🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
11 Aug7-Zip Vulnerability Lets Hackers Write Files and Run Malicious CodeA security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute malicious code. The flaw, tracked as CVE-2025-55188, affects all versions of 7-Zip prior to the…GBHACKERS.COM
11 AugXerox FreeFlow Flaws Enable SSRF and Remote Code ExecutionXerox Corporation has released critical security updates for its FreeFlow Core software, addressing two significant vulnerabilities that could allow attackers to perform server-side request forgery (SSRF) attacks and achieve remote code execution on affected systems. The security…GBHACKERS.COM
11 Aug KEVWinRAR Zero-Day Under Active Exploitation – Update to Latest Version ImmediatelyThe maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability. Tracked as CVE-2025-8088 (CVSS score: 8.8), the issue has been described as a case of path traversal affecting the Windows version of the tool tha…THEHACKERNEWS.COM
11 AugWindows RPC Protocol Exploited to Launch Server Spoofing AttacksA vulnerability in Microsoft Windows’ Remote Procedure Call (RPC) protocol has been discovered that allows attackers to manipulate core system communications and launch sophisticated server spoofing attacks. The flaw, designated CVE-2025-49760, enables unprivileged users to…GBHACKERS.COM
11 AugRussian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, CanadaWinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies. The post Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada appeared first on SecurityWeek .SECURITYWEEK.COM
11 Aug15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)submitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/jenkins-servers-risk-rce-vulnerability-cve-2025-53652/SH.ITJUST.WORKS
11 Aug‘Win-DDoS’: Researchers unveil botnet technique exploiting Windows domain controllersAt DEF CON 33, security researchers demonstrated a novel distributed denial-of-service technique using weaponized Windows domain controllers (DCs), along with a set of zero-click vulnerabilities affecting Windows services. Dubbed “Win-DDoS,” the attack strategy involves remotely …CSOONLINE.COM
11 AugResearchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT FirewallsMalicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology (OT) networks. The vul…THEHACKERNEWS.COM
11 Aug KEVErlang/OTP SSH RCE Vulnerability Actively Exploited to Target OT NetworksA severe vulnerability, designated CVE-2025-32433 with a CVSS score of 10.0, has been identified in the Secure Shell (SSH) daemon of the Erlang programming language’s Open Telecom Platform (OTP). This flaw permits unauthenticated remote code execution (RCE) by allowing atta…GBHACKERS.COM
11 AugDetails emerge on WinRAR zero-day attacks that infected PCs with malwareResearchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware payloads. [...]BLEEPINGCOMPUTER.COM
11 AugNetherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgsThe Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach "critical organizations" in the country. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 24[−]
11 Aug KEVSecurity-Infotainment: Die besten Hacker-DokusSie fühlen sich leer ohne Security-Dashboard? Diese Dokumentationen überbrücken den Schmerz bis zum nächsten Arbeitstag. Foto: Gorodenkoff – shutterstock.com Wenn Sie in Ihrer Profession als Sicherheitsentscheider voll aufgehen, brauchen Sie möglicherweise auch zwischen den Arbei…CSOONLINE.COM
11 AugGPT-5 Compromised Using Echo Chamber and Storytelling ExploitsCybersecurity researchers have successfully demonstrated a new jailbreaking technique that compromises OpenAI’s GPT-5 model by combining “Echo Chamber” algorithms with narrative-driven manipulation, raising fresh concerns about the vulnerability of advanced AI s…GBHACKERS.COM
11 AugEfimer Trojan Targets Crypto Wallets Using Phony Legal Notices and Booby-Trapped TorrentsThe Efimer Trojan has emerged as a potent ClipBanker-type malware, primarily designed to steal cryptocurrency by intercepting and swapping wallet addresses in victims’ clipboards. First detected in October 2024, Efimer named after a comment in its decrypted script has evolv…GBHACKERS.COM
11 AugSSHamble: New Open-Source Tool Targets SSH Protocol FlawsSecurity researchers have unveiled SSHamble, a powerful new open-source tool designed to identify vulnerabilities and misconfigurations in SSH implementations across networks. Developed by HD Moore and Rob King, the tool represents a significant advancement in SSH security testin…GBHACKERS.COM
