Global advertising and marketing giant Dentsu has confirmed that its U.S.-based subsidiary Merkle experienced a cyberattack, prompting immediate incident response measures and system shutdowns to contain the breach. The company detected abnormal activity within Merkle’s network infrastructure, which led to…
Canada Warns of Hackers Breached ICS Devices Controlling Water and Energy Facilities
Canadian authorities have issued an urgent alert following multiple confirmed incidents where cybercriminals compromised internet-accessible Industrial Control Systems (ICS) devices protecting critical infrastructure across the nation. The Canadian Centre for Cyber Security and the Royal Canadian Mounted Police report that…
New Attack Combines Ghost SPNs and Kerberos Reflection to Elevate Privileges on SMB Servers
A sophisticated privilege escalation vulnerability in Windows SMB servers, leveraging Ghost Service Principal Names (SPNs) and Kerberos authentication reflection to achieve remote SYSTEM-level access. Microsoft designated this as CVE-2025-58726, an “SMB Server Elevation of Privilege” flaw impacting all Windows versions…
PolarEdge Botnet Infected 25,000+ Devices and 140 C2 Servers Exploiting IoT Vulnerabilities
A sophisticated botnet campaign has compromised more than 25,000 IoT devices across 40 countries while establishing 140 command-and-control servers to facilitate cybercrime operations. The PolarEdge botnet, first disclosed in February 2025, exploits vulnerable IoT and edge devices to construct an…
France jacks into the Matrix for state messaging – and pays too
Governments eye comms alternatives as sovereignty worries mount Comment Decentralized communications network Matrix is hoping to be the beneficiary as European public and private sector organizations ponder alternatives to the messaging status quo.… This article has been indexed from The…
Dynamic binary instrumentation (DBI) with DynamoRio
Learn how to build your own dynamic binary instrumentation (DBI) tool with open-source DynamoRIO to enable malware analysis, security auditing, reverse engineering, and more. This article has been indexed from Cisco Talos Blog Read the original article: Dynamic binary instrumentation…
New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs) combined with Kerberos reflection attacks to gain SYSTEM-level access on domain-joined machines, even when previous Kerberos mitigations are in place.…
Deepfake-as-a-Service 2025 – How Voice Cloning and Synthetic Media Fraud Are Changing Enterprise Defenses
Deepfake-as-a-Service 2025. How voice cloning and synthetic media fraud hit enterprises, with case studies, detection tactics, and CISO actions. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the original article: Deepfake-as-a-Service 2025…
Former US Defense Contractor Executive Admits to Selling Exploits to Russia
Peter Williams stole trade secrets from his US employer and sold them to a Russian cybersecurity tools broker. The post Former US Defense Contractor Executive Admits to Selling Exploits to Russia appeared first on SecurityWeek. This article has been indexed…
Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
The former general manager of defense contractor Trenchant has admitted selling zero-days to Russian broker This article has been indexed from www.infosecurity-magazine.com Read the original article: Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
US Telco Services Firm Reports Nation-State Hack
Hack on Ribbon Communications was in place for almost a year, recalling previous long-term cyber-espionage campaigns This article has been indexed from Silicon UK Read the original article: US Telco Services Firm Reports Nation-State Hack
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and public relations company Dentsu, one of the largest marketing agencies in…
Impenetrable Security for Non-Human Identities
The Strategic Importance of Non-Human Identities in Cybersecurity Have you ever considered how critical Non-Human Identities (NHIs) are to the security architecture of numerous sectors? With the increasing reliance on automated systems and cloud-based environments, NHIs have become pivotal in…
Free Your Organization from Identity Threats
Are Machine Identities the Key to Freeing Your Organization from Threats? When considering ways to protect organizations from emerging cybersecurity threats, one often-overlooked element is the management of Non-Human Identities (NHIs). With more organizations migrate to the cloud, the importance…
Amazon Brings ‘Rainier’ Data Centre Project Online
First phase of Amazon’s Project Rainier data centre cluster comes online to train and run Anthropic Claude AI models, using custom chips This article has been indexed from Silicon UK Read the original article: Amazon Brings ‘Rainier’ Data Centre Project…
New Malware Infects WooCommerce Sites Through Fake Plugins to Steal Credit Card Data
A sophisticated malware campaign is actively targeting WordPress e-commerce websites using the WooCommerce plugin, according to recent findings from the Wordfence Threat Intelligence Team. The malware campaign, which employs advanced evasion techniques and multi-layered attack strategies, disguises itself as a…
Privilege Escalation Exploit Targets Windows Cloud Files Minifilter
Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025. The flaw, assigned CVE-2025-55680, was originally discovered in March 2024 and represents a significant security concern for systems utilising OneDrive and similar cloud…
Akeyless introduces AI Agent Identity Security for safer AI operations
Akeylesshas released a new AI Agent Identity Security solution designed to secure the rise of autonomous AI systems. AI Agent identity crisis More than 95% of organizations are planning to adopt and use AI agents in the next 12 months.…
Confluent Private Cloud enables real-time data streaming and governance for regulated industries
Confluent has released Confluent Private Cloud, the simplest way to deploy, manage, and govern streaming data on private infrastructure. The solution addresses the challenge of scaling Apache Kafka on-premises in highly regulated industries by bringing Confluent’s most advanced cloud-native features…
Rare Earth Supply Constraints Hit German Manufacturers
German companies manufacturing electronic, optical gear report increased supply constraints amidst rising restrictions on rare-earths This article has been indexed from Silicon UK Read the original article: Rare Earth Supply Constraints Hit German Manufacturers
Chrome 142 Update Patches 20 Security Flaws Enabling Code Execution
Google has released Chrome version 142 to the stable channel, addressing multiple critical security vulnerabilities that could allow attackers to execute malicious code on affected systems. The update, now rolling out to Windows, Mac, and Linux users, contains fixes for…
Chrome 142 Released With Fix for 20 Vulnerabilities that Allows Malicious Code Execution
Google has officially promoted Chrome 142 to the stable channel, delivering critical security updates for Windows, Mac, and Linux users. The rollout begins immediately and will continue over the next few days or weeks, ensuring widespread protection against newly discovered…
StrongestLayer launches AI Advisor to verify unknown senders in real time
StrongestLayer has launched AI Advisor, an inbox-native security assistant designed to verify first-time senders and unknown contacts in real time. The Outlook and Gmail plugin provides instant, AI-powered analysis for any email that raises suspicion, reimagining security awareness by replacing…
New OpenText capabilities enhance enterprise defense with AI across identity, data, and apps
OpenText announced new cybersecurity capabilities designed to help enterprises embed AI into everyday security operations and enforce governance and compliance at scale. OpenText Cybersecurity unifies defenses across identity, data, applications, SecOps, and forensics, putting AI directly in the flow of…