Schools in the US are installing vape-detection tech in bathrooms to thwart student nicotine and cannabis use. A new investigation reveals the impact of using spying to solve a problem. This article has been indexed from Security Latest Read the…
IT threat evolution in Q3 2025. Mobile statistics
The report features statistics on mobile threats for the third quarter of 2025, along with interesting findings and trends from the quarter, including an increase in ransomware activity in Germany, and more. This article has been indexed from Securelist Read…
Bridewell CEO gives cyber predictions for 2026
As global economic pressures increase and budgets across both public and private sectors are cut, Anthony Young, CEO at Bridewell, a company that provides cybersecurity services to CNI organisations, is warning of a critical inflection point for 2026, where organisations…
Threat group reroutes software updates through hacked network gear
Sometimes an attack hides in the most ordinary corner of a network. ESET researchers say a China aligned threat group known as PlushDaemon has been quietly using hacked routers to steer software updates toward its own servers. The discovery shows…
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
Malicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks. The second-order prompt injection, according to AppOmni, makes use of Now Assist’s agent-to-agent discovery to…
EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates
The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle (AitM) attacks. EdgeStepper “redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate…
China-Linked Operation “WrtHug” Hijacks Thousands of ASUS Routers
SecurityScorecard has revealed a new Chinese campaign targeting thousands of ASUS routers globally This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Operation “WrtHug” Hijacks Thousands of ASUS Routers
IT threat evolution in Q3 2025. Non-mobile statistics
The report presents key trends and statistics on malware that targets personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during the third quarter of 2025. This article has been indexed from Securelist Read the…
WhatsApp Vulnerability Exposes 3.5 Billion Users’ Phone Numbers
A critical security flaw in WhatsApp has allowed researchers to expose the phone numbers of 3.5 billion users, marking one of the most significant data leaks ever documented. This vulnerability, rooted in the app’s contact discovery feature, persisted despite warnings…
Malicious ‘Free’ VPN Extension with 9 Million Installs Hijacks User Traffic and Steals Browsing Data
A deceptive browser campaign has exposed millions of users to extensive surveillance through seemingly innocent VPN extensions. Chrome extensions marketed as “Free Unlimited VPN” services accumulated over 9 million installations before security detection, with the malware remaining hidden for nearly…
Microsoft Threat Intelligence Briefing Agent Now Integrated With the Defender Portal
Microsoft unveiled significant enhancements to threat intelligence at Ignite 2025, bringing the Threat Intelligence Briefing Agent directly into the Defender portal. This integration marks a pivotal shift in how security teams approach cyber defense, moving from reactive responses to proactive…
Critical SolarWinds Serv-U Vulnerabilities Let Attackers Execute Malicious Code Remotely as Admin
SolarWinds has released security patches addressing three critical remote code execution vulnerabilities in Serv-U that could allow attackers with administrative privileges to execute arbitrary code on affected systems. The vulnerabilities disclosed in Serv-U version 15.5.3 pose significant risks to organizations…
Microsoft Integrated Azure Firewall With AI-powered Security Copilot
Microsoft has enhanced its cloud security capabilities by integrating Azure Firewall with Security Copilot, an AI-powered security solution designed to help security teams work faster and more efficiently. This integration allows security analysts to investigate malicious network traffic using simple,…
Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week
An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system. The post Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Half of Ransomware Access Due to Hijacked VPN Credentials
Beazley Security data finds the top cause of initial access for ransomware in Q3 was compromised VPN credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Ransomware Access Due to Hijacked VPN Credentials
Tens of thousands more ASUS routers pwned by suspected, evolving China operation
Researchers say attacks are laying the groundwork for stealthy espionage activity Around 50,000 ASUS routers have been compromised in a sophisticated attack that researchers believe may be linked to China, according to findings released today by SecurityScorecard’s STRIKE team.… This…
Arctic Wolf expands MDR capabilities with Abnormal AI behavioral email intelligence
Arctic Wolf announced a new integration between the Arctic Wolf Aurora Platform and Abnormal AI, expanding detection and response capabilities across one of the most targeted attack surfaces, email. The integration brings Abnormal AI’s behavioral AI detections directly into Arctic…
Sophos adds Intelix threat intelligence to Microsoft Security and 365 Copilot
Sophos announced the general availability of new integrations that connect Sophos Intelix, its cyber threat intelligence repository, with Microsoft Security Copilot and Microsoft 365 Copilot. Organizations of all sizes now gain real-time access to Sophos threat intelligence within Microsoft’s AI-powered…
Microsoft Adds Azure Firewall With AI-Powered Security Copilot
Microsoft has integrated Azure Firewall with its AI-powered Security Copilot platform, bringing natural language threat investigation capabilities to cloud network security teams. The new integration allows security analysts to investigate malicious network traffic using conversational prompts instead of complex query…
Critical SolarWinds Serv-U Flaws Allow Remote Admin-Level Code Execution
SolarWinds has released an urgent security update for its Serv-U file transfer software, patching three critical vulnerabilities that could enable attackers with administrative access to execute remote code on affected systems. The flaws, all rated 9.1 on the CVSS severity…
New npm Malware Campaign Checks If Visitor Is a Victim or Researcher Before Initiating Infection
The Socket Threat Research Team has uncovered a sophisticated npm malware campaign orchestrated by the threat actor dino_reborn, who deployed 7 malicious packages designed to distinguish genuine targets from security researchers before executing their payloads. This nuanced approach represents a…
New FortiWeb 0-Day Code Execution Flaw Actively Exploited
Fortinet has disclosed a critical OS command injection vulnerability affecting multiple versions of FortiWeb that is currently being exploited in the wild. The flaw, tracked as CVE-2025-58034, allows authenticated attackers to execute unauthorized code on vulnerable systems through specially crafted…
New ShadowRay Exploit Targets Vulnerability in Ray AI Framework to Attack AI Systems
Oligo Security researchers have uncovered an active global hacking campaign that leverages artificial intelligence to attack AI infrastructure. The operation, dubbed ShadowRay 2.0, exploits a known yet disputed vulnerability in Ray an open-source framework powering numerous AI systems worldwide to…
Selling technology investments to the board: a strategic guide for CISOs and CIOs
The C-suite will have zero interest in zero trust without a good business case Partner Content In today’s enterprise environment, technology investments are no longer judged solely by their technical sophistication. Approval depends on their ability to support business goals,…