OpenAI is not planning to ship GPT-6 this year, but that doesn't necessarily mean the company will not release new models. [...]

Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor....

The following is a personal statement. Today is a day of national protest against the authoritarian regime being imposed by a narcissist and those who are afraid to stand up to him. Today is the...

The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access...

A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. [...]

Plus: A secret FBI anti-ransomware task force gets exposed, the mystery of the CIA’s Kryptos sculpture is finally solved, North Koreans busted hiding malware in the Ethereum blockchain, and more.

IntroductionWhen a company that manages data for millions of UK citizens falls victim to ransomware, the whole industry should pay attention to it. On 15 October 2025, the UK Information...

Joseph Topping reports: Heywood Hospital and Athol Hospital said a network outage this week was caused by a cybersecurity incident. The hospitals said they took affected systems offline and...

Ionut Arghire reports: More than 17 million individuals were likely impacted by a data breach at peer-to-peer lending marketplace Prosper, data breach notification service Have I Been Pwned warns....

Good video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

Authorities arrested seven people allegedly involved in the operation and seized 1,200 SIM boxes containing 40,000 active SIM cards. The post Europol dismantles cybercrime network linked to $5.8M...

On October 14, the attorney for the man whom France claims to be the head of ShinyHunters held a press conference that included some statements on his client’s case. So far, neither France nor the...

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is...

The danger isn’t that AI agents have bad days — it’s that they never do. They execute faithfully, even when what they’re executing is a mistake. A single misstep in logic or access can turn...

On August 9, F5 discovered that multiple systems were compromised by what it is calling a "highly sophisticated nation-state threat actor" who maintained "long-term, persistent access to certain...

On August 9, F5 discovered that multiple systems were compromised by what it is calling a "highly sophisticated nation-state threat actor" who maintained "long-term, persistent access to certain...

P2P lending platform says it could not verify the claims at present Data breach tracker HaveIBeenPwned claims the victim count of peer-to-peer lender Prosper's September cyberattack stands at 17.6...

ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification. [...]

Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American...

The indictment of the former national security adviser is the latest against President Donald Trump’s political enemies. The post John Bolton indictment says suspected Iranian hackers accessed his...

Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code. The...

Every day brings a new lesson in cyber threat intelligence (CTI). In this Curated Intel Diary series, we’ll be sharing quick thoughts, tips, and takeaways from the trenches, small insights that...

Authorities raided a "SIM farm" operation that used tens of thousands of cards to enable fraud in several European countries, including Latvia and Austria.

This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during July and August

Microsoft has removed two more compatibility holds preventing customers from installing Windows 11 24H2 via Windows Update. [...]

Siemens ProductCERT has recently issued a series of security advisories alerting users to several critical vulnerabilities found across various Siemens industrial and automation products. One of...

Sharing views POTUS doesn't like? Say goodbye to that visa, First Amendment be damned Updated Lawyers at the Electronic Frontier Foundation (EFF) are helping three US labor unions sue the Trump...

Google has issued an urgent security update for its Chrome browser, addressing a high-severity vulnerability tracked as CVE-2025-11756. This flaw, which affects Chrome's Safe Browsing feature,...

European law enforcement in an operation codenamed 'SIMCARTEL' has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5 million euros in losses. [...]

DOJ seizes $15B in crypto, DPRK hackers steal cryptocurrency via EtherHiding, and Microsoft Defender flaws could lead to theft of sensitive data.