11 AugCSO hiring on the rise: How to land a top security exec roleTo understand how critical cybersecurity has become, one need look no further than the developing trends in CSO recruiting: Security leadership roles are cited among the most difficult to fill in IT; skilled CSOs are increasingly reporting directly to the CEO; and compensation fo…CSOONLINE.COM
11 AugMultiple Critical Flaws Hit Zero Trust Products from Check Point, Zscaler, and NetskopeSecurity researchers at AmberWolf have uncovered critical vulnerabilities in leading Zero Trust Network Access (ZTNA) solutions from major cybersecurity vendors, potentially exposing thousands of organizations to authentication bypasses and privilege escalation attacks. The findi…GBHACKERS.COM
11 AugOver 29,000 Exchange servers unpatched against high-severity flawOver 29,000 Exchange servers exposed online remain unpatched against a high-severity vulnerability that can let attackers move laterally in Microsoft cloud environments, potentially leading to complete domain compromise. [...]BLEEPINGCOMPUTER.COM
11 AugReport Reveals Tool Overload Driving Fatigue and Missed Threats in MSPsNew Heimdal study reveals how tool sprawl creates blind spots, with over half of providers experiencing daily or weekly burnout Survey of 80 North American MSPs shows fragmented security stacks drive fatigue, missed threats, and business inefficiency. Security tools meant to prot…CSOONLINE.COM
11 AugLegitimate System Functions Exploited to Steal Secrets in Shared Linux SetupsSecurity researcher Ionuț Cernica revealed how commonplace Linux utilities can be weaponized to siphon sensitive data in multi-tenant environments. His talk, “Silent Leaks: Harvesting Secrets from Shared Linux Environments,” exposed that without any root privileges or zero-day ex…GBHACKERS.COM
11 AugLinux Webcams Weaponized to Inject Keystrokes and Execute AttacksSecurity researchers have uncovered a concerning vulnerability that transforms everyday USB webcams into covert attack tools capable of injecting malicious keystrokes and executing unauthorized commands on connected computers. This groundbreaking discovery represents the first do…GBHACKERS.COM
11 AugWinRAR zero-day exploited to plant malware on archive extractionsubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/winrar-zero-day-flaw-exploited-by-romcom-hackers-in-phishing-attacks/SH.ITJUST.WORKS
11 AugSmart Bus System Flaw Allows Hackers to Remotely Track and Control VehiclesA critical security vulnerability in smart bus systems has been discovered that enables hackers to remotely track vehicle locations and potentially take control of essential functions, according to new research presented at DEF CON 33. The findings expose significant risks to pub…GBHACKERS.COM
11 Aug⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & MoreThis week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control…THEHACKERNEWS.COM
11 AugChrome Sandbox Escape Earns Researcher $250,000A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution. The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek .SECURITYWEEK.COM
11 Aug7-Zip Arbitrary File Write Vulnerability Let Attackers Execute Arbitrary Codesubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/7-zip-arbitrary-file-write-vulnerability/SH.ITJUST.WORKS
11 AugIs Microsoft Gaslighting Us? 💻 #WindowsUpdateMicrosoft just dropped the Windows 11 25H2 update... and it’s raising eyebrows. Same source code as last year, but now they’re really pushing Edge again — like popup-after-popup level annoying. Cybersecurity expert Doug White breaks it down and even jokes about coding an app to b…YOUTUBE.COM
11 AugNew TETRA Radio Encryption Flaws Expose Law Enforcement CommunicationsCybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decry…THEHACKERNEWS.COM
11 AugWin-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS AttacksSecurity researchers have uncovered a “zero-click” denial-of-service chain that can silently turn thousands of Microsoft Windows Domain Controllers (DCs) into a globe-spanning botnet, raising fresh alarms in a year already defined by record-breaking distributed-denial-of-service …GBHACKERS.COM
