🚨 CISA KEV 2[−]
23 Sep KEVCISA Releases Advisory on Lessons Learned from an Incident Response EngagementToday, CISA released a cybersecurity advisory detailing lessons learned from an incident response engagement following the detection of potential malicious activity identified through security alerts generated by the agency’s endpoint detection and response tool. This advis…CISA.GOV
23 Sep KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-10585 Google Chromium V8 Type Confusion Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber ac…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
23 SepLibraesva ESG Vulnerability Allows Attackers to Execute Malicious CommandsA critical command injection vulnerability in Libraesva ESG email security gateways has been discovered, allowing attackers to execute arbitrary commands through specially crafted compressed email attachments. The vulnerability, designated CVE-2025-59689, affects versions startin…GBHACKERS.COM
23 SepSolarWinds Web Help Desk Vulnerability Enables Privilege EscalationA critical vulnerability in SolarWinds Web Help Desk (WHD) could allow attackers to escalate privileges and execute arbitrary code on affected systems. SolarWinds has released Web Help Desk 12.8.7 Hotfix 1 to address CVE-2025-26399, a deserialization flaw in the AjaxProxy compone…GBHACKERS.COM
23 SepSolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution FlawSolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), …THEHACKERNEWS.COM
23 SepSolarWinds Makes Third Attempt at Patching Exploited VulnerabilityCVE-2025-26399 is a patch bypass of CVE-2024-28988, which is a patch bypass of the exploited CVE-2024-28986. The post SolarWinds Makes Third Attempt at Patching Exploited Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepBYOVD to the next level (part 1) — exploiting a vulnerable driver (CVE-2025-8061)Bring Your Own Vulnerable Driver (BYOVD) is a well-known post-exploitation technique used by adversaries. This blog post is part of a series. We will see how to abuse a vulnerable driver to gain access to Ring-0 capabilities. In this first post we describe in detail the exploitat…QUARKSLAB.COM
23 Sep KEVSolarWinds fixes Web Help Desk patch bypass for actively exploited flaw — againSolarWinds has released a third patch for essentially the same critical Java deserialization vulnerability in its Web Help Desk product. The original flaw was first patched in August 2024 with warnings from CISA that it had been exploited in the wild. “This vulnerability is a pat…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
23 SepThreat Actors with Fake Job Lures Attacking Job Seekers to Deploy Advanced MalwareIranian threat actors are exploiting job seekers’ aspirations through sophisticated fake recruitment campaigns designed to deploy advanced malware across Europe’s critical infrastructure sectors. The attack methodology demonstrates remarkable operational security and …GBHACKERS.COM
23 SepHackers Exploit GitHub Notifications to Launch Phishing AttacksCybersecurity researchers have uncovered a new phishing campaign that exploits GitHub’s official notification system to deliver malicious links and credential-stealing payloads. By capitalizing on the trust that open-source contributors place in GitHub’s communication channels, c…GBHACKERS.COM
23 SepHackers Using SVG Files to Deliver Malicious PayloadsA recent malware campaign making the rounds in Latin America offers a stark example of how cybercriminals are evolving and finetuning their playbooks. Victims receive emails dressed up to look as though they come from trusted institutions, warning of lawsuits or court summons. Th…GBHACKERS.COM
23 Sep6 novel ways to use AI in cybersecurityAI is already widely recognized as a powerful cybersecurity protection tool. AI-driven systems can detect threats in real-time, allowing rapid response and mitigation. AI can also adapt and evolve, continuously learning from new data, improving its ability to identify and address…CSOONLINE.COM
23 SepThe CISO’s guide to rolling out generative AI at scaleSelecting the right AI platform for your security team or enterprise is important. But what determines AI implementation success is how the platform is introduced, integrated, and supported across the organization. Adoption is not just about tooling: It’s about visibility, policy…CSOONLINE.COM
23 SepLectora Desktop and Online XSS Vulnerability Enables JavaScript InjectionA critical cross-site scripting (XSS) vulnerability affecting both Lectora Desktop and Lectora Online has been disclosed, enabling attackers to inject JavaScript through crafted URL parameters. Discovered by security researcher Mohammad Jassim and documented by the CERT® Coordina…GBHACKERS.COM
