🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
6 SepFrom CVE To Cyber Attack In Minutes With AI: Cybersecurity TodayThe Future of Cybersecurity: AI, Exploits, and the CVE Database In this special crossover episode of Cybersecurity Today and Hashtag Trending, the hosts explore the use of artificial intelligence (AI) in cybersecurity. The conversation begins with an overview of the ongoing 'arms…CYBERSECURITYTODAY.LIBSYN.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
6 SepThe Hidden Vulnerabilities of Open Source - Revisiting and Contextualizing the designed xz backdoor, multi-year-long effortsubmitted by Kissaki to security 1 points | 0 comments https://fastcode.io/2025/09/02/the-hidden-vulnerabilities-of-open-source/ Freund wasn’t looking for a backdoor when he noticed SSH connections to his Debian testing system taking 500 milliseconds longer than usual. As a datab…PROGRAMMING.DEV
6 SepExperience vs. Textbooks: The Cybersecurity DilemmaIn this short, John Kinsella highlights a dilemma every cybersecurity professional faces: what matters more in hiring—hands-on experience or textbook knowledge? He explains why classroom labs don’t carry the same weight as securing real open-source projects, and how outdated “air…YOUTUBE.COM
6 SepCan You Hack an AI Just by Reading Its Weights? 🤔Sohrob Kazerounian breaks down a common myth in AI security: the idea that model weights can be directly hacked. With billions of parameters connecting artificial neurons, he explains why simply having access to the weights doesn’t automatically make AI systems vulnerable. Instea…YOUTUBE.COM
6 Sep10 Best Web Application Penetration Testing Companies in 2025Securing web applications is a top priority for businesses in 2025 as they’re a primary attack vector for cybercriminals. Web application penetration testing goes beyond automated scanning to use human expertise and a hacker’s mindset to find complex vulnerabilities t…GBHACKERS.COM
📢 SECURITY ADVISORIES 18[−]
6 SepThe growing debate over age verification lawsAs age and identity verification laws become more mainstream, this legislation could have a dire impact on privacy.TECHCRUNCH.COM
🔥 INCIDENT REPORTING 2[−]
6 SepMalicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet KeysA new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. "The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secre…THEHACKERNEWS.COM
6 SepWe Hacked Burger King: How Authentication Bypass Led to Drive-Thru Audio Surveillancesubmitted by Pro to cybersecurity 2 points | 0 comments https://bobdahacker.com/blog/rbi-hacked-drive-thrus cross-posted from: programming.dev/post/36975908 Comments - Hacker News .SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 7[−]
6 SepFriday Squid Blogging: The Origin and Propagation of SquidNew research (paywalled): Editor’s summary: Cephalopods are one of the most successful marine invertebrates in modern oceans, and they have a 500-million-year-old history. However, we know very little about their evolution because soft-bodied animals rarely fossilize. Ikega…SCHNEIER.COM
6 SepNoisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing CampaignA threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active sin…THEHACKERNEWS.COM
6 SepEngineering First Security at Netflix 🔐Netflix’s Head of Security explains why their approach is all about “engineering first.” Instead of relying only on checklists, Julia Knecht shares how the team scales cybersecurity by solving real problems, staying data-driven, and experimenting with product-led strategies. This…YOUTUBE.COM
6 SepJason Chan’s Secret to Building Security at Netflix 🔐 #cybersecurityJason Chan’s leadership style at Netflix changed how AppSec works forever. Instead of throwing checklists at engineers, he built automation and tools that made security seamless. This short reveals how servant leadership in cybersecurity can transform collaboration between AppSec…YOUTUBE.COM
6 Sep🚨 Can Automation Save the Supply Chain?In this short, cybersecurity experts discuss how automation and validation pipelines could be the key to securing the future of supply chains. With threats slipping through the cracks, the big question is whether automation can truly protect against cyber risks—or if it’s just an…YOUTUBE.COM
6 SepThe Scammer Thought He Got Me… Until I Dropped This TwistA cybersecurity expert flips the script on a classic Nigerian scam, leading the scammer to believe he struck gold. What starts as a $20 million bait quickly turns into a hilarious twist the scammer never saw coming. This short exposes just how far scammers will go—and how a littl…YOUTUBE.COM
6 SepFewer JIRA Tickets? The Cybersecurity Shortcut 😱Tired of endless JIRA tickets? In this short, Neil Carpenter reveals how security teams can actually reduce developer pain by minimizing noise and focusing on what truly matters. Instead of fixing 10% of everything, the strategy shifts to fixing 100% of the real risks — cutting d…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
6 SepVirusTotal finds hidden malware phishing campaign in SVG filesVirusTotal has discovered a phishing campaign hidden in SVG files that create convincing portals impersonating Colombia's judicial system that deliver malware. [...]BLEEPINGCOMPUTER.COM
6 SepAI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attackInvestigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 6[−]
6 SepJoint guidance on a shared vision of software bill of materials for cyber securityThe joint guidance aims to inform software producers, purchasers and operators of the benefits of integrating SBOM generation, analysis, and sharing into security processes and practices.CYBER.GC.CA
6 SepGOP Cries Censorship Over Spam Filters That WorkThe chairman of the Federal Trade Commission (FTC) last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followed media reports accusing …KREBSONSECURITY.COM