11 AugHackers Exploit ClickFix Technique to Compromise Windows and Run PowerShell CommandsThreat actors have begun a geographically focused campaign against Israeli infrastructure and corporate entities in a sophisticated cyber incursion discovered by Fortinet’s FortiGuard Labs. Delivered exclusively through Windows systems via PowerShell scripts, the attack cha…GBHACKERS.COM
11 AugU.S. government seized $1 million from Russian ransomware gangA global law enforcement coalition targeted the infrastructure of the group behind the Royal and BlackSuit ransomware strains, allegedly responsible for extorting victims out of $370 million since 2022.TECHCRUNCH.COM
11 AugThey Used Google Tag Manager to Hijack WordPress?!A new fileless WordPress spam campaign has been discovered — and it’s using Google Tag Manager in ways most cybersecurity pros never expected. In this short, Doug White breaks down how attackers inject malicious scripts into WordPress option tables, turning every page into a spam…YOUTUBE.COM
11 Aug KEVReimagining Security Operations: SOC as a Service and the Role of AI - Kevin Nikkhoo - CSP #215Kevin Nikkhoo joins the show to explore Security Operations Center as a Service (SOCaaS) and how it compares to traditional SOC models. He breaks down which organizations benefit most from this approach and how AI is reshaping modern SOC operations. Listeners will gain a clear un…YOUTUBE.COM
11 AugWinRAR zero-day exploited in espionage attacks against high-value targetsThe attacks used spearphishing campaigns to target financial, manufacturing, defense, and logistics companies in Europe and Canada, ESET research findsWELIVESECURITY.COM
11 Aug KEVUpdate WinRAR tools now: RomCom and others exploiting zero-day vulnerabilityESET Research discovered a zero-day vulnerability in WinRAR being exploited in the wild in the guise of job application documents; the weaponized archives exploited a path traversal flaw to compromise their targetsWELIVESECURITY.COM
📢 SECURITY ADVISORIES 9[−]
11 AugThis Is Why Compliance ≠ Risk ManagementMost companies think being compliant means they're secure… but they couldn’t be more wrong. In this short, Alla Valente and Matthew Alderman break down a shocking truth: 84% of Fortune 500s would score a D on cybersecurity compliance—and 43% would flat-out fail. Compliance might …YOUTUBE.COM
11 AugGemini per Kalendereinladung gehacktKriminelle greifen Gemini mit Prompt-Injection in Kalendereinladungen an. gguy – shutterstock.com Google hat den KI-gestützten Assistenten Gemini in Android, Google-Webdienste und Googles Workspace-Apps integriert. Neben seiner Funktion als Chatbot hat die Künstliche Intelligenz …CSOONLINE.COM
🔥 INCIDENT REPORTING 18[−]
11 AugNew Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAPA novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to conduct power distributed denial-of-service (DDoS) attacks. The approach has been codenamed Win-DDoS by SafeBreach researc…THEHACKERNEWS.COM
11 AugCyber Attacks, Jailbreaking GPT-5, and Hacker Summer Camp 2025 HighlightsIn today's episode of Cybersecurity Today, host David Shipley covers critical updates on recent cyber attacks and breaches impacting the US Federal judiciary's case management systems, and SonicWall firewall compromises. He also discusses researchers' new jailbreak method against…CYBERSECURITYTODAY.LIBSYN.COM
11 AugConnex Credit Union data breach impacts 172,000 membersConnex, one of Connecticut's largest credit unions, warned tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June. [...]BLEEPINGCOMPUTER.COM
11 AugSoupDealer Malware Evades Sandboxes, AVs, and EDR/XDR in Real-World AttacksThe SoupDealer malware has successfully bypassed nearly all public sandboxes and antivirus solutions, with the exception of Threat.Zone, while also evading endpoint detection and response (EDR) and extended detection and response (XDR) systems in documented real-world incidents. …GBHACKERS.COM
11 AugAustralian Regulator Sues Optus Over 2022 Data Breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/australian-regulatory-sues-optus/SH.ITJUST.WORKS
11 AugCastleLoader Malware Hits 400+ Devices via Cloudflare-Themed ClickFix Phishing AttackCastleLoader, a sophisticated malware loader, has compromised over 400 devices since its debut in early 2025, with cybersecurity firm PRODAFT reporting 469 infections out of 1,634 attempts by May 2025, achieving a staggering 28.7% success rate. This modular threat actor leverages…GBHACKERS.COM
