Spanish fashion retailer MANGO disclosed a data breach after a marketing vendor compromise exposed customer personal information. Mango is a global fashion brand founded in Barcelona in 1984, it has over 2,850 stores in 120 countries and 16,400 employees. In…
Machine learning meets malware: how AI-powered ransomware could destroy your business
How to avoid your business being felled by an AI-powered ransomware attack that costs less than a laptop. Passwork KNP Logistics Group, a British transport company from Northamptonshire that’s been around longer than the mass-produced lightbulb, collapsed after a devastating…
IT Security News Hourly Summary 2025-10-16 09h : 7 posts
7 posts were published in the last hour 7:2 : Capita Fined £14m Over 2023 Mass Data Theft 6:41 : NightMARE: A Python Library for Advanced Malware Analysis and Threat Intelligence Extraction 6:41 : Cisco SNMP Vulnerability Actively Exploited to…
Walmart, OpenAI Enable Purchases Through ChatGPT
Users will be able to browse items and make purchases from Walmart or Sam’s Club without leaving ChatGPT chat, companies say This article has been indexed from Silicon UK Read the original article: Walmart, OpenAI Enable Purchases Through ChatGPT
PhantomVAI Loader Launches Global Campaign to Distribute AsyncRAT, XWorm, FormBook, and DCRat
PhantomVAI Loader, a newly renamed multi-stage .NET loader tracked by Unit 42, is being used in widespread phishing campaigns to deliver a variety of information-stealing malware families. Initially identified as Katz Stealer Loader for its role in deploying the Katz…
Veeam launches Data Cloud for MSPs to simplify Microsoft 365 and Entra ID protection
Veeam Software announced the availability of Veeam Data Cloud (VDC) for Managed Service Providers (MSPs) through the Veeam Cloud & Service Provider (VCSP) program. Designed to empower third-party service providers, Veeam Data Cloud delivers secure, scalable, and resilient data protection…
MANGO discloses data breach, Jewelbug infiltrates Russian IT network, nation-state behind F5 attack?
MANGO discloses data breach Threat group ‘Jewelbug’ infiltrates Russian IT network F5 discloses breach tied to nation-state threat actor Huge thanks to our sponsor, Vanta What’s your 2 AM security worry? Is it “Do I have the right controls…
Bitcoin Worth $14bn Seized In ‘Scam Farm’ Crackdown
Joint US-UK operation sanctions Cambodian national for running scam farms staffed with forced labor, sanctions international group This article has been indexed from Silicon UK Read the original article: Bitcoin Worth $14bn Seized In ‘Scam Farm’ Crackdown
Malicious Ivanti VPN Client Sites in Google Search Deliver Malware — Users Warned
Cybersecurity researchers at Zscaler have uncovered a sophisticated malware campaign that exploits search engine optimization (SEO) poisoning to distribute a trojanized version of the Ivanti Pulse Secure VPN client, targeting unsuspecting users seeking legitimate software downloads. The Zscaler Threat Hunting…
Cayosoft Guardian Protector safeguards Microsoft 365 and hybrid identity systems
Cayosoft introduced Cayosoft Guardian Protector, a free, always-on solution that delivers real-time threat detection, proactive alerts, resolution guidance, and change history for complex Microsoft hybrid identity environments. Cayosoft Guardian Protector provides administrators and security teams with continuous, real-time visibility and…
Capita Fined £14m Over 2023 Mass Data Theft
ICO imposes reduced fine on Capita over security failings that led to 2023 theft of sensitive data on 6.6 million people This article has been indexed from Silicon UK Read the original article: Capita Fined £14m Over 2023 Mass Data…
NightMARE: A Python Library for Advanced Malware Analysis and Threat Intelligence Extraction
Elastic Security Labs has officially released nightMARE version 0.16, a comprehensive Python library designed to streamline malware analysis and reverse engineering workflows. The open-source tool consolidates multiple analysis capabilities into a single framework, enabling security researchers to extract configuration data…
Cisco SNMP Vulnerability Actively Exploited to Install Linux Rootkits
Cybersecurity researchers at Trend Micro have discovered an active attack campaign dubbed “Operation Zero Disco” that exploits a critical vulnerability in Cisco’s Simple Network Management Protocol (SNMP) implementation. The vulnerability, tracked as CVE-2025-20352, allows threat actors to execute remote code…
New Banking Malware Abusing WhatsApp to Gain Complete Remote Access to Your Computer
A sophisticated banking Trojan named Maverick has emerged in Brazil, leveraging WhatsApp as its primary distribution channel to compromise thousands of users. The malware campaign was detected in mid-October 2025, with cybersecurity solutions blocking over 62,000 infection attempts in just…
Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature
Microsoft has disclosed two critical vulnerabilities in its Windows BitLocker encryption feature, allowing attackers with physical access to bypass security protections and access encrypted data. Released on October 14, 2025, as part of the latest Patch Tuesday updates, these flaws,…
AI and the Golden Age of Surveillance
AI has ended the age of inefficient surveillance. Explore how automation, data, and machine learning are reshaping privacy, power, and the Fourth Amendment. The post AI and the Golden Age of Surveillance appeared first on Security Boulevard. This article has…
When trusted AI connections turn hostile
Researchers have revealed a new security blind spot in how LLM applications connect to external systems. Their study shows that malicious Model Context Protocol (MCP) servers can quietly take control of hosts, manipulate LLM behavior, and deceive users, all while…
Microsoft’s October 2025 Patches Disrupt Active Directory Sync on Server 2025 Systems
Microsoft has confirmed a critical issue affecting Windows Server 2025 systems following the installation of October 2025 security updates. The problem disrupts Active Directory directory synchronization, specifically impacting organizations managing large security groups with more than 10,000 members. Directory Sync…
Designing Security for Developers, Not Around Them
GenAI boosts developer productivity—but also risk. Learn how developer-first security embeds data protection early, securing code and AI pipelines from the start. The post Designing Security for Developers, Not Around Them appeared first on Security Boulevard. This article has been…
Identifying risky candidates: Practical steps for security leaders
Effective insider threat defense begins with candidate vetting. Background checks and reference calls can confirm elements of an applicant’s history, but they rarely surface the deeper risks that can turn into costly problems down the line. Identity verification, credential validation,…
New Banking Malware Exploits WhatsApp to Hijack Your Computer Remotely
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting Brazilian users through WhatsApp, delivering a dangerous new banking Trojan dubbed “Maverick.” The threat has already blocked over 62,000 infection attempts in Brazil during the first 10 days of October alone,…
Microsoft Halts Vanilla Tempest Cyberattack by Revoking Malicious Teams Installer Certificates
Microsoft has successfully disrupted a major cyberattack campaign orchestrated by the Vanilla Tempest threat group in early October 2025. The tech giant revoked over 200 fraudulent certificates that the cybercriminals had used to sign fake Microsoft Teams installation files, which…
Microsoft Disrupted Vanilla Tempest Attack by Revoking Certificates Used to Sign Fake Teams File
Microsoft announced that it had revoked more than 200 digital certificates exploited by the notorious Vanilla Tempest hacking group. This action effectively disrupted an ongoing campaign where attackers impersonated Microsoft Teams installations to infiltrate corporate networks and deploy ransomware. The…
Everyone wants AI, but few are ready to defend it
The rush to deploy AI is reshaping how companies think about risk, according to Cisco. A global study finds that while most organizations are moving quickly to adopt AI, many are not ready for the pressure it puts on their…