MATLOCK.CA
94Articles
9Categories
2025-09-24Date
🐛
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability
THEHACKERNEWS.COM — 24 Sep 2025
🐛
CISA Issues Alert on Actively Exploited Google Chrome 0-Day Vulnerability
KEVGBHACKERS.COM — 24 Sep 2025
🐛
Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers
SECURITYWEEK.COM — 24 Sep 2025
🐛
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
THEHACKERNEWS.COM — 24 Sep 2025
🐛
Salesforce CLI Installer Flaw Lets Attackers Run Code and Gain SYSTEM-Level Access
GBHACKERS.COM — 24 Sep 2025
🐛
OnePlus OxygenOS Vulnerability Lets Apps Access SMS Data Without User Permission
GBHACKERS.COM — 24 Sep 2025
🐛
Attackers Exploit BMC Firmware Vulnerabilities to Bypass Signature Verification
GBHACKERS.COM — 24 Sep 2025
🐛
Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models
THEHACKERNEWS.COM — 24 Sep 2025
🐛
OnePlus leaves researchers on read over Android bug that exposes texts: Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up
SH.ITJUST.WORKS — 24 Sep 2025
🐛
CVE-2025-55322 OmniParser Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 24 Sep 2025
⚠️
Application Security Posture Management – ein Kaufratgeber
CSOONLINE.COM — 24 Sep 2025
⚠️
5 questions CISOs should ask vendors
CSOONLINE.COM — 24 Sep 2025
⚠️
Rearchitecting Systems for Privacy as AI Agents Force You to Rethink Security - Guilla... - BSW #414
YOUTUBE.COM — 2025-09-24
⚠️
Critical DNN Platform Vulnerability Let Attackers Execute Malicious Scripts
GBHACKERS.COM — 24 Sep 2025
⚠️
CISA Reveals Hackers Breached U.S. Federal Agency via GeoServer RCE Flaw
GBHACKERS.COM — 24 Sep 2025
⚠️
Macs go phishing as GitHub impostors drop Atomic stealer
CSOONLINE.COM — 24 Sep 2025
⚠️
What I learned extending zero trust to the storage layer
CSOONLINE.COM — 24 Sep 2025
⚠️
Chromium-Based Browsers in Windows Domains Vulnerable to Arbitrary Extension Loads
GBHACKERS.COM — 24 Sep 2025
⚠️
GeoServer Flaw Exploited in US Federal Agency Hack
SECURITYWEEK.COM — 24 Sep 2025
⚠️
New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus
THEHACKERNEWS.COM — 24 Sep 2025
⚠️
iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks
KEVTHEHACKERNEWS.COM — 24 Sep 2025
⚠️
CISA says hackers breached federal agency using GeoServer exploit
SH.ITJUST.WORKS — 24 Sep 2025
⚠️
Attackers Use Domain Fronting to Tunnel Malicious Traffic via Google Meet, YouTube and Chrome Update Servers
GBHACKERS.COM — 24 Sep 2025
⚠️
Multiple Apps on Google’s Firebase Platform Exposing Sensitive Data
GBHACKERS.COM — 24 Sep 2025
⚠️
UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors
THEHACKERNEWS.COM — 24 Sep 2025
⚠️
Police seizes $439 million stolen by cybercrime rings worldwide
BLEEPINGCOMPUTER.COM — 24 Sep 2025
⚠️
Exploit Attempts Against Older Hikvision Camera Vulnerability, (Wed, Sep 24th)
ISC.SANS.EDU — 24 Sep 2025
⚠️
Unpatched flaw in OnePlus phones lets rogue apps text messages
BLEEPINGCOMPUTER.COM — 24 Sep 2025
⚠️
Cisco warns of IOS zero-day vulnerability exploited in attacks
BLEEPINGCOMPUTER.COM — 24 Sep 2025
⚠️
Retail at risk: How one alert uncovered a persistent cyberthreat​​
MICROSOFT.COM — 24 Sep 2025
⚠️
Decoupled SIEM: Where I Think We Are Now?
MEDIUM.COM — 24 Sep 2025
⚠️
Smashing Security podcast #436: The €600,000 gold heist, powered by ransomware
GRAHAMCLULEY.COM — 24 Sep 2025
📋
Chrome High-severity Flaws Expose Sensitive Data, Trigger System Crashes
GBHACKERS.COM — 24 Sep 2025
📋
SonicWall Issues Emergency Patch to Remove ‘OVERSTEP’ Rootkit Malware on SMA Devices
GBHACKERS.COM — 24 Sep 2025
📋
SonicWall Updates SMA 100 Appliances to Remove Overstep Malware
SECURITYWEEK.COM — 24 Sep 2025
📢
Google Chrome security advisory (AV25-615)
CYBER.GC.CA — 2025-09-24
📢
Drupal security advisory (AV25-617)
CYBER.GC.CA — 2025-09-24
📢
Cisco security advisory (AV25-616)
CYBER.GC.CA — 2025-09-24
📢
HPE security advisory (AV25-618)
CYBER.GC.CA — 2025-09-24
🔥
GitHub's NPM Lockdown, Deep Fake Threats, and Yellowknife's Cyber Incident: Cybersecurity Today
CYBERSECURITYTODAY.LIBSYN.COM — 24 Sep 2025
🔥
Jaguar Land Rover Factory Reopening Delayed After Cyber Attack
GBHACKERS.COM — 24 Sep 2025
🔥
Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
INFOSEC.PUB — 24 Sep 2025
🔥
Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
SH.ITJUST.WORKS — 24 Sep 2025
🔥
Bouygues Telecom - 5,685,771 breached accounts
HAVEIBEENPWNED.COM — 24 Sep 2025