11 AugBoeing, US Navy supplier Jamco Aerospace claimed in ransomware attack | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/news/boeing-us-navy-supplier-jamco-aerospace-ransomware-attack-play/SH.ITJUST.WORKS
11 AugConnex Credit Union Data Breach Impacts 172,000 PeopleHackers targeted Connex, one of the largest credit unions in Connecticut, and likely stole files containing personal information. The post Connex Credit Union Data Breach Impacts 172,000 People appeared first on SecurityWeek .SECURITYWEEK.COM
11 AugCancer care provider breach exposes 113K+ patients | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/privacy/highlands-data-breach-exposes-patients/SH.ITJUST.WORKS
11 AugU.S. Judiciary confirms breach of court electronic records servicesubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/us-judiciary-confirms-breach-of-court-electronic-records-service/SH.ITJUST.WORKS
11 AugSilent Watcher Targets Windows Systems, Steals Data via Discord WebhooksK7 Labs investigated the Cmimai Stealer, a Visual Basic Script (VBS)-based infostealer that surfaced in June 2025 and uses PowerShell and native Windows scripting to secretly exfiltrate data. This is a recent development in the cybersecurity environment. This malware, first highl…GBHACKERS.COM
11 AugHow to implement a blameless approach to cybersecurity | Kaspersky official blogWhat a blameless incident review is, and how to make it the norm in your organizationKASPERSKY.COM
11 AugRansomware Attacks Fall by Almost Half in Q2submitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/ransomware-attacks-fall-almost-half-q2SH.ITJUST.WORKS
11 AugMuddyWater’s DarkBit ransomware cracked for free data recoveryCybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang's encryptors, allowing them to recover a victim's files for free without paying a ransom. [...]BLEEPINGCOMPUTER.COM
11 AugMicrosoft tests cloud-based Windows 365 disaster recovery PCsMicrosoft has announced the limited public preview of Windows 365 Reserve, a service that provides temporary desktop access to pre-configured cloud PCs for employees whose computers have become unavailable due to cyberattacks, hardware issues, or software problems. [...]BLEEPINGCOMPUTER.COM
11 AugConnex Credit Union data breach impacts 172,000 memberssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/connex-credit-union-discloses-data-breach-impacting-172-000-people/SH.ITJUST.WORKS
11 AugMuddyWater’s DarkBit ransomware cracked for free data recoverysubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/muddywaters-darkbit-ransomware-cracked-for-free-data-recovery/SH.ITJUST.WORKS
11 AugNorth Korean Kimsuky hackers exposed in alleged data breachThe North Korean state-sponsored hackers known as Kimsuky has reportedly suffered a data breach after two hackers, who describe themselves as the opposite of Kimsuky's values, stole the group's data and leaked it publicly online. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 25[−]
11 AugISC Stormcast For Monday, August 11th, 2025 https://isc.sans.edu/podcastdetail/9564, (Mon, Aug 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 AugAI Coding Assistant: Creating the Perfect Blueprint for AttackersAI coding tools like Claude CLI are unintentionally changing the attack surface for developers and businesses in the rapidly changing cybersecurity landscape. Gone are the days when adversaries required weeks or months of meticulous infrastructure mapping, credential probing, and…GBHACKERS.COM
11 AugBadCam: New BadUSB Attack Turns Linux Webcams Into Persistent ThreatsEclypsium researchers have demonstrated a BadCam attack against Lenovo cameras, but others may be impacted as well. The post BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats appeared first on SecurityWeek .SECURITYWEEK.COM
11 AugINE Named to Training Industry’s 2025 Top 20 Online Learning Library ListCary, United States, August 11th, 2025, CyberNewsWire Hands-on cybersecurity and IT training leader recognized for innovation in practical, work-ready education INE has been selected for Training Industry’s 2025 Top 20 Online Learning Library Companies list, recognizing the…GBHACKERS.COM
