Australia’s competition regulator has filed legal proceedings against Microsoft for allegedly misleading approximately 2.7 million Australian consumers regarding subscription options and pricing for Microsoft 365 plans. The Australian Competition and Consumer Commission claims that Microsoft deliberately concealed the availability of…
New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network
The Beast ransomware group has emerged as a significant threat in the cybersecurity landscape, evolving from the Monster ransomware strain to establish itself as a formidable Ransomware-as-a-Service operation. Officially launched in February 2025, the group rapidly expanded their infrastructure by…
Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User
A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS messages on behalf of the user. Dubbed CVE-2025-12080, the issue stems from improper handling of ACTION_SENDTO intents using URI schemes…
Apache Tomcat Path Traversal Vulnerability (CVE-2025-55752) Notice
Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the Apache Tomcat path traversal vulnerability (CVE-2025-55752); This vulnerability is a flaw introduced when fixing CVE-2016-5388. Since the rewritten URL is normalized before URL decoding, if the…
Socure enhances RiskOS AI Suite with AI agents to transform identity, compliance, and risk decisioning
Socure unveiled an expanded RiskOS AI Suite of solutions featuring six breakthrough AI agents and assistants that substantially elevate the speed, intelligence, and precision of enterprise identity, compliance, and authentication operations. The investments Socure is making in AI position RiskOS…
Nvidia Buys Nokia Stake In Data Centre Boost
Nokia shares rise most in more than a decade on Nvidia stake, as AI chip maker also says it will build US supercomputers This article has been indexed from Silicon UK Read the original article: Nvidia Buys Nokia Stake In…
Arctera InfoScale gains AI capabilities to identify and contain ransomware attacks
Arctera announced new AI-powered features in Arctera InfoScale that enable organizations to identify and respond to ransomware indicators in real time. By learning behavioral patterns across applications, storage and infrastructure, Arctera InfoScale is now able to instantly recognize the traits…
Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack
Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and VulnCheck. The vulnerabilities are listed below – CVE-2025-6204 (CVSS score: 8.0)…
OpenAI Completes For-Profit Restructure
OpenAI restructures as for-profit public benefit corporation after reaching definitive agreement with major investor Microsoft This article has been indexed from Silicon UK Read the original article: OpenAI Completes For-Profit Restructure
Amazon Cuts 14,000 Corporate Jobs
Amazon says it is to cut 14,000 corporate roles worldwide as chief executive Jassy seeks to reduce bureaucracy, find AI efficiencies This article has been indexed from Silicon UK Read the original article: Amazon Cuts 14,000 Corporate Jobs
Beast Ransomware Targets Active SMB Connections to Infect Entire Networks
A sophisticated ransomware operation known as Beast has emerged as a significant cybersecurity threat, employing aggressive network propagation tactics that leverage Server Message Block (SMB) port scanning to infiltrate and encrypt systems across enterprise environments. The threat group, which evolved…
Herodotus Android malware mimics human typing to evade detection
Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with random delays to evade detection. Threat Fabric found a new Android malware, named Herodotus, which mimics human typing by adding random delays to evade detection. Herodotus allows operators to…
9 in 10 Exchange servers in Germany still running out-of-support software
Cybersecurity agency urges organizations to upgrade or risk total network compromise Germany’s infosec office (BSI) is sounding the alarm after finding that 92 percent of the nation’s Exchange boxes are still running out-of-support software, a fortnight after Microsoft axed versions…
CISA Warns of Exploited DELMIA Factory Software Vulnerabilities
Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely. The post CISA Warns of Exploited DELMIA Factory Software Vulnerabilities appeared first on SecurityWeek. This article has been indexed from…
Privado.ai introduces AI agents to automate privacy assessments and real-time data mapping
Privado.ai released several new capabilities to automate privacy assessments and data maps for privacy teams amid growing privacy enforcement for non-compliant personal data sharing. Leveraging AI agents to reason and take action, Privado.ai’s new Agentic Assessment solution populates 100% of…
Palo Alto Networks launches Prisma AIRS 2.0 to deliver end-to-end security across the AI lifecycle
Palo Alto Networks announced Prisma AIRS 2.0, a major platform upgrade that completes the native integration of recently acquired Protect AI to deliver a comprehensive AI security platform. This release directly confronts a critical enterprise challenge: 78% of organizations are…
IT Security News Hourly Summary 2025-10-29 09h : 5 posts
5 posts were published in the last hour 8:4 : XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining 8:4 : Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files 8:4 : Microsoft Details ASP.NET Vulnerability That Enables Attackers To…
XWiki Remote Code Execution Flaw Actively Weaponized for Coinmining
A critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware on vulnerable systems. The flaw, tracked as CVE-2025-24893, represents a serious threat to organizations running unpatched XWiki installations. Cybersecurity researchers…
Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files
Docker Compose, a cornerstone tool for developers managing containerized application harbors a high-severity vulnerability that lets attackers overwrite files anywhere on a host system. Discovered in early October 2025 by Imperva, the issue stems from improper handling of remote artifacts…
Microsoft Details ASP.NET Vulnerability That Enables Attackers To Smuggle HTTP Requests
Microsoft has issued a critical security update for ASP.NET Core to address CVE-2025-55315, a high-severity flaw that enables HTTP request smuggling and could allow attackers to bypass key security controls. Disclosed on October 14, 2025, this vulnerability has a CVSS…
New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs
Intel and AMD have published advisories after academics disclosed details of the new TEE.fail attack method. The post New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs appeared first on SecurityWeek. This article has been indexed…
Trulioo expands identity platform to strengthen fraud prevention and streamline compliance
Trulioo announced product enhancements designed to build trust at every stage of the digital journey, from initial verification and payment processing to ongoing compliance monitoring and risk assessment. The latest innovations, delivered across the Trulioo identity platform, provide transparency, fraud…
What is the commonality between NASCAR and Formula 1’s FIA? Both were hacked earlier this year.
While very different, there is a lot of common ground between the Formula 1’s International Automobile Federation (FIA) and the National Association for Stock Car… The post What is the commonality between NASCAR and Formula 1’s FIA? Both were hacked…
Gunra Ransomware Targets Windows and Linux with Dual Encryption
The cybersecurity landscape continues to face persistent threats from emerging ransomware groups, with Gunra representing a significant concern since its emergence in April 2025. This threat actor has launched systematic attacks across multiple industries and geographic regions, including documented incidents…