StrongestLayer Secures $5.2M for AI Email Security

Google sues to disrupt BadBox 2.0 botnet infecting 10 million devices

Google is suing the BadBox 2.0 botnet group

7 months / engadget / Anna Washenko

Max severity Cisco ISE bug allows pre-auth command execution, patch now

Bill Toulas / bleepingcomputer - A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. [...]

#cybersecurity #enterprise #infosec

Watch out, another max-severity, make-me-root Cisco bug on the loose

Max severity Cisco ISE bug allows pre-auth command execution, patch now

#cybersecurity #techpolicy #china #government

The FCC wants to ban Chinese tech from the undersea cables that connect the U.S. to the rest of the world — proposed new rules would 'secure cables against foreign adversaries'

tomshardware - The FCC announced yesterday that it plans to vote on new rules "to unleash submarine cable investment to accelerate the buildout of AI infrastructure, while securing cables against foreign adversaries, like China.

FCC dives in to sink Chinese grip on undersea internet cables

7 months / theregister / Brandon Vigliarolo

The FCC wants to ban Chinese tech from the undersea cables that connect the U.S. to the rest of the world — proposed new rules would 'secure cables against foreign adversaries'

7 months / tomshardware

FCC moves to ban Chinese tech from undersea cables

7 months / techspot

North Korean hackers blamed for record spike in crypto thefts in 2025

Zack Whittaker / techcrunch - Chainalysis said crypto thefts during the first half of 2025 were at record levels, thanks in large part to a single breach at a major crypto exchange.

#cybersecurity #crypto #cybercrime #asia

North Korean hackers blamed for record spike in crypto thefts in 2025

North Korean hackers blamed for record spike in crypto thefts in 2025

Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks

7 months / therecord

US Targets Chinese Tech in Undersea Cable Ban Initiative

The US government is moving assertively to bar Chinese technology from undersea telecommunications cables, aiming to secure critical national infrastructure. Officials argue that eliminating foreign components will mitigate cybersecurity risks and curtail undue influence—a robust policy shift that underscores how even the deep blue sea isn’t free from geopolitical currents.

#cybersecurity #techpolicy #china #government

The FCC plans to ban Chinese technology in undersea cables

7 months / engadget / Ian Carlos Campbell

US set to ban Chinese technology in submarine cables - Financial Times

7 months / google

Ukrainian hackers say they compromised a major Russian drone company, destroying data, backups, and systems

tomshardware - Gaskar Group denies that the attack was successful, but Ukrainian intelligence is reportedly telling a different story.

#cybersecurity #ukraine #russia #hack

Ukrainian hackers say they compromised a major Russian drone company, destroying data, backups, and systems

7 months / tomshardware

Ukrainian hackers claim to have destroyed major Russian drone maker's entire network

#cybersecurity #dataprivacy #uk #cybercrime

UK retail giant Co-op confirms hackers stole all 6.5 million customer records

Zack Whittaker / techcrunch - The hackers stole the company's member list, which included customer names, addresses, and contact information.

Co-op confirms data of 6.5 million members stolen in cyberattack

UK retail giant Co-op confirms hackers stole all 6.5 million customer records

Retailer Co-op: Attackers snatched all 6.5M member records

7 months / theregister / Connor Jones

Italian cybersecurity firm Exein raises €70m to expand globally

Suhasini Srinivasaragavan / siliconrepublic - Exein says it is experiencing a 450pc year-on-year growth.Read more: Italian cybersecurity firm Exein raises €70m to expand globally

#cybersecurity #cloudsec #business #europe

Italian cybersecurity firm Exein raises €70m to expand globally

7 months / siliconrepublic / Suhasini Srinivasaragavan

Exein raises €70M to protect critical infrastructure from back door attacks

7 months / tech / Tamara Djurickovic

Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion

Jessica Lyons / theregister - File this one under what not to search if you've committed a crime A former US Army soldier, who reportedly hacked AT&T, bragged about accessing President Donald Trump's call logs, and then Googled "can hacking be treason," and "US military personnel defe…

#cybersecurity #infosec #cybercrime #law

US Army soldier pleads guilty to hacking telcos and extortion

Former U.S. Army hacker Cameron Wagenius pleaded guilty to hacking and extortion charges. Wagenius had already pleaded guilty to hacking AT&T and Verizon, among others. techcrunch.com/2025/07/15/u...