11 AugMalware Campaign Masquerades as Tesla in Poisoned Google AdsA malware operation has surfaced in the context of a complex cyber threat landscape, using tainted Google Ads to pose as Tesla and trick consumers into placing fictitious preorders for the unannounced Optimus humanoid robot. Security researchers have identified multiple malicious…GBHACKERS.COM
11 AugReport Reveals Tool Overload Driving Fatigue and Missed Threats in MSPsNew Heimdal study reveals how tool sprawl creates blind spots, with over half of providers experiencing daily or weekly burnout. Survey of 80 North American MSPs shows fragmented security stacks drive fatigue, missed threats, and business inefficiency. Security tools meant to pro…GBHACKERS.COM
11 AugAutomatic License Plate Readers Are Coming to SchoolsFears around children is opening up a new market for automatic license place readers.SCHNEIER.COM
11 AugFlaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data TheftA researcher has demonstrated how a platform used by over 1,000 dealerships in the US could have been used to hack cars. The post Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft appeared first on SecurityWeek .SECURITYWEEK.COM
11 AugGreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensionssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/08/greedybear-steals-1m-in-crypto-using.htmlSH.ITJUST.WORKS
11 AugGoogle Calendar invites let researchers hijack Gemini to leak user datasubmitted by kid to cybersecurity 4 points | 0 comments https://www.bleepingcomputer.com/news/security/google-calendar-invites-let-researchers-hijack-gemini-to-leak-user-data/SH.ITJUST.WORKS
11 AugData Dump From APT Actor Yields Clues to Attacker Capabilitiessubmitted by kid to cybersecurity 3 points | 0 comments https://www.darkreading.com/threat-intelligence/data-dump-apt-actor-attacker-capabilitiesSH.ITJUST.WORKS
11 AugMeta’s New Feature Turns Instagram into a Real-Time Location BroadcasterMeta has introduced a transformative update to Instagram, evolving the platform from a simple photo-sharing service into an always-on real-time location broadcaster via its new “Map” feature. Announced in early August 2025, this functionality allows users to opt-in fo…GBHACKERS.COM
11 AugManaging the Trust-Risk Equation in AI: Predicting Hallucinations Before They StrikeNew physics-based research suggests large language models could predict when their own answers are about to go wrong — a potential game changer for trust, risk, and security in AI-driven systems. The post Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before Th…SECURITYWEEK.COM
11 AugCritical Vulnerabilities Uncovered in Zero Trust Network Access Products of Check Point, Zscaler, and NetSkopesubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/zero-trust-network-access-vulnerabilities/SH.ITJUST.WORKS
11 AugUAC-0099 Tactics, Techniques, Procedures and Attack Methods RevealedUAC-0099, a persistent threat actor active since at least 2022, has conducted sophisticated cyber-espionage operations against Ukrainian government, military, and defense entities, evolving its toolkit across three major campaigns documented in CERT-UA alerts from June 2023, Dece…GBHACKERS.COM
11 AugWould You Work for a Robot Boss?When a job candidate asked if their interviewer was human, they didn’t expect this reply. In this mind-blowing short, an AI bot named Dave conducts a marketing interview — no human in sight. This is what the future of hiring looks like... and it’s raising eyebrows in the cybersec…YOUTUBE.COM
11 AugESW at BlackHat and the weekly enterprise security news - ESW #419Topic Segment - What's new at Black Hat? We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah! News Segment Then…YOUTUBE.COM
11 AugBootkits Are Scarier Than SIM Swaps 😨Cybersecurity expert Doug White drops a chilling truth—bootkits hidden in UEFI firmware are way more terrifying than SIM swaps. In this short, he breaks down how vulnerable Gigabyte motherboards could allow attackers to plant bootkits and take full control before your OS even loa…YOUTUBE.COM
11 AugThis Isn’t Deepfake—It’s Way WorseAI isn’t just making deepfakes anymore. In this short, cybersecurity expert Doug White reveals a chilling truth: artificial intelligence is now being used to generate realistic images and videos of child sexual abuse. The Internet Watch Foundation reported a jump from just 2 AI-g…YOUTUBE.COM
