Latest Cybersecurity News and Articles
25 October 2025
Researchers have discovered that a prompt can be disguised as an url, and accepted by Atlas as an url in the omnibox.
The post OpenAI Atlas Omnibox Is Vulnerable to Jailbreaks appeared first on SecurityWeek.
24 October 2025
The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit 42.
"Although these domains are registered through a Hong Kong-based registrar and use Chinese nameservers, the attack infrastructure is
24 October 2025
Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild.
The vulnerability in question is CVE-2025-59287 (CVSS score: 9.8), a remote code execution flaw in WSUS that was originally fixed by the tech giant
24 October 2025
CVE-2025-59287 allows a remote, unauthenticated attacker to execute arbitrary code and a PoC exploit is available.
The post Critical Windows Server WSUS Vulnerability Exploited in the Wild appeared first on SecurityWeek.
24 October 2025
A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT.
The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), a state-sponsored hacking group known to be active since at least 2013. It also builds upon a prior
24 October 2025
Shortly after the browser was launched, numerous fraudulent domains and fake applications were discovered.
The post Hackers Target Perplexity Comet Browser Users appeared first on SecurityWeek.
24 October 2025
Lazarus has used fake job offers in attacks targeting companies developing UAV technology, for information theft.
The post North Korean Hackers Aim at European Drone Companies appeared first on SecurityWeek.
24 October 2025
Other noteworthy stories that might have slipped under the radar: Everest group takes credit for Collins Aerospace hack, Maryland launches VDP, gamers targeted with red teaming tool and RAT.
The post In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia appeared first on SecurityWeek.
24 October 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Oct. 24, 2025 – Watch the YouTube video “We’re facing what can feel like an impossible challenge: Cutting spend while unstructured data continues to grow, reducing risk from ransomware, while enabling high
The post Protecting And Managing Unstructured Data At Scale appeared first on Cybercrime Magazine.
24 October 2025
The customer information published on the dark web includes names, addresses, phone numbers, and email addresses.
The post Toys ‘R’ Us Canada Customer Information Leaked Online appeared first on SecurityWeek.
24 October 2025
Does your organization suffer from a cybersecurity perception gap? Findings from the Bitdefender 2025 Cybersecurity Assessment suggest the answer is probably “yes” — and many leaders may not even realize it.
This disconnect matters. Small differences in perception today can evolve into major blind spots tomorrow. After all, perception influences what organizations prioritize, where they
24 October 2025
A malicious network of YouTube accounts has been observed publishing and promoting videos that lead to malware downloads, essentially abusing the popularity and trust associated with the video hosting platform for propagating malicious payloads.
Active since 2021, the network has published more than 3,000 malicious videos to date, with the volume of such videos tripling since the start of the
24 October 2025
In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews.
The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek.
24 October 2025
Questions have been raised over the technical viability of the purported WhatsApp exploit, but the researcher says he wants to keep his identity private.
The post Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta appeared first on SecurityWeek.
24 October 2025
Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks.
The sophisticated threat, codenamed GlassWorm by Koi Security, is the second such supply chain attack to hit the DevOps space within a span
23 October 2025
Threat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job.
"Some of these [companies' are heavily involved in the unmanned aerial vehicle (UAV) sector, suggesting that the operation may be linked to North Korea's current efforts to scale up its
23 October 2025
The relationship between the Russian government and cybercriminal groups has evolved from passive tolerance.
The post Russian Government Now Actively Managing Cybercrime Groups: Security Firm appeared first on SecurityWeek.
23 October 2025
SquareX has shown how malicious browser extensions can impersonate AI sidebar interfaces.
The post AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk appeared first on SecurityWeek.
23 October 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Oct. 23, 2025 – Read the full story in ITWeb Experts who spoke at the Cyber Security Summit 2025, hosted by SNG Grant Thornton this week in Johannesburg, urged a shift in focus
The post Africa: Shifting From Cyber ‘Security’ To Cyber ‘Resilience’ appeared first on Cybercrime Magazine.
23 October 2025
AI is everywhere—and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you're in security, that excitement often comes with a sinking feeling.
Because while everyone else is racing ahead, you're left trying to manage a growing web of AI agents you didn’t create, can’t fully see, and weren’t designed to control.
Join our upcoming webinar and learn how to make AI