Google has released Chrome 141 to address 21 security vulnerabilities, including critical flaws that could allow attackers to crash browsers and potentially execute malicious code. The update, rolling out across Windows, Mac, and Linux platforms, patches several high-severity vulnerabilities that…
Sendit tricked kids, harvested their data, and faked messages, FTC claims
Sendit and its CEO are accused of preying on young users—signing them up illegally, misusing their data, and tricking them with bogus messages and hidden fees. This article has been indexed from Malwarebytes Read the original article: Sendit tricked kids,…
Phishing Dominates EU-Wide Intrusions, says ENISA
ENISA reveals phishing and vulnerability exploitation accounted for majority of intrusions in past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Dominates EU-Wide Intrusions, says ENISA
Termix Docker Image Leaking SSH Credentials (CVE-2025-59951)
A critical vulnerability in the official Termix Docker image puts users at risk of exposing sensitive SSH credentials. The flaw allows anyone with network access to retrieve stored host addresses, usernames, and passwords without logging in. How the Vulnerability Works…
China-linked APT Phantom Taurus uses Net-Star malware in espionage campaigns against key sectors
China-linked APT Phantom Taurus targets government and telecom orgs with Net-Star malware for espionage, using unique tactics over two years. China-nexus APT Phantom Taurus has targeted government and telecom organizations for espionage, using Net-Star malware and distinct TTPs. Phantom Taurus…
1.5 Million Impacted by Allianz Life Data Breach
In July, hackers stole files containing names, addresses, dates of birth, and Social Security numbers from a cloud-based CRM. The post 1.5 Million Impacted by Allianz Life Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
IT Security News Hourly Summary 2025-10-02 09h : 2 posts
2 posts were published in the last hour 6:33 : Chekov: Open-source static code analysis tool 6:33 : Building a mature automotive cybersecurity program beyond checklists
Microsoft Outlook for Windows Bug Leads to Crash While Opening Email
Microsoft has confirmed it is investigating a significant bug in the classic Outlook for Windows desktop client that causes the application to fail upon launch. The issue, which appears to be linked to Microsoft Exchange logon attempts, prevents users from…
Breaches set for North America, Outlook bug needs Microsoft support, Air Force admits SharePoint issue
Breach notification letters set to flood North America’s mailboxes New bug in classic Outlook only fixed via Microsoft support Air Force admits SharePoint privacy issue over breach Huge thanks to our sponsor, Nudge Security AI notetakers like Otter AI spread…
Chekov: Open-source static code analysis tool
Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code (IaC), but it also goes a step further by providing software composition…
Building a mature automotive cybersecurity program beyond checklists
In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing mature security programs, meeting regulatory requirements, and addressing supply chain risks. Sullivan also looks ahead to…
Chrome Security Update Addressing 21 Vulnerabilities
The Chrome team has released Chrome 141.0.7390.54/55 to the stable channel for Windows, Mac, and Linux, rolling out over the coming days and weeks. This update delivers critical security fixes, including 21 distinct vulnerabilities that span high, medium, and low severity. External…
Splunk Enterprise Flaws Allow Attackers to Run Unauthorized JavaScript Code
Splunk released security advisories addressing multiple vulnerabilities affecting various versions of Splunk Enterprise and Splunk Cloud Platform. The flaws range from cross-site scripting (XSS) vulnerabilities to access control bypasses, with CVSS scores ranging from 4.6 to 7.5. Critical Vulnerabilities Identified…
Microsoft Outlook Bug on Windows Devices Results in Repeated Email Crashes
Microsoft is currently investigating a significant bug affecting classic Outlook for Windows that prevents users from accessing their email accounts. The issue manifests as a persistent error message stating “Cannot start Microsoft Outlook. Cannot open the Outlook window. The set…
The energy sector is ground zero for global cyber activity
A new study from the Karlsruhe Institute of Technology shows how geopolitical tensions shape cyberattacks on power grids, fuel systems, and other critical infrastructure. How the research was done Researchers reviewed major cyber threat databases including MITRE ATT&CK Groups, CSIS,…
GPT needs to be rewired for security
LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and even planning travel. But in the SOC (where mistakes have real cost), today’s models stumble on work that demands…
Google Drive Desktop Gets AI-Powered Ransomware Detection to Block Cyberattacks
Google has unveiled a groundbreaking AI-powered ransomware detection system for its Drive desktop application, representing a significant advancement in cybersecurity protection for organizations worldwide. This innovative feature automatically halts file synchronization when malicious encryption attempts are detected, preventing widespread data…
Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Unauthorized JavaScript code
Splunk has released patches for multiple vulnerabilities in its Enterprise and Cloud Platform products, some of which could allow attackers to execute unauthorized JavaScript code, access sensitive information, or cause a denial-of-service (DoS) condition. The advisories, published on October 1,…
Biotech platforms keep missing the mark on security fundamentals
A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than two hours per company to uncover exposed genomic records, unprotected APIs, and misconfigured systems,…
Underwriting is shifting to AI-driven, real-time decisions by 2030
Underwriting is undergoing a major transformation as financial institutions push for faster decisions, better fraud detection, and greater personalization, according to a new global Experian report. By 2030, credit decisions are expected to become embedded in everyday transactions, with artificial…
Moline-Coal Valley School District Shifts from Reactive to Proactive Student Safety & Google Security
Cloud Monitor Delivers Fast, Accurate Alerts and Empowers School Staff to Support Students in Crisis Moline-Coal Valley School District in Moline, Illinois, serves a community of approximately 7,200 students and 1,000 faculty and staff. The district operates on a 1:1…
ISC Stormcast For Thursday, October 2nd, 2025 https://isc.sans.edu/podcastdetail/9638, (Thu, Oct 2nd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, October 2nd, 2025…
IT Security News Hourly Summary 2025-10-02 00h : 2 posts
2 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-10-01 21:32 : OpenSSL patches 3 vulnerabilities, urging immediate updates
IT Security News Daily Summary 2025-10-01
165 posts were published in the last hour 21:32 : OpenSSL patches 3 vulnerabilities, urging immediate updates 21:2 : WestJet Confirms Passenger IDs and Passports Stolen in Cyberattack 21:2 : Threat Actors Leveraging Senior Travel Scams to Deliver Datzbro Malware…