First phase of Amazon’s Project Rainier data centre cluster comes online to train and run Anthropic Claude AI models, using custom chips This article has been indexed from Silicon UK Read the original article: Amazon Brings ‘Rainier’ Data Centre Project…
New Malware Infects WooCommerce Sites Through Fake Plugins to Steal Credit Card Data
A sophisticated malware campaign is actively targeting WordPress e-commerce websites using the WooCommerce plugin, according to recent findings from the Wordfence Threat Intelligence Team. The malware campaign, which employs advanced evasion techniques and multi-layered attack strategies, disguises itself as a…
Privilege Escalation Exploit Targets Windows Cloud Files Minifilter
Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025. The flaw, assigned CVE-2025-55680, was originally discovered in March 2024 and represents a significant security concern for systems utilising OneDrive and similar cloud…
Akeyless introduces AI Agent Identity Security for safer AI operations
Akeylesshas released a new AI Agent Identity Security solution designed to secure the rise of autonomous AI systems. AI Agent identity crisis More than 95% of organizations are planning to adopt and use AI agents in the next 12 months.…
Confluent Private Cloud enables real-time data streaming and governance for regulated industries
Confluent has released Confluent Private Cloud, the simplest way to deploy, manage, and govern streaming data on private infrastructure. The solution addresses the challenge of scaling Apache Kafka on-premises in highly regulated industries by bringing Confluent’s most advanced cloud-native features…
Rare Earth Supply Constraints Hit German Manufacturers
German companies manufacturing electronic, optical gear report increased supply constraints amidst rising restrictions on rare-earths This article has been indexed from Silicon UK Read the original article: Rare Earth Supply Constraints Hit German Manufacturers
Chrome 142 Update Patches 20 Security Flaws Enabling Code Execution
Google has released Chrome version 142 to the stable channel, addressing multiple critical security vulnerabilities that could allow attackers to execute malicious code on affected systems. The update, now rolling out to Windows, Mac, and Linux users, contains fixes for…
Chrome 142 Released With Fix for 20 Vulnerabilities that Allows Malicious Code Execution
Google has officially promoted Chrome 142 to the stable channel, delivering critical security updates for Windows, Mac, and Linux users. The rollout begins immediately and will continue over the next few days or weeks, ensuring widespread protection against newly discovered…
StrongestLayer launches AI Advisor to verify unknown senders in real time
StrongestLayer has launched AI Advisor, an inbox-native security assistant designed to verify first-time senders and unknown contacts in real time. The Outlook and Gmail plugin provides instant, AI-powered analysis for any email that raises suspicion, reimagining security awareness by replacing…
New OpenText capabilities enhance enterprise defense with AI across identity, data, and apps
OpenText announced new cybersecurity capabilities designed to help enterprises embed AI into everyday security operations and enforce governance and compliance at scale. OpenText Cybersecurity unifies defenses across identity, data, applications, SecOps, and forensics, putting AI directly in the flow of…
IT Security News Hourly Summary 2025-10-30 09h : 4 posts
4 posts were published in the last hour 8:4 : US Senate Proposes AI Companion Ban For Minors 8:4 : 12 Malicious Extensions in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials 7:33 : How neighbors could spy on…
US Senate Proposes AI Companion Ban For Minors
Character.ai to restrict use by under-18s, after Senate proposes banning minors from use of ‘treacherous chatbots’ This article has been indexed from Silicon UK Read the original article: US Senate Proposes AI Companion Ban For Minors
12 Malicious Extensions in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials
The VSCode extension marketplace has become a critical vulnerability in the software supply chain. Security researchers at HelixGuard Team recently discovered 12 malicious extensions operating within the Microsoft VSCode Marketplace and OpenVSX, with four remaining active despite their detection. These…
How neighbors could spy on smart homes
Even with strong wireless encryption, privacy in connected homes may be thinner than expected. A new study from Leipzig University shows that someone in an adjacent apartment could learn personal details about a household without breaking any encryption. By monitoring…
LG Uplus confirms breach, Conduent attack impacts 10M+, hackers exploit tools against Ukraine
LG Uplus confirms cybersecurity incident 10 million+ impacted by Conduent breach Russian hackers exploit tools against Ukrainian targets Huge thanks to our sponsor, Conveyor Security reviews don’t have to feel like a hurricane. Most teams are buried in back-and-forth emails…
How the City of Toronto embeds security across governance and operations
In this Help Net Security interview, Andree Noel, Deputy CISO at City of Toronto, discusses how the municipality strengthens its cyber defense by embedding security into strategic objectives and digital governance. She outlines the City’s approach to addressing evolving threats…
Your photo could be all AI needs to clone your voice
A photo of someone’s face may be all an attacker needs to create a convincing synthetic voice. A new study from Australia’s national science agency explores this possibility, testing how well deepfake detectors perform against FOICE (Face-to-Voice), an attack attack…
WordPress Plugin Vulnerability Lets Attackers Read Any Server File
A critical security flaw has been discovered in the Anti-Malware Security and Brute-Force Firewall WordPress plugin, putting more than 100,000 websites at risk. The vulnerability, identified as CVE-2025-11705, allows authenticated attackers with basic subscriber-level access to read any file stored…
CISA Alerts on Active Exploitation of WSUS Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about active exploitation of a critical vulnerability affecting Windows Server Update Service (WSUS). The agency updated its alert on October 29, 2025, adding crucial information about identifying vulnerable…
PhantomRaven Attack Discovered in 126 Malicious npm Packages, Exceeding 86,000 Downloads
The global developer community has been rocked by the emergence of PhantomRaven, a far-reaching campaign involving 126 malicious npm packages with more than 86,000 downloads. Lurking beneath the surface, these packages actively steal npm tokens, GitHub credentials, and CI/CD secrets…
Hottest cybersecurity open-source tools of the month: October 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Chekov: Open-source static code analysis tool Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At…
PolarEdge Botnet Hits 25K IoT Devices in Major Cyber Campaign
Cybersecurity researchers at XLab have uncovered a sophisticated infrastructure-as-a-service botnet operation called PolarEdge, which has compromised over 25,000 Internet of Things devices and established 140 command-and-control servers through systematic exploitation of vulnerable edge devices. The newly exposed RPX relay system…
CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability
In a critical update issued on October 29, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) has provided organizations with enhanced guidance on detecting and mitigating threat activity related to the actively exploited CVE-2025-59287 vulnerability in Microsoft’s Windows Server Update…
Email breaches are the silent killers of business growth
78% of organizations were hit by an email breach in the past 12 months, according to the Email Security Breach Report 2025 by Barracuda. Phishing, impersonation, and account takeover continue to drive incidents that often lead to ransomware and data…