23 SepGitHub Introduces npm Security with Stronger Authentication and Trusted PublishingOpen source software powers much of today’s technology, enabling developers around the world to build and share tools, libraries, and applications. However, the same openness that drives innovation also presents serious security challenges. Attackers regularly target package regi…GBHACKERS.COM
23 SepApple’s New Memory Integrity EnforcementApple has introduced a new hardware/software security feature in the iPhone 17: “ Memory Integrity Enforcement ,” targeting the memory safety vulnerabilities that spyware products like Pegasus tend to use to get unauthorized system access. From Wired : In recent years…SCHNEIER.COM
23 SepTop 25 MCP Vulnerabilities Reveal How AI Agents Can Be ExploitedA new ranking of Model Context Protocol weaknesses highlights critical risks—from prompt injection to command injection—and provides a roadmap for securing the foundations of agentic AI. The post Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited appeared first on S…SECURITYWEEK.COM
23 SepAutomaker giant Stellantis confirms data breach after Salesforce hacksubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/automaker-giant-stellantis-confirms-data-breach-after-salesforce-hack/SH.ITJUST.WORKS
23 Sep KEVShadowV2 turns DDoS into a cloud-native subscription serviceA novel ShadowV2 bot campaign is turning distributed denial-of-service ( DDoS ) attacks into a full-blown for-hire business, blending old-school malware with cloud-native deployment. According to a Darktrace analysis shared with CSO ahead of its publication on Tuesday, the campai…CSOONLINE.COM
23 SepLean Teams, Higher Stakes: Why CISOs Must Rethink Incident RemediationBig companies are getting smaller, and their CEOs want everyone to know it. Wells Fargo has cut its workforce by 23% over five years, Bank of America has shed 88,000 employees since 2010, and Verizon's CEO recently boasted that headcount is "going down all the time." What was onc…THEHACKERNEWS.COM
23 SepShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire ServiceCybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers …THEHACKERNEWS.COM
23 SepSpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots PersistAustin, Texas, USA, September 23rd, 2025, CyberNewsWire New SpyCloud 2025 Identity Threat Report reveals dangerous disconnect between perceived security readiness and operational reality. SpyCloud, the leader in identity threat protection, today released the 2025 SpyCloud Identit…GBHACKERS.COM
23 SepSolarWinds releases third patch to fix Web Help Desk RCE bugSolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication. [...]BLEEPINGCOMPUTER.COM
23 SepPolice dismantles crypto fraud ring linked to €100 million in lossesLaw enforcement authorities in Europe have arrested five suspects linked to a cryptocurrency investment fraud ring that stole over €100 million ($118 million) from more than 100 victims. [...]BLEEPINGCOMPUTER.COM
23 SepCISA says hackers breached federal agency using GeoServer exploitCISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. [...]BLEEPINGCOMPUTER.COM
23 SepCISA Releases Six Industrial Control Systems AdvisoriesCISA released six Industrial Control Systems (ICS) advisories on September 23, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-266-01 AutomationDirect CLICK PLUS ICSA-25-266-02 Mitsubishi Elec…CISA.GOV
23 SepNews alert: SpyCloud report finds security teams overconfident as identity exposures fuel ransomwareAustin, Texas, September 23rd, 2025, CyberNewsWire — SpyCloud , the leader in identity threat protection, today released the 2025 SpyCloud Identity Threat Report , revealing that while 86% of security leaders report confidence in their ability to prevent identity-based attacks, &…LASTWATCHDOG.COM
23 SepLibraesva ESG issues emergency fix for bug exploited by state hackersLibraesva rolled out an emergency update for its Email Security Gateway solution to fix a vulnerability exploited by threat actors believed to be state sponsored. [...]BLEEPINGCOMPUTER.COM
23 SepPatch Bypassed for Supermicro Vulnerability Allowing BMC HackBinarly researchers have found a way to bypass a patch for a previously disclosed vulnerability. The post Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepEurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 CountriesLaw enforcement authorities in Europe have arrested five suspects in connection with an "elaborate" online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain. According to Eurojust, the coordinated a…THEHACKERNEWS.COM
23 SepTwo New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust SecurityCybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. T…THEHACKERNEWS.COM
