse AirWatch’s MDM API to establish a C&C communication channel. The post Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Conti Suspect in Court After Extradition From Ireland
Ukrainian national Oleksii Oleksiyovych Lytvynenko has appeared in a US court in connection with Conti ransomware charges This article has been indexed from www.infosecurity-magazine.com Read the original article: Conti Suspect in Court After Extradition From Ireland
Delaware Touts Legal Guardrails After OpenAI Restructure
Delaware attorney general says state will sue OpenAI if it fails to prioritise safety over shareholders’ profits This article has been indexed from Silicon UK Read the original article: Delaware Touts Legal Guardrails After OpenAI Restructure
Leak Site Ransomware Victims Spike 13% in a Year
CrowdStrike data reveals a 13% annual increase in the number of European ransomware victims in 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Leak Site Ransomware Victims Spike 13% in a Year
Windows Graphics Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code
Multiple vulnerabilities in Microsoft’s Graphics Device Interface (GDI), a core component of the Windows operating system responsible for rendering graphics. These flaws, discovered by Check Point through an intensive fuzzing campaign targeting Enhanced Metafile (EMF) formats, could enable remote attackers…
Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities
The two bugs are high-severity type confusion and inappropriate implementation issues in the browser’s V8 JavaScript engine. The post Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Pony.ai Obtains First Permit To Operate Robotaxis Across Shenzhen
Pony.ai obtains first permit to operate autonomous taxi services across full city of Shenzhen, China’s biggest tech hub This article has been indexed from Silicon UK Read the original article: Pony.ai Obtains First Permit To Operate Robotaxis Across Shenzhen
Chinese Scam Victims Seek Restitution After UK’s £5bn Crypto Seizure
Thousands of Chinese victims of a fraud ring seek restitution in High Court after UK government seizes £5bn in illicit Bitcoin proceeds This article has been indexed from Silicon UK Read the original article: Chinese Scam Victims Seek Restitution After…
Progress Fixes High-Severity MOVEit Transfer Vulnerability
Progress patches a MOVEit Transfer flaw letting attackers exhaust resources and cause denial-of-service without authentication. The post Progress Fixes High-Severity MOVEit Transfer Vulnerability appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
Conduent January 2025 breach impacts 10M+ people
Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info. Conduent January 2025 breach exposed the personal data of over 10M people, including names, addresses, DOBs, SSNs, and health and…
New BOF Tool Exploits Microsoft Teams’ Cookie Encryption Allowing Attackers to Access User Chats
A specialized Beacon Object File (BOF) designed to extract authentication cookies from Microsoft Teams without disrupting the application. This development builds on recent findings that expose how Teams stores sensitive access tokens, potentially allowing attackers to impersonate users and access…
A week in security (October 27 – November 2)
A list of topics we covered in the week of October 27 to November 2 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (October 27 – November 2)
Australia BadCandy warning, Cisco firewall attack, Aardvark eats bugs
Australia warns of BADCANDY attacks exploiting Cisco IOS XE Chinese hackers exploiting Cisco ASA firewalls used by governments worldwide OpenAI’s Aardvark GPT-5 agent finds and fixes code flaws automatically Huge thanks to our sponsor, ThreatLocker Imagine having the power to…
Nexperia Cuts Off Wafer Supplies To Chinese Unit
Chipmaker’s Dongguan, China unit idles machinery, scales down production after Dutch parent suspends wafer supplies This article has been indexed from Silicon UK Read the original article: Nexperia Cuts Off Wafer Supplies To Chinese Unit
Windows 11 24H2/25H2 Flaw Keeps Task Manager Running After You Close It
Microsoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the application. The issue causes multiple instances of the system monitoring tool to accumulate in the background,…
Conti Ransomware Operator Extradited to the United States
A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee following his…
AzureHound Tool Weaponized to Map Azure and Entra ID Environments
Threat actors misuse AzureHound to map Azure and Entra ID, turning a security tool into a powerful cloud reconnaissance weapon. The post AzureHound Tool Weaponized to Map Azure and Entra ID Environments appeared first on eSecurity Planet. This article has…
IT Security News Hourly Summary 2025-11-03 09h : 2 posts
2 posts were published in the last hour 7:34 : BO7 boosting: Cross-platform, Game Pass & cloud logistics 7:6 : A new way to think about zero trust for workloads
BO7 boosting: Cross-platform, Game Pass & cloud logistics
A practical roadmap for BO7 boosting and Black Ops 7 services across Xbox, PlayStation, Battle.net, Steam, and the cloud—ownership, cross-save, and security. The post BO7 boosting: Cross-platform, Game Pass & cloud logistics appeared first on Security Boulevard. This article has…
A new way to think about zero trust for workloads
Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for authenticating workloads without long-lived secrets. Instead of relying on static…
Heisenberg: Open-source software supply chain health check tool
Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), and external advisories to measure package health, detect risks, and generate reports for individual…
EDR-Redir V2 Evades Detection on Windows 11 by Faking Program Files
Security researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions on Windows 11. The new version demonstrates a sophisticated approach to redirecting security software by manipulating…