11 AugHackers Extradited to US Over $100 Million Romance Scams and Other FraudsUnited States Attorney for the Southern District of New York, Jay Clayton, alongside FBI Assistant Director in Charge Christopher G. Raia, announced the unsealing of a federal indictment against four Ghanaian nationals implicated in a sophisticated international fraud network. Th…GBHACKERS.COM
11 AugThe Night I Crashed the Mainframe by Accident 🤫A veteran sysadmin recalls the chaos of patching a type one hypervisor just minutes before midnight—when every user was racing to submit their work. In this hilarious and painfully relatable story, he warns what happens when you forget to save your work... and IT pulls the plug. …YOUTUBE.COM
11 AugCybersecurity vs. The Insurance Terminator 🤖When cybersecurity expert Doug White jokes about AI canceling your insurance because it thinks you're too risky, it hits closer to reality than most want to admit. In this clip, he imagines a world where staying insured means pretending to be a hobo with a coal-fired laptop ridin…YOUTUBE.COM
11 AugCyber Alert: Excel Links Can Steal Your Data 🧠Microsoft just dropped a huge Excel update that cybersecurity experts cannot ignore. Starting October, Excel will begin blocking external workbook links to specific file types — and here’s why it matters. In this short, Doug White breaks down how these seemingly harmless links co…YOUTUBE.COM
11 AugMY TAKE: Black Hat 2025 vendors define early contours for a hard pivot to AI security architectureBlack Hat USA 2025 concluded amid a noticeable shift in tone. Compared to prior years, the discussions were more grounded, and the stakes more clearly defined. Related: GenAI security gaps few see While generative AI remained the central theme, what … (more…) The post MY TA…LASTWATCHDOG.COM
11 AugCorporate SaaS: China’s New Battlefield?Cybersecurity expert Aaran reveals how modern espionage blends into everyday corporate operations—disguised within trusted cloud services, VPNs, and SaaS platforms. This isn’t just hacking—it’s strategic economic warfare at a global scale. Traditional tools like Splunk and Sentin…YOUTUBE.COM
📡 INFOSEC NEWS 9[−]
11 AugSecurity flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhereSecurity researcher Eaton Zveare told TechCrunch that the flaws he discovered in the carmaker's centralized dealer portal exposed vast access to customer and vehicle data. With this access, Zveare said he could remotely take over a customer's account and unlock their cars, and mo…TECHCRUNCH.COM
11 AugHow to restore GPT-4o when you've GPT-5Sam Altman overhyped GPT-5 and the results are underwhelming. Some users are upset with GPT-5's new personality, but you can restore GPT-4o if you pay for the Plus plan. [...]BLEEPINGCOMPUTER.COM
11 Aug6 Lessons Learned: Focusing Security Where Business Value LivesThe Evolution of Exposure Management Most security teams have a good sense of what’s critical in their environment. What’s harder to pin down is what’s business-critical. These are the assets that support the processes the business can’t function without. They’re not always the l…THEHACKERNEWS.COM
11 Aug'Chairmen' of $100 million scam operation extradited to USThe U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks. [...]BLEEPINGCOMPUTER.COM
11 AugxAI is testing Grok 4.20 to take on GPT-5, may launch this monthElon Musk-owned xAI is testing Grok 4.20, a small update to Grok 4, which already competes with GPT-5 in some benchmarks, such as ARC-AGI 2. [...]BLEEPINGCOMPUTER.COM
11 AugOneNote finally gets "paste text only" feature on Windows and MacMicrosoft confirmed that it's testing the ability to paste text only (plain format) to OneNote for Windows and Mac. [...]BLEEPINGCOMPUTER.COM
11 AugElectronic Arts blocks more than 300,000 attempts to cheat after launching Battlefield 6 betaSoon after the launch of first-person shooter Battlefield 6, cheaters flooded the games, forcing Electronic Arts to respond.TECHCRUNCH.COM
11 AugThe Rise of Native Phishing: Microsoft 365 Apps Abused in AttacksNative phishing turns trusted tools into attack delivery systems. Varonis shows how attackers weaponize Microsoft 365 apps, like OneNote & OneDrive, to send convincing internal lures and how to spot them before they spread. [...]BLEEPINGCOMPUTER.COM
11 AugOpenAI is testing 3,000-per-week limit for GPT-5 ThinkingOpenAI has responded to criticism that it shipped GPT-5 with token limits to minimize cost and maximize profit not with words, but rather with a new 3,000-per-week limit. [...]BLEEPINGCOMPUTER.COM