Latest Cybersecurity News and Articles
22 September 2025
L1TF Reloaded is a vulnerability combining the old L1TF and half-Spectre hardware flaws to bypass deployed software mitigations.
The post Researchers Earn $150,000 for L1TF Exploit Leaking Data From Public Cloud appeared first on SecurityWeek.
22 September 2025
Collins Aerospace is reportedly having difficulties recovering from the ransomware attack.
The post European Airport Disruptions Caused by Ransomware Attack appeared first on SecurityWeek.
22 September 2025
The security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes—they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrow’s breach.
This week’s recap explores the trends driving that constant churn: how threat
22 September 2025
The Romania-based company has launched WorkHorse and is preparing for a funding round to accelerate growth.
The post HoundBytes Launches Automated Security Analyst appeared first on SecurityWeek.
22 September 2025
We hear this a lot:
“We’ve got hundreds of service accounts and AI agents running in the background. We didn’t create most of them. We don’t know who owns them. How are we supposed to secure them?”
Every enterprise today runs on more than users. Behind the scenes, thousands of non-human identities, from service accounts to API tokens to AI agents, access systems, move data, and execute tasks
22 September 2025
Threat actors rely on malicious GitHub repositories to infect LastPass’s macOS users with the Atomic infostealer.
The post Widespread Infostealer Campaign Targeting macOS Users appeared first on SecurityWeek.
22 September 2025
Threat actors likely spoofed the official government website for personal information theft and monetary fraudulent activity.
The post FBI Warns of Spoofed IC3 Website appeared first on SecurityWeek.
22 September 2025
Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection.
The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek.
22 September 2025
After Scattered Spider claimed to retire, research suggests the group has already returned to target the financial sector.
22 September 2025
A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.
The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no
21 September 2025
The cyberattack affected software of Collins Aerospace, whose systems help passengers check in, print boarding passes and bag tags, and dispatch their luggage.
The post Airport Cyberattack Disrupts More Flights Across Europe appeared first on SecurityWeek.
21 September 2025
Threat actors with ties to the Democratic People's Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret.
"The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab
20 September 2025
The disruptions to airport electronic systems meant that only manual check-in and boarding was possible.
The post Cyberattack Disrupts Check-In Systems at Major European Airports appeared first on SecurityWeek.
20 September 2025
Statement from the NCSC regarding the cyber incident affecting Collins Aerospace.
20 September 2025
LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools.
"In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware," researchers Alex Cox, Mike Kosak, and
20 September 2025
Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language Model (LLM) capabilities.
The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference.
In a report examining the malicious use of LLMs, the cybersecurity company
20 September 2025
Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT's Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action.
The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed by OpenAI in early August.
"The attack
19 September 2025
An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn.
Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It's assessed to be affiliated with Iran's Islamic
19 September 2025
Noteworthy stories that might have slipped under the radar: Eve Security seed funding, Claroty report, patches from WatchGuard and Nokia.
The post In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias appeared first on SecurityWeek.
19 September 2025
A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies.
"REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a variety of open proxies it finds freely available online," the company said in a report shared with