F5 unveiled enhancements to the F5 Application Delivery and Security Platform (ADSP). The latest updates focus on strengthening API discovery capabilities, improving threat detection, and optimizing network connectivity. These updated capabilities are in the latest 7.0 release of F5 Distributed…
Apple’s Cook Meets With US Lawmakers To Oppose Safety Bill
Apple chief executive Tim Cook meets with members of US House to argue against children’s safety legislation This article has been indexed from Silicon UK Read the original article: Apple’s Cook Meets With US Lawmakers To Oppose Safety Bill
Hackers Infiltrate VS Code Marketplace with 19 Malicious Extensions Posing as PNG File
Security researchers have uncovered a significant threat targeting developers through the VS Code Marketplace. A coordinated campaign involving 19 malicious extensions has been actively infiltrating the platform, with the attack remaining undetected since February 2025. These deceptive extensions carry hidden…
CloudCasa adds SMB support and compression controls for Kubernetes backup
CloudCasa announced the latest enhancements to its CloudCasa platform, adding support for accessing backup storage using SMB (Server Message Block) file-sharing protocol and support for user-selectable compression of backup data. These enhancements complement CloudCasa’s support for NFS backup storage introduced…
Black Duck Signal applies LLM intelligence to code and supply chain risk
Black Duck announced the launch of Black Duck Signal, a transformative agentic AI solution engineered to secure software at the speed of AI-powered development. Signal combines Black Duck’s 20 years of software security expertise and intellectual property with LLM-powered software…
Coupang CEO resigns, hactivists target US infrastructure, Israeli cybersecurity hits record funding
CEO of retail giant Coupang resigns Pro-Russia hactivists target US infrastructure Israeli cybersecurity funding hits record Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI.…
IT Security News Hourly Summary 2025-12-11 09h : 7 posts
7 posts were published in the last hour 8:2 : Mandating Security by Design: Sekoia’s Blueprint for the EU Cyber Resilience Act 8:2 : Amazon, Microsoft To Spend $50bn In India 8:2 : EU Cyber Resilience Act (CRA) – Overview…
Mandating Security by Design: Sekoia’s Blueprint for the EU Cyber Resilience Act
Introduction The European Union (EU) continues to solidify its cybersecurity landscape through ambitious, horizontal regulations. In addition to the NIS 2 Directive and the Digital Operational Resilience Act (DORA), the Cyber Resilience Act (CRA) establishes a comprehensive framework aimed at…
Amazon, Microsoft To Spend $50bn In India
Two tech giants to spend combined $50bn in south Asian country on AI, cloud infrastructure, as Intel pledges support for chipmaking plan This article has been indexed from Silicon UK Read the original article: Amazon, Microsoft To Spend $50bn In…
EU Cyber Resilience Act (CRA) – Overview
What is the Cyber Resilience Act – CRA The Cyber Resilience Act is the first European regulation to set a mandatory minimum level of cyber security for all connected products available on the EU market – something that did not exist…
It didn’t take long: CVE-2025-55182 is now under active exploitation
Threat actors are now exploiting CVE-2025-55182, and attacks are poised to grow. Here’s what you need to know about the vulnerability, how our honeypots are being targeted, what malware is being deployed, and how to protect your systems. This article…
Google Patches Mysterious Chrome Zero-Day Exploited in the Wild
The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects. The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article has been indexed…
40 open-source tools redefining how security teams secure the stack
Open source security software has become a key way for teams to get flexibility, transparency, and capability without licensing costs. The free tools in this roundup address problems security teams deal with, from managing large environments to catching misconfigurations and…
Bugcrowd unveils AI tools to accelerate triage and strengthen preemptive security
Bugcrowd has launched new platform functionality, Bugcrowd AI Triage Assistant and Bugcrowd AI Analytics, to bring speed and intelligence and insights to the process of building security resilience. Combined with the general availability of AI Connect, these new capabilities enable…
Active Attacks Exploit Gladinet’s Hard-Coded Keys for Unauthorized Access and Code Execution
Huntress is warning of a new actively exploited vulnerability in Gladinet’s CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so far. “Threat actors can potentially abuse this as a way to…
LLM vulnerability patching skills remain limited
Security teams are wondering whether LLMs can help speed up patching. A new study tests that idea and shows where the tools hold up and where they fall short. The researchers tested LLMs from OpenAI, Meta, DeepSeek, and Mistral to…
644K+ Websites at Risk Due to Critical React Server Components Flaw
The Shadowserver Foundation has issued an urgent update regarding the critical “React2Shell” vulnerability, identifying a massive attack surface that remains exposed to potential exploitation. Following targeted improvements to their scanning infrastructure on December 8, 2025, researchers discovered that over 644,000…
New “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages Instantly
A sophisticated phishing toolkit dubbed “Spiderman” has emerged as a significant threat to European banking customers, enabling cybercriminals to create convincing fake login pages for dozens of financial institutions with just a few clicks. This development marks a dangerous evolution…
Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace
ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in…
Password habits are changing, and the data shows how far we’ve come
In this Help Net Security video, Andréanne Bergeron, Security Researcher at Flare, explains how changes in user habits, policy shifts, and new tools have shaped password security over nearly twenty years. She walks through research based on leaked passwords from…
Windows Defender Firewall Service Vulnerability Let Attackers Disclose Sensitive Data
A critical information disclosure vulnerability in Windows Defender Firewall Service, which could allow authorized attackers to access sensitive heap memory on affected systems. The vulnerability, tracked as CVE-2025-62468, was assigned an Important severity rating and released on December 9, 2025.…
Product showcase: Tuta – secure, encrypted, private email
Tuta, formerly known as Tutanota, is built for anyone who wants email that stays private. Instead of treating encryption like a bonus feature, the service encrypts almost everything by default. That means your messages are locked down from the moment…
IT Security News Hourly Summary 2025-12-11 06h : 3 posts
3 posts were published in the last hour 5:2 : Teamwork is failing in slow motion and security feels it 4:31 : Google Warns of Chrome 0-Day Vulnerability Actively Exploited in the wild 4:31 : Adobe Acrobat Reader Vulnerabilities Let…
Teamwork is failing in slow motion and security feels it
Security leaders often track threats in code, networks, and policies. But a quieter risk is taking shape in the everyday work of teams. Collaboration is getting harder even as AI use spreads across the enterprise. That tension creates openings for…