23 SepWidespread Supply Chain Compromise Impacting npm EcosystemCISA is releasing this Alert to provide guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as “Shai-Hulud”—has compromised over 500 packages. [i] After gaining …CISA.GOV
23 SepBoyd Gaming discloses data breach after suffering a cyberattackUS gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals. [...]BLEEPINGCOMPUTER.COM
23 SepHIBP Demo: Querying the API, and the Free Test Key!Presently sponsored by: Oh Dear: All-in-one website monitoring with security alerts for DNS & certificate changes. 10-day free trial. Keep your sites secure! One of the most common use cases for HIBP's API is querying by email address, and we support hundreds of millions of …TROYHUNT.COM
23 SepA Vulnerability in SolarWinds Web Help Desk Could Allow for Remote Code ExecutionA vulnerability has been discovered in SolarWinds Web Help Desk, which could allow for remote code execution. SolarWinds Web Help Desk (WHD) is a web-based software that provides IT help desk and asset management functionality, allowing IT teams to manage service requests, track …CISECURITY.ORG
📋 SECURITY BULLETINS 1[−]
23 SepSonicWall releases SMA100 firmware update to wipe rootkit malwareSonicWall has released a firmware update that can help customers remove rootkit malware deployed in attacks targeting SMA 100 series devices. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 6[−]
23 SepMicrosoft Publishes Guide for Certificate-Based Authentication in Windows Admin CenterMicrosoft has released comprehensive guidance for implementing certificate-based authentication in Windows Admin Center (WAC), providing administrators with enhanced security through smart card integration and Active Directory Certificate Services. This authentication method sign…GBHACKERS.COM
23 SepMicrosoft Purview delivered 30% reduction in data breach likelihoodA recent Total Economic Impact™ (TEI) Of Microsoft Purview study by Forrester Consulting, commissioned by Microsoft, offers valuable insights into how organizations are modernizing their data protection strategies. The study covers the tangible benefits of unifying data security,…MICROSOFT.COM
🔥 INCIDENT REPORTING 12[−]
23 SepEuropean Airport Operations Disrupted by RansomwarePassengers across Europe are facing another day of flight delays after a cyber-attack struck the company behind the check-in and boarding software used at many airports. London Heathrow, Brussels, Dublin and Berlin have been worst hit since Friday, when the attack first took hold…GBHACKERS.COM
23 SepAutomotive Titan Stellantis Discloses Data BreachThe company says customer contact information was stolen from a third-party service provider’s platform. The post Automotive Titan Stellantis Discloses Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepNPM package caught using QR Code to fetch cookie-stealing malwareNewly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials…BLEEPINGCOMPUTER.COM
23 SepBeware of Fake Online Speedtest Apps with Hidden JavaScript CodeThese fake online speedtest applications prey on users seeking to measure their internet performance, yet they harbor hidden payloads that compromise system integrity and privacy. Much like the previously analyzed Fake Manual Reader and Finder software, these imposters leverage p…GBHACKERS.COM
23 SepZloader Malware Used as Gateway for Ransomware Deployment in Corporate NetworksZloader, a sophisticated Zeus-based modular trojan that first emerged in 2015, has undergone a significant transformation from its original banking-focused purpose to become a dangerous tool for initial access and ransomware deployment in corporate environments. Following an almo…GBHACKERS.COM
23 SepNew npm Malware Steals Browser Passwords via Steganographic QR CodeA novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and password credentials from browser cookies via an embedded QR code. Published under the npm alias janedu (registration…GBHACKERS.COM
23 SepGitHub tightens npm security with mandatory 2FA, access tokensGitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale incidents recently. [...]BLEEPINGCOMPUTER.COM
23 SepHumber NHS board apologises for NRS Healthcare data breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bbc.com/news/articles/cm2dl92xzjmoSH.ITJUST.WORKS
23 SepThreat Actors Breach Enterprise Infrastructure Within 18 Minutes of Initial AccessAttackers are accelerating their foothold in corporate networks: over the past three months (June 1 to August 31, 2025), the average time from initial breach to lateral movement—called “breakout time”—fell to just 18 minutes. In one striking incident, “Akira” ransomware operators…GBHACKERS.COM
23 SepEuropean airports still dealing with disruptions days after ransomware attackFour major European airports in Berlin, Brussels, Dublin, and London continue to have flight delays due to a cyberattack on Collins Aerospace, a provider of check-in systems.TECHCRUNCH.COM
