Citrix Netscaler backdoors — Part One — May 2025 activity against governmentsThis is a follow up post to the prior one, part of a series looking at different Netscaler vulnerabilities that have...

Cybercriminals are abusing Meta's advertising platforms with fake offers of a free TradingView Premium app that spreads the Brokewell malware for Android. [...]

OpenAI has announced a big update for Codex, which is the company's agentic coding tool. [...]

Anthropic is planning to bring the famous Claude Code to the web, and it might be similar to ChatGPT Codex, but you'll need GitHub to get started. [...]

If you use ChatGPT to learn new topics, you might want to try its new flashcard-based quiz feature, which can help you evaluate your progress. [...]

OpenAI is working on a new feature called the Thinking effort picker for ChatGPT. [...]

Threat actors have been using multiple websites promoted through Google ads to distribute a convincing PDF editing app that delivers an info-stealing malware called TamperedChef. [...]

Shunsuke Minowa and Poonyisa Sornchangwat of Nagashima Ohno & Tsunematsu write: 1. Background On 1 August 2025, Thailand’s Personal Data Protection Committee (“PDPC”) announced the issuance of 8...

A.J. S. Dhaliwal, Mehul N. Madia, Maxwell Earp-Thomas of Sheppard, Mullin, Richter & Hampton write: On August 19, Massachusetts Attorney General Andrea Joy Campbell announced a $795,000 settlement...

Spoiler alert: If winning 10 million dollars from a foreign country’s lottery sounds too good to be true—it probably is

Microsoft has released the KB5064081 preview cumulative update for Windows 11 24H2, which includes thirty-six new features or changes, with many gradually rolling out. These updates include new...

Cloudy now supercharges analytics investigations and Cloudforce One threat intelligence! Get instant insights from threat events and APIs on APTs, DDoS, cybercrime & more - powered by Workers AI.

Microsoft has resolved a known issue causing false CertificateServicesClient (CertEnroll) error messages after installing the July 2025 preview and subsequent Windows 11 24H2 updates. [...]

A new report from PinnacleOne reveals the rise of cyber risks in UK construction and offers guidance for CISOs in this critical industry.

WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. [...]

Jessica Lyons reports: China’s Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into...

Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts. [...]

DutchNews.nl reports: The scale of a data theft from a Dutch national screening programme laboratory is far greater than initially reported, research agency Bevolkingsonderzoek Nederland said on...

CERT Polska has received a report about 2 vulnerabilities (CVE-2025-4643 and CVE-2025-4644).

The following is a machine translation of a press release at politie.nl: On August 27, the Rotterdam Police Cybercrime Team seized data from the VerifTools website’s servers during a seizure at a...

Riley Brennan reports: The U.S. Court of Appeals for the Third Circuit clarified this week that an employee’s purported violations of workplace computer use policies cannot be criminalized under...

Jonathan Greig reports: Federal officials are working with Nevada’s state government to help it recover from a cyberattack discovered on Sunday. The Cybersecurity and Infrastructure Security...

Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues affecting solid-state drives (SSDs) and hard disk drives...

Reading this, I kept hoping that we’d find out it’s just a hoax. But alas… Kevin Collier reports: A hacker has exploited a leading artificial intelligence chatbot to conduct the most comprehensive...

Cybercrime forum 'Leak Zone' has inadvertently exposed its own users' IP addresses and login times in a massive data leak of over 22 million records.

Cybercrime forum 'Leak Zone' has inadvertently exposed its own users' IP addresses and login times in a massive data leak of over 22 million records.

The author of this post is a member of the CTF team Shellphish. His team, a world-renowned one at that, had earned its way to compete in the DEFCON CTF this year. This is the Olympics of hacking...

A podcast from JacksonLewis: Class action lawsuits in response to data breaches have skyrocketed as plaintiffs look to take advantage of courts’ perceived leniency regarding standing. On this...

Back in late June, Citrix posted a patch for CVE-2025–6543, which they described as “Memory overflow vulnerability leading to unintended control flow and Denial of Service”. Denial of service?...

Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously claimed....