1 posts were published in the last hour 10:2 : Vietnam Airlines – 7,316,915 breached accounts
‘Happy Gilmore’ Producer Buys Spyware Maker NSO Group
Plus: US government cybersecurity staffers get reassigned to do immigration work, a hack exposes sensitive age-verification data of Discord users, and more. This article has been indexed from Security Latest Read the original article: ‘Happy Gilmore’ Producer Buys Spyware Maker…
New Stealit Malware Exploits Node.js Extensions to Target Windows Systems
Security researchers have identified a new, active campaign of the Stealit malware that uses an experimental Node.js feature to infect Windows systems. According to a report from FortiGuard Labs, threat actors are leveraging Node.js’s Single Executable Application (SEA) functionality to…
Hackers Attacking Remote Desktop Protocol Services from 100,000+ IP Addresses
A massive, coordinated botnet campaign is actively targeting Remote Desktop Protocol (RDP) services across the United States. Security firm GreyNoise reported on October 8, 2025, that it has been tracking a significant wave of attacks originating from over 100,000 unique…
5 Immediate Steps to be Followed After Clicking on a Malicious Link
Clicking on a malicious link can quickly turn your device into a security risk. Just seconds after clicking, your browser might start downloading malware, taking advantage of weaknesses, or sending you to fake websites that try to steal your personal…
Vietnam Airlines – 7,316,915 breached accounts
In October 2025, data stolen from the Salesforce instances of multiple companies by a hacking group calling itself “Scattered LAPSUS$ Hunters” was publicly released. Among the affected organisations was Vietnam Airlines, which had 7.5M unique customer email addresses exposed following…
Bridewell encourages elevating “untapped talent” this Cybersecurity Awareness Month
Bridewell, a cybersecurity provider to CNI organisations, is marking Cybersecurity Awareness Month by encouraging the industry to make cybersecurity careers more accessible to individuals from all backgrounds in order to address the UK’s chronic skills shortage. To lead by example…
New Kali Tool llm-tools-nmap Uses Nmap For Network Scanning Capabilities
Along with the release of Kali Linux 2025.3, a major update introduces an innovative tool that combines artificial intelligence and cybersecurity: the llm-tools-nmap. A new experimental plugin, llm-tools-nmap, has been released, providing Simon Willison’s command-line Large Language Model (LLM) tool with…
The Role and Evolution of Virtual CISOs with Craig Taylor
In this episode of Cybersecurity Today, Jim hosts Craig Taylor, a seasoned virtual Chief Information Security Officer (vCISO) with over 25 years of experience. They discuss the evolution and significance of the vCISO role, Taylor’s career path, and the founding…
IT Security News Hourly Summary 2025-10-11 06h : 2 posts
2 posts were published in the last hour 4:2 : Oura Users Express Concern Over Pentagon Partnership Amid Privacy Debates 4:2 : Agentic AI Demands Stronger Digital Trust Systems
Oura Users Express Concern Over Pentagon Partnership Amid Privacy Debates
Oura, the Finnish company known for its smart health-tracking rings, has recently drawn public attention after announcing a new manufacturing facility in Texas aimed at meeting the needs of the U.S. Department of Defense (DoD). The partnership, which has…
Agentic AI Demands Stronger Digital Trust Systems
As agentic AI becomes more common across industries, companies face a new cybersecurity challenge: how to verify and secure systems that operate independently, make decisions on their own, and appear or disappear without human involvement. Consider a financial firm…
IT Security News Hourly Summary 2025-10-11 03h : 1 posts
1 posts were published in the last hour 0:32 : Apple doubles maximum bug bounty to $2M for zero-click RCEs
Apple doubles maximum bug bounty to $2M for zero-click RCEs
Apple raised bug bounties to $2M for zero-click RCEs, doubling payouts. Since 2020, it’s paid $35M to 800 researchers. Apple doubled its bug bounty rewards, now offering up to $2 million for zero-click remote code execution flaws. Since 2020, the…
Week in Review: Crowdsourced ransomware campaign, Windows 10 woes, California opts out
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Mike Lockhart, CISO Eagleview, and Dustin Sachs, chief technologist at CyberRisk collaborative, and author of Behavioral Insights in Cybersecurity Thanks…
IT Security News Hourly Summary 2025-10-11 00h : 4 posts
4 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-10-10 22:2 : FBI Seizes BreachForums Portal Used in Salesforce Extortion Campaign 21:32 : The Golden Scale: Bling Libra and the Evolving Extortion Economy 21:32…
News alert: SquareX exposes how AI browsers fall prey to OAuth hijacks and malware traps
PALO ALTO, Calif., Oct. 9, 2025, CyberNewswire — As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security research exposing major vulnerabilities that could allow attackers to exploit AI Browsers to exfiltrate sensitive data, distribute malware and…
IT Security News Daily Summary 2025-10-10
134 posts were published in the last hour 21:32 : The Golden Scale: Bling Libra and the Evolving Extortion Economy 21:32 : Critical WordPress Plugin Vulnerability Allows Admin Account Takeover 21:2 : CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft…
Independent Verification of NHI Security: Necessary?
Why Is Independent Verification of Non-Human Identities Crucial for Cybersecurity? When it comes to cybersecurity, how often do organizations think about their machine identities, often overlooked yet vital for robust security protocols? The management of Non-Human Identities (NHIs) is increasingly…
How Safe Are Your Non-Human Identities Really?
Are You Harnessing the Full Potential of Non-Human Identities in Your Cloud Security Strategy? Non-human identities (NHIs) are revolutionizing the approach to cybersecurity strategy, particularly for organizations navigating the complexities of cloud environments. But what exactly are NHIs, and how…
FBI Seizes BreachForums Portal Used in Salesforce Extortion Campaign
The FBI’s takedown of BreachForums disrupted a major Salesforce extortion campaign. The post FBI Seizes BreachForums Portal Used in Salesforce Extortion Campaign appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: FBI…
The Golden Scale: Bling Libra and the Evolving Extortion Economy
Scattered Lapsus$ Hunters: Organizations, be aware of the effort of this cybercriminal alliance as they target retail and hospitality for extortion. The post The Golden Scale: Bling Libra and the Evolving Extortion Economy appeared first on Unit 42. This article…
Critical WordPress Plugin Vulnerability Allows Admin Account Takeover
Critical WordPress flaw lets attackers gain admin control, stressing the need for fast patching. The post Critical WordPress Plugin Vulnerability Allows Admin Account Takeover appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft
A GitHub Copilot Chat bug let attackers steal private code via prompt injection. Learn how CamoLeak worked and how to defend against AI risks. The post CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft appeared first on eSecurity Planet. This…