23 SepJaguar Land Rover to pause production until next week – at leastAfter yet another extension, the shutdown caused by a cyberattack will last at least four weeks.TECHCRUNCH.COM
23 SepJaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After CyberattackJLR extended the pause in production “to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.” The post Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack appeared firs…SECURITYWEEK.COM
🕵️ THREAT INTELLIGENCE 25[−]
23 SepISC Stormcast For Tuesday, September 23rd, 2025 https://isc.sans.edu/podcastdetail/9624, (Tue, Sep 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 SepWindows 11 24H2 KB5064081 Update Causes Video Playback IssuesMicrosoft’s latest Windows 11 update is causing significant problems for users trying to play protected video content. The KB5064081 update, released on August 29, 2025, has disrupted video playback functionality across multiple applications, leaving users frustrated with b…GBHACKERS.COM
23 SepNimbus Manticore Targets Defense and Telecom Industries with New Malware AttackCheck Point Research has identified a long-running campaign by the Iranian-aligned threat actor Nimbus Manticore—also known as UNC1549, Smoke Sandstorm, and the “Iranian Dream Job” operation—targeting defense manufacturers, telecommunications, and aviation entities aligned with I…GBHACKERS.COM
23 SepMassive 22.2 Tbps DDoS Attack Sets New World RecordCloudflare announced today that it has successfully mitigated the largest distributed denial-of-service (DDoS) attack ever recorded. The hyper-volumetric assault peaked at a staggering 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps), shattering the prev…GBHACKERS.COM
23 SepBadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web ShellsCybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The acti…THEHACKERNEWS.COM
23 SepScattered Spider Suspect Arrested in USThe juvenile suspect surrendered on September 17 and was booked on computer intrusion, extortion, and identity theft charges. The post Scattered Spider Suspect Arrested in US appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepRussia Leveraging Cyber-Attacks as a Strategic Weapon Against Key Industries in Major NationsIn 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has become a central battleground for international conflict. Russia is leveraging cyber-attacks to alleviate economic pressure from international …GBHACKERS.COM
23 SepHackers Abuse IMDS Service for Cloud Initial AccessCloud environments rely on the Instance Metadata Service (IMDS) to provide virtual machines with temporary credentials and essential configuration data. IMDS allows applications to securely retrieve credentials without embedding secrets in code or configuration files. However, th…GBHACKERS.COM
23 SepShadowV2 DDoS Service Lets Customers Self-Manage AttacksThe botnet’s operators provide customers with access to an infected network of Docker containers so they can conduct DDoS attacks. The post ShadowV2 DDoS Service Lets Customers Self-Manage Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepAll Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: ResearcherThe strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it potentially generates a false sense of security in the vendor. The post All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens:…SECURITYWEEK.COM
23 SepNightgridcybersecurity.submitted by Nightgrid to cybersecurity 0 points | 1 comments Hello, I would have an offer who has interest to work for me in a cybersecurity agency with no profit for sure please contact me by email sending your resume and all for closed box I will never know you and you will no…SH.ITJUST.WORKS
23 SepUnit 221B Raises $5 Million for Threat Intel Aiding Hacker ArrestsThe company will expand its platform’s capabilities and accelerate investigative collaboration and go-to-market efforts. The post Unit 221B Raises $5 Million for Threat Intel Aiding Hacker Arrests appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepHackers Hijacking IIS Servers Using Malicious BadIIS Module to Serve Malicious ContentLeveraging a native IIS module named BadIIS, attackers manipulated search engine crawler traffic to poison search results and redirect legitimate users to scam or adult-oriented websites. Infrastructure overlaps link this activity to ESET’s “Group 9” cluster and share functional …GBHACKERS.COM
23 SepMalicious GitHub pages lure MacOS users into installing Atomic infostealer - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2025/09/22/macos-infostealer-campaign-github/SH.ITJUST.WORKS
