Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours—dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication—often originating from…
How to Use a Password Manager to Share Your Logins After You Die (2025)
Your logins will live on after you pass on. Make sure they end up in the right hands. This article has been indexed from Security Latest Read the original article: How to Use a Password Manager to Share Your Logins…
SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account
A critical flaw in SUSE Rancher’s user management module allows privileged users to disrupt administrative access by modifying usernames of other accounts. Tracked as CVE-2024-58260, this vulnerability affects Rancher Manager versions 2.9.0 through 2.12.1, enabling both username takeover and full…
WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File
WhatsApp 0-click remote code execution (RCE) vulnerability affecting Apple’s iOS, macOS, and iPadOS platforms, detailed with a proof of concept demonstration. The attack chain exploits two distinct vulnerabilities, identified as CVE-2025-55177 and CVE-2025-43300, to compromise a target device without requiring…
UK minister suggests government could ditch ‘dangerous’ Elon Musk’s X
Ed Miliband takes aim at social media overlord for promoting violence and disinformation The UK government should consider the possibility of leaving social media platform X, a high-profile minister has suggested.… This article has been indexed from The Register –…
How Users Can Identify Spying on Their Wi-Fi Network
The wireless network has become a powerful invisible infrastructure that powers both homes and businesses in today’s interconnected world, silently enabling everything from personal communication to business operations. In the same way that electricity has transformed from being an…
SpamGPT: AI-Powered Phishing Tool Puts Cybersecurity at Risk
While most people have heard of ChatGPT, a new threat called SpamGPT is now making headlines. Security researchers at Varonis have discovered that this professional-grade email campaign tool is designed specifically for cybercriminals. The platform, they report, offers “all…
IT Security News Hourly Summary 2025-09-29 12h : 4 posts
4 posts were published in the last hour 9:32 : Critical Security Flaw in MyCourts: What Tennis Clubs Need to Know 9:32 : Digital ID, same place, different time: In this timeline, the result might surprise us 9:32 : The…
Akira Ransomware bypasses MFA on SonicWall VPNs
Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using credentials obtained from the exploitation of the CVE-2024-40766 vulnerability, bypassing OTP…
Harrods blames its supplier after crims steal 430k customers’ data in fresh attack
Attackers make contact but negotiations fall on deaf ears Luxury London-based retailer Harrods is facing its second cybersecurity scandal in 2025, confirming criminals not only stole 430,000 customers’ data in a fresh attack but have even made contact.… This article…
Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention
The government has announced a support package, but a cybersecurity expert has raised some concerns. The post Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
SafeHill Emerges from Stealth With $2.6 Million Pre-Seed Funding
Co-founder Hector Monsegur, formerly known as “Sabu,” a black hat hacker and leader of LulzSec, now serves as SafeHill’s chief research officer. The post SafeHill Emerges from Stealth With $2.6 Million Pre-Seed Funding appeared first on SecurityWeek. This article has…
Two-Thirds of Organizations Have Unfilled Cybersecurity Positions
Recruitment and retention remain a significant challenge for security teams, amid growing pressures on cyber professionals This article has been indexed from www.infosecurity-magazine.com Read the original article: Two-Thirds of Organizations Have Unfilled Cybersecurity Positions
New Olymp Loader Malware-as-a-Service Promises Defender Bypass with Auto Certificate Signing
Olymp Loader, a newly emerged Malware-as-a-Service (MaaS) offering, has rapidly gained traction across underground forums and Telegram since its debut on June 5, 2025. Developed by a trio of seasoned Assembly coders under the alias “OLYMPO,” the loader boasts fully…
Tile Tracking Tags Can Be Exploited by Tech-Savvy Stalkers, Researchers Say
A team of researchers found that, by not encrypting the data broadcast by Tile tags, users could be vulnerable to having their location information exposed to malicious actors. This article has been indexed from Security Latest Read the original article:…
Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild
The cybersecurity landscape experienced a significant escalation in September 2025, when Cisco disclosed multiple critical zero-day vulnerabilities affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) platforms. At the center of this security crisis lies CVE-2025-20333, a devastating…
Jaguar Land Rover gets £1.5B government jump-start after cyber breakdown
Hundreds of thousands of workers in financial despair supported with landmark loan The UK government is stepping in with financial support for Jaguar Land Rover, providing it with a hefty loan as it continues to battle the fallout from a…
Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues
In one attack, the hackers leveraged the Datto RMM utility on a domain controller and various other legitimate tools to evade detection. The post Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues appeared first on SecurityWeek. This article has been indexed…
Dutch Teens Arrested for Allegedly Helping Russian Hackers
One of the two 17-year-old boys allegedly walked by law enforcement and embassy offices carrying a Wi-Fi sniffer. The post Dutch Teens Arrested for Allegedly Helping Russian Hackers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package
Cybersecurity researchers have discovered what has been described as the first-ever instance of a Model Context Protocol (MCP) server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue…
Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads and evade security defenses. “Appearing to be aided by a large language…
Critical Security Flaw in MyCourts: What Tennis Clubs Need to Know
A serious security vulnerability has been discovered in MyCourts, the popular tennis court booking and… Critical Security Flaw in MyCourts: What Tennis Clubs Need to Know on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.…
Digital ID, same place, different time: In this timeline, the result might surprise us
Socio political backdrop is not what it once was…. Opinion UK Prime Minister Keir Starmer directly addressed his new policy of mandatory digital ID in the country for 23 seconds in its effective launch speech.… This article has been indexed…
The Security Maginot Line: Fighting Tomorrow’s Cyber Attacks With Yesterday’s Tech
Alan warns that cybersecurity is stuck in a “Maginot Line” mindset — clinging to outdated tools while attackers weaponize AI, supply chain compromises, and polymorphic malware. He argues for AI-native defenses, real agentic automation, and stronger supply chain vetting to…