Tile’s lack of encryption could make tracker owners vulnerable to stalking

Emma Roth / theverge - Security researchers are shining the spotlight on a serious security vulnerability that could enable stalkers to track victims using their own Tile tags, as well as other unwanted violations of security and privacy. Research outlined by Wired shows that T…

Back to Top / Monday, September 29, 2025, 6:21 pm / permalink 14904 / 3 stories in 5 months

UK government bails out Jaguar Land Rover with £1.5B loan after hack disrupts vehicle production for weeks

Zack Whittaker / techcrunch - The Indian-owned carmaking giant will be bailed out after a cyberattack stalled car production and its downstream supply chain. Critics argue that the bailout sends the wrong message to hackers and crime groups.

Back to Top / Monday, September 29, 2025, 10:21 am / permalink 14895 / 6 stories in 5 months

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks

Sergiu Gatlan / bleepingcomputer - CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. [...]

Back to Top / Thursday, September 25, 2025, 1:21 pm / permalink 14862 / 9 stories in 5 months

Microsoft Makes Windows 10 Security Updates Free in Europe, Bowing to Regulatory Pressure

Markus Kasanmascheff / winbuzzer - Microsoft reverses its Windows 10 End-of-Life policy, offering a free, unconditional year of Extended Security Updates (ESU) in the EEA after pressure from consumer groups.The post Microsoft Makes Windows 10 Security Updates Free in Europe, Bowing to Regu…

Back to Top / Thursday, September 25, 2025, 10:21 am / permalink 14855 / 7 stories in 5 months

Automaker giant Stellantis says customers’ personal data stolen during breach

Zack Whittaker / techcrunch - One report says, citing the hackers who took credit for the breach, that 18 million customer records were stolen from Stellantis' customer database.

Back to Top / Monday, September 22, 2025, 2:21 pm / permalink 14799 / 5 stories in 5 months

Sumo Logic brings agentic AI to the enterprise security stack

Ian Barker / betanews - Enterprises face a growing volume and complexity of cyber threats which means security teams struggle with alert fatigue and managing a spread of tools. Sumo Logic is launching a new agent-powered security operations tool to help automate routine tasks, s…

Back to Top / Monday, September 22, 2025, 9:21 am / permalink 14791 / 2 stories in 5 months

ACMA launches investigation into Optus over emergency call outage

Vivienne Kelly / mumbrella - Optus is under the microscope with the Australian Communications and Media Authority (ACMA) announcing it will investigate the telco over the emergency call outage involved in the deaths of at least three people. Telcos have an obligation to ensure calls …

Back to Top / Monday, September 22, 2025, 12:20 am / permalink 14779 / 3 stories in 5 months

Hundreds of flights delayed at Heathrow and other airports after apparent cyberattack

Anthony Ha / techcrunch - Travelers at major European airports including Heathrow, Brussels, and Berlin faced significant delays this weekend following what Collins Aerospace described as a “cyber-related incident.”

Back to Top / Sunday, September 21, 2025, 11:20 am / permalink 14772 / 4 stories in 5 months

The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration

Simon Willison / simonwillison - The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data ExfiltrationAbi Raghuram reports that Notion 3.0, released yesterday, introduces new prompt injection data exfiltration vulnerabilities thanks to enabling lethal trifecta attacks.Abi'…

Back to Top / Friday, September 19, 2025, 6:20 pm / permalink 14758 / 2 stories in 5 months

Ivanti EPMM holes let miscreants plant shady listeners, CISA says

Jessica Lyons / theregister - Unnamed org compromised with two malware sets An unknown attacker has abused a couple of flaws in Ivanti Endpoint Manager Mobile (EPMM) and deployed two sets of malware against an unnamed organization, according to the US Cybersecurity and Infrastructure …

Back to Top / Friday, September 19, 2025, 1:21 pm / permalink 14745 / 2 stories in 5 months

Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug

Connor Jones / theregister - Outside experts say the vulnerability has probably already been exploited Budding ransomware crooks have another shot at exploiting Fortra's GoAnywhere MFT product now that a new 10/10 severity vulnerability needs patching.…

Back to Top / Friday, September 19, 2025, 10:21 am / permalink 14735 / 2 stories in 5 months

OpenAI fixes zero-click ShadowLeak vulnerability affecting ChatGPT Deep Research agent

therecord - Cybersecurity firm Radware discovered a vulnerability they call “ShadowLeak” where an attacker could exploit the vulnerability by simply sending an email to the user.

Back to Top / Thursday, September 18, 2025, 4:21 pm / permalink 14714 / 3 stories in 5 months

UK arrests 'Scattered Spider' teens linked to Transport for London hack

Sergiu Gatlan / bleepingcomputer - Two teenagers, believed to be linked to the August 2024 cyberattack on Transport for London, have been arrested in the United Kingdom. [...]

Back to Top / Thursday, September 18, 2025, 10:21 am / permalink 14690 / 5 stories in 5 months

VC giant Insight Partners warns thousands after ransomware breach

Sergiu Gatlan / bleepingcomputer - New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack. [...]

Back to Top / Wednesday, September 17, 2025, 1:21 pm / permalink 14646 / 3 stories in 5 months

Kering Faces Cyber Breach Impacting Luxury Fashion Brands

Kering is under fire after hackers stole client data from its high-end labels, including Gucci, Balenciaga, and McQueen. Although credit card information appears safe, the company has reached out to affected customers while scrambling to contain the breach and tighten its cybersecurity defenses.

Back to Top / Monday, September 15, 2025, 6:20 pm / permalink 14571 / 2 stories in 5 months

The iPhone 17 memory shield will give spyware developers a hard time

appleinsider - The iPhone 17 offers advanced memory protection features that are set to cause headaches for spyware developers.Apple's new Memory Integrity Enforcement feature will present a problem for spyware vendors and developers.On Tuesday, Apple announced that the…

Back to Top / Thursday, September 11, 2025, 7:21 pm / permalink 14422 / 3 stories in 5 months

Outlook outage over North America, Microsoft scrambles to respond

Iain Thomson / theregister - On the plus side we'll all be getting fewer unwanted emails Microsoft confirmed a major email service outage across North America that is stopping inboxes from filling up and may be hitting other apps when logging in.…

Back to Top / Thursday, September 11, 2025, 6:20 pm / permalink 14415 / 2 stories in 5 months

New VMScape attack breaks guest-host isolation on AMD, Intel CPUs

Bill Toulas / bleepingcomputer - A new Spectre-like attack dubbed VMScape allows a malicious virtual machine (VM) to leak cryptographic keys from an unmodified QEMU hypervisor process running on modern AMD or Intel CPUs. [...]

Back to Top / Thursday, September 11, 2025, 11:21 am / permalink 14366 / 4 stories in 5 months

Plex suffers data breach, warns customers to change passwords

Sofia Elizabella Wyciślik-Wilson / betanews - History appears to be repeating. Plex has announced that it has suffered a security breach, exposing user data. The last time this happened was in 2022, and users are being advised to change passwords as soon as possible. The company is referring to it as…

Back to Top / Tuesday, September 9, 2025, 4:20 am / permalink 14116 / 9 stories in 5 months