7 months / bsky / @lorenzofb.bsky.social / lorenzofb.bsky.social

Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion

US Army soldier pleads guilty to hacking telcos and extortion

7 months / techcrunch / Lorenzo Franceschi-Bicchierai

Google Gemini vulnerable to a stupidly easy prompt injection attack in Gmail AI summaries

techspot - Mozilla recently unveiled a new prompt injection attack against Google Gemini for Workspace, which can be abused to turn AI summaries in Gmail messages into an effective phishing operation. Researcher Marco Figueroa described the attack on 0din, Mozilla's…

#cybersecurity #google #aiethics

Researcher found it possible to exploit Gemini Gmail AI summaries

7 months / mobilesyrup / Vincent Lin

Google Gemini vulnerable to a stupidly easy prompt injection attack in Gmail AI summaries

7 months / techspot

Investigation reveals Google Gemini for Workspace flaw that could have been exploited to enlist AI in phishing schemes — 'Summarize this email' tool would faithfully obey malicious instructions hidden inside an email

7 months / tomshardware

FBI video doctored amid Epstein controversy sparks FBI turmoil

New allegations claim that the so-called “raw” Epstein prison video was doctored, fueling controversy over the agency’s handling of the case. In the midst of the fallout, an FBI official is reportedly weighing resignation, deepening the internal uncertainty as questions over evidence manipulation and institutional accountability mount.

#cybersecurity #doj #law

Uncertainty reigns at FBI as Bongino weighs resignation over Epstein flap - Semafor

7 months / google

CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’

therecord - The one-day deadline issued by CISA on Thursday appears to be the shortest one ever issued. Federal civilian agencies are typically given three weeks to patch bugs added to the known exploited vulnerability catalog.

#cybersecurity #software #infosec #government

In a rare move, CISA gave federal agencies just one day to patch Citrix Netscaler bug CVE-2025-5777 Patch ASAP #CitrixBleed2 #2Citrix2Bloody therecord.media/cisa-orders-...

7 months / bsky / @jgreig.bsky.social / jgreig.bsky.social

CISA issued its shortest KEV deadline ever, giving federal agencies one day to patch Citrix Netscaler bug CVE-2025-5777 CISA official Chris Butera said the bug poses “a significant, unacceptable risk to the security of the federal civilian enterprise.”

7 months / bsky / @jgreig.bsky.social / jgreig.bsky.social

CISA is giving all civilian agencies 1 day to remediate CitrixBleed 2. It is encouraging all other organisations in the US to do this too. https://therecord.media/cisa-orders-agencies-patch-citrix-bleed-2

7 months / bsky / @GossiTheDog.cyberplace.social.ap.brid.gy / GossiTheDog.cyberplace.social.ap.brid.gy

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes.

7 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

CISA confirms hackers are actively exploiting critical ‘Citrix Bleed 2’ bug

CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’

7 months / therecord

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

#cybersecurity #dataprivacy #infosec #chatgpt

Chatbot used by McDonald's to hire workers leaked data for 64 million people after researchers guessed system password was '123456' — once inside, a second flaw turned up 'every chat interaction [from anyone who] ever applied for a job at McDonald’s'

tomshardware - A pair of security researchers has revealed vulnerabilities in the McHire chatbot Olivia, developed by Paradox.ai for McDonald's, that could have been exploited to reveal personal information about roughly 64 million people.

'123456' password exposed info for 64 million McDonald’s job applicants

AI chatbot’s simple ‘123456’ password risked exposing personal data of millions of McDonald’s job applicants

McFuckedUp.

