Cyberattacks this week underscored how inexpensively threat activity is evolving, from low-cost malicious AI to large-scale supply-chain compromises hitting npmโฆ
News
Threat Protection Pro Performance: Achieved 90% phishing detection with zero false positives in AV-Comparativesโ 2025 test. Independent Ranking: Placed thirdโฆ
Key Takeaways Third-party breach: The security incident occurred within Mixpanel's systems, a third-party analytics provider, not within OpenAI's infrastructure. Limitedโฆ
Key Takeaways Target profile: Tomiris APT is targeting foreign ministries and intergovernmental and government entities, focusing on Russian speakers andโฆ
Key Takeaways Attack confirmed: The City of Santa Paula, a government organization in the USA, has reportedly been targeted byโฆ
Key Takeaways New campaign: Scattered Lapsus$ Hunters is targeting Zendesk users with a sophisticated phishing campaign involving fake support sites.โฆ
EU Proposal: EU considers under-16 social media ban after strong parliamentary backing for unified rules across Europe. Global Influence: Australiaโsโฆ
Law Activation: Takes effect Nov 30, requiring age checks for sites with 33% harmful content. Compliance Requirements: Platforms must verifyโฆ
Annual Audit Completed: TunnelBear finishes its 8th independent security audit with full white-box testing. Findings & Fixes: Cure53 reports 13โฆ
Key Takeaways New threat: A Mirai-based botnet variant, ShadowV2, is actively exploiting multiple vulnerabilities to compromise IoT devices. Widespread exploitation:โฆ
Key Takeaways Vulnerability discovered: A security flaw in jury management systems developed by Tyler Technologies has exposed data of jurorsโฆ
Key Takeaways Multi-council impact: A cyberattack has affected at least three London councils: the RBKC, Westminster City Council, and Hammersmithโฆ
Key Takeaways FCC alert: The FCC has issued a public notice about recent cyber intrusions targeting U.S. radio broadcasters. Attackโฆ
Key Takeaways System disruption: The OnSolve CodeRED emergency alert system, used by U.S. municipalities, has been taken offline following aโฆ
Free Pro for Journalists/NGOs: Windscribe offers verified reporters and NGOs a free 1-year Pro plan. New AmneziaWG Protocol: Adds stealthโฆ
Mandatory Scanning Removed: Council drops compulsory scanning but leaves provisions enabling future surveillance expansion. New Scanning & Blocking: AI-based contentโฆ
Key Takeaways Novel attack chain: The RomCom threat group is now using the SocGholish malware delivery framework to deploy itsโฆ
Key Takeaways Low-cost access: The latest version, WormGPT 4, is available on underground forums with subscription prices starting at $50โฆ
Key Takeaways Flaw identified: A high-severity vulnerability, tracked as CVE-2025-59373, has been discovered in the ASUS MyASUS application. Potential Impact:โฆ
Key Takeaways Arrest and charges: A 21-year-old Russian cybersecurity entrepreneur has been arrested in Moscow on treason charges. Public criticism:โฆ
Get expert insights on threats, breaches, scams, and security trends โ delivered every Saturday.
Most Popular