23 SepU.S. Secret Service Shuts Down 300 SIM Servers and 100K SIM Cards Disabling Cell TowersThe U.S. Secret Service has dismantled a sophisticated network of electronic devices scattered across the New York tri-state area. These devices posed an imminent threat to protective operations for senior government officials. During a protective intelligence investigation, agen…GBHACKERS.COM
23 SepAsyncRAT spread through malicious SVG files imitating web portalssubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/asyncrat-spread-through-malicious-svg-files-imitating-web-portalsSH.ITJUST.WORKS
23 SepDesign Errors in Entra ID, Design Defenses in iOS, Design Difficulties in DeepSeek - ASW #349In the news, Microsoft encounters a new cascade of avoidable errors with Entra ID, Apple improves iOS with hardware-backed memory safety, DeepSeek demonstrates the difficulty in reviewing models, curl reduces risk by eliminating code, preserving the context of code reviews, and m…YOUTUBE.COM
23 SepNew EDR-Freeze tool uses Windows WER to suspend security softwaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-edr-freeze-tool-uses-windows-wer-to-suspend-security-software/SH.ITJUST.WORKS
23 Sep22.2 Tbps DDoS Attack Breaks Internet With New World Recordsubmitted by kid to cybersecurity 3 points | 0 comments https://cybersecuritynews.com/ddos-attack-world-record/SH.ITJUST.WORKS
23 SepDefy Security Appoints Esteemed Cybersecurity Leader Gary Warzala to Its Board of DirectorsDefy Security, a leading provider of cybersecurity solutions and services, today announced the appointment of Gary Warzala to its Board of Directors. Warzala is a highly regarded cybersecurity executive with more than 20 years of leadership experience, having served as Chief Info…GBHACKERS.COM
23 SepGitHub tightens npm security with mandatory 2FA, access tokenssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/github-tightens-npm-security-with-mandatory-2fa-access-tokens/SH.ITJUST.WORKS
23 SepAttackers Abuse Google’s AppSheet to Send Phishing EmailsHackread reports that attackers are abusing Google’s AppSheet platform to send phishing emails.KNOWBE4.COM
23 SepUhura, Collins, Nimbus Manticore, Sonic Wall, Async Rat, Solar Winds, Aaran Leyland.. - SWN #514Uhura, Collins, Nimbus Manticore, Sonic Wall, Async Rat, Solar Winds, ShadowV2, H1B, Aaran Leyland, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-514YOUTUBE.COM
23 SepA Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New YorkMore than 300 servers and 100,000 SIM cards designed to mimic cellphones and overwhelm networks. The post A Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New York appeared first on SecurityWeek .SECURITYWEEK.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
23 SepGitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain SecurityGitHub on Monday announced that it will be changing its authentication and publishing options "in the near future" in response to a recent wave of supply chain attacks targeting the npm ecosystem, including the Shai-Hulud attack. This includes steps to address threats posed by to…THEHACKERNEWS.COM
23 SepAI-Powered App Exposes User Data, Creates Risk of Supply Chain AttacksTrend™ Research’s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks.TRENDMICRO.COM
🎙️ PODCASTS 1[−]
23 SepThe AI Fix #69: How we really use ChatGPT, and will AI agents crash the economy?In episode 69 of The AI Fix, our hosts discover brain rot, a shark wears trainers on its fins, an AI writes a terrible J-Pop song, Graham learns that ants don’t care about AI, Mark predicts the precise date of Graham’s demise, Norway trusts $1.9 trillion to an AI investor, and Fl…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 5[−]
23 Sep[Guest Diary] Distracting the Analyst for Fun and Profit, (Tue, Sep 23rd)[This is a Guest Diary by Taylor House, an ISC intern as part of the SANS.edu Bachelor&#;39;s Degree in Applied Cybersecurity (BACS) program [1].]
ISC.SANS.EDU
23 Sep5 ways to streamline Identity Governance with this free toolIdentity Governance doesn't have to be complex or costly. tenfold's free Community Edition helps orgs (up to 150 users) streamline onboarding, access reviews & M365 permissions — all with a no-code IGA platform. [...]BLEEPINGCOMPUTER.COM
23 SepCloudflare mitigates new record-breaking 22.2 Tbps DDoS attackCloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps). [...]BLEEPINGCOMPUTER.COM
23 SepWhatsApp adds message translation to iPhone and Android appsWhatsApp has started rolling out a new translation feature that enables Android and iPhone users to translate messages in chats, groups, and channel updates. [...]BLEEPINGCOMPUTER.COM
23 SepU.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UNThe U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national security. "This protective intelligence investigation led …THEHACKERNEWS.COM