7 months / bsky / @zackwhittaker.com / zackwhittaker.com

AI chatbot’s simple ‘123456’ password risked exposing personal data of millions of McDonald’s job applicants

7 months / techcrunch / Lorenzo Franceschi-Bicchierai

Bug Hunters Gain Access to 64 Million McDonald’s Job Applicants’ Info by Using the Password ‘123456’

7 months / gizmodo / Lucas Ropek

Chatbot used by McDonald's to hire workers leaked data for 64 million people after researchers guessed system password was '123456' — once inside, a second flaw turned up 'every chat interaction [from anyone who] ever applied for a job at McDonald’s'

7 months / tomshardware

Four arrested in UK over M&S, Co-op, Harrod cyberattacks

Bill Toulas / bleepingcomputer - The UK's National Crime Agency (NCA) arrested four people suspected of being involved in cyberattacks on major retailers in the country, including Marks & Spencer, Co-op, and Harrods. [...]

#cybersecurity #uk #cybercrime #law

Authorities arrest four hackers linked to UK retail hacking spree

New, by me: U.K. authorities have confirmed the arrest of four alleged hackers behind the recent U.K. retail hacking spree earlier this year targeting Marks & Spencer, Harrods, and the Co-op. The hackers are allegedly linked to Scattered Spider; on

7 months / bsky / @zackwhittaker.com / zackwhittaker.com

UK authorities arrest four suspected members of hacker group Scattered Spider

7 months / engadget / Andre Revilla

Authorities arrest four hackers linked to UK retail hacking spree

Four arrested in UK over M&S, Co-op, Harrod cyberattacks

NCA arrests four in connection with UK retail ransomware attacks

7 months / theregister / Connor Jones

Driver's license numbers, addresses leaked in 2024 bitcoin ATM company breach

therecord - Bitcoin Depot, which operates cryptocurrency ATMs across North America, says information belonging to more than 26,000 people was breached in an incident last year.

#cybersecurity #crypto #dataprivacy #bitcoin

Bitcoin Depot, an operator of Bitcoin ATMs, is notifying customers of a data breach incident that has exposed their sensitive information.

7 months / bsky / @bleepingcomputer.com / bleepingcomputer.com

Driver's license numbers, addresses leaked in 2024 bitcoin ATM company breach

7 months / therecord

Bitcoin Depot breach exposes data of nearly 27,000 crypto users

#cybersecurity #government #treasury #cybercrime

US sanctions alleged North Korean IT sweatshop leader

Jessica Lyons / theregister - Turns out outsourcing coders to bankroll Kim’s nukes doesn’t jibe with Uncle Sam The US Treasury has imposed sanctions on 38-year-old Song Kum Hyok, a North Korean accused of attempting to hack the Treasury Department and posing as an IT worker to collect…

US sanctions alleged North Korean IT sweatshop leader

Treasury sanctions North Korean over IT worker malware scheme

#ai #cybersecurity #government #deeptech

AI voice deepfake of Marco Rubio targeted US lawmakers and diplomats in fraud attempt

techspot - According to a diplomatic cable seen by Reuters, an unidentified individual left a series of AI-generated voicemails for top US politicians and diplomats on the encrypted messaging app Signal last month, posing as Senator Marco Rubio. The suspicious Signa…

Security practices must evolve to battle growing deepfake sophistication

7 months / siliconangle / Isla Sibanda

AI voice deepfake of Marco Rubio targeted US lawmakers and diplomats in fraud attempt

7 months / techspot

An attacker used AI to impersonate Secretary Rubio and contact high-ranking officials

7 months / the-decoder / Maximilian Schreiner

Qantas data breach compromises millions of customers' details

Qantas is reeling from a significant cyber breach that compromised sensitive data of up to six million customers by infiltrating a third-party platform. The airline has begun notifying affected users amidst growing concerns about data security and the robustness of its external partnerships.

#cybersecurity #dataprivacy #aviation #australia

Qantas confirms data breach impacts 5.7 million customers

Qantas begins telling some customers that mystery attackers have their home address

7 months / theregister / Connor Jones

M&S says Dragon Force threat group behind April cyberattack

Suhasini Srinivasaragavan / siliconrepublic - The retailer estimates that the attack will cost the company £300m in profits this year.Read more: M&S says Dragon Force threat group behind April cyberattack

#cybersecurity #infosec #cybercrime #hack

M&S confirms social engineering led to massive ransomware attack

Marks & Spencer chair refuses to say if retailer paid hackers after ransomware attack