🔥
Allianz: Cyberabwehr hilft – Hacker suchen leichtere Beute
CSOONLINE.COM — 24 Sep 2025
🔥
Nach Cyberangriff: IT-Störung in Hoppegarten dauert an
CSOONLINE.COM — 24 Sep 2025
🔥
The Ransomware Speed Crisis
PALOALTONETWORKS.COM — 24 Sep 2025
🔥
EV Charging Provider Confirm Data Breach - Customers Personal Data Exposed
SH.ITJUST.WORKS — 24 Sep 2025
🔥
European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested
SECURITYWEEK.COM — 24 Sep 2025
🔥
UK police arrest man linked to ransomware attack that caused airport disruptions in Europe
TECHCRUNCH.COM — 24 Sep 2025
🔥
New YiBackdoor Allows Attackers to Execute Arbitrary Commands and Exfiltrate Sensitive Data from Hacked Systems
SH.ITJUST.WORKS — 24 Sep 2025
🔥
UK Police Arrest Suspect Tied to Ransomware Attack on European Airports
GBHACKERS.COM — 24 Sep 2025
🔥
UK arrests suspect for RTX ransomware attack causing airport disruptions
BLEEPINGCOMPUTER.COM — 24 Sep 2025
🔥
Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads
GBHACKERS.COM — 24 Sep 2025
🔥
Hackers Target Casino Operator Boyd Gaming
SECURITYWEEK.COM — 24 Sep 2025
🔥
Obscura, an obscure new ransomware variant
BLEEPINGCOMPUTER.COM — 24 Sep 2025
🔥
INC ransomware: what you need to know
FORTRA.COM — 24 Sep 2025
🔥
This Is How Your LLM Gets Compromised
TRENDMICRO.COM — 24 Sep 2025
🔥
Domino Effect: How One Vendor's AI App Breach Toppled Giants
TRENDMICRO.COM — 24 Sep 2025
🕵️
ISC Stormcast For Wednesday, September 24th, 2025 https://isc.sans.edu/podcastdetail/9626, (Wed, Sep 24th)
ISC.SANS.EDU — 24 Sep 2025
🕵️
New “YiBackdoor” Malware Lets Hackers Run Commands and Steal Data
GBHACKERS.COM — 24 Sep 2025
🕵️
ShadowV2 Botnet Infects AWS Docker Containers to Launch DDoS Campaign
GBHACKERS.COM — 24 Sep 2025
🕵️
Kali Linux 2025.3 Launches With Fresh Features and 10 New Pentesting Tools
GBHACKERS.COM — 24 Sep 2025
🕵️
North Korean IT Worker Gains Access to Organization’s Network Through Innocent Job Application
GBHACKERS.COM — 24 Sep 2025
🕵️
RainyDay, Turian and Naikon Malwares Abuse DLL Search Order to Execute Malicious Loaders
GBHACKERS.COM — 24 Sep 2025
🕵️
Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps
SECURITYWEEK.COM — 24 Sep 2025
🕵️
GitHub Boosting Security in Response to NPM Supply Chain Attacks
SECURITYWEEK.COM — 24 Sep 2025
🕵️
Banking Trojans Targeting Android Users Disguise as Government and Trusted Payment Apps
GBHACKERS.COM — 24 Sep 2025
🕵️
US Disrupts Massive Cell Phone Array in New York
SCHNEIER.COM — 2025-09-24
🕵️
How One Bad Password Ended a 158-Year-Old Business
THEHACKERNEWS.COM — 24 Sep 2025
🕵️
Russian Disinformation Campaign Targets Moldova’s Upcoming Elections
GBHACKERS.COM — 24 Sep 2025
🕵️
NPM package caught using QR Code to fetch cookie-stealing malware
SH.ITJUST.WORKS — 24 Sep 2025
🕵️
AI vs. AI: Detecting an AI-obfuscated phishing campaign
MICROSOFT.COM — 24 Sep 2025
🕵️
Weaponized Malware: GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and More
GBHACKERS.COM — 24 Sep 2025
🕵️
ShadowV2 Botnet Infects AWS Docker Containers to Launch DDoS Campaign
SH.ITJUST.WORKS — 24 Sep 2025
🕵️
Google: Brickstone malware used to steal U.S. orgs' data for over a year
BLEEPINGCOMPUTER.COM — 24 Sep 2025
🕵️
What are You Working on Wednesday
INFOSEC.PUB — 24 Sep 2025
🕵️
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
INFOSEC.PUB — 24 Sep 2025
🕵️
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
SH.ITJUST.WORKS — 24 Sep 2025
🕵️
Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike
THEHACKERNEWS.COM — 24 Sep 2025
🕵️
Google: Brickstorm malware used to steal U.S. orgs' data for over a year
BLEEPINGCOMPUTER.COM — 24 Sep 2025
🕵️
Accelerating adoption of AI for cybersecurity at DEF CON 33
SECURITY.GOOGLEBLOG.COM — 2025-09-24
🌐
QR codes become the vehicle for malware in new technique
INFOWORLD.COM — 24 Sep 2025
🌐
New Supermicro BMC flaws can create persistent backdoors
BLEEPINGCOMPUTER.COM — 24 Sep 2025
🎙️
Risky Business #808 -- Insane megabug in Entra left all tenants exposed
RISKY.BIZ — 24 Sep 2025
📡
Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms
KREBSONSECURITY.COM — 24 Sep 2025
📡
GitHub notifications abused to impersonate Y Combinator for crypto theft
BLEEPINGCOMPUTER.COM — 24 Sep 2025
📡
PyPI urges users to reset credentials after new phishing attacks
BLEEPINGCOMPUTER.COM — 24 Sep 2025
📡
Lovense ignored app vulnerabilities for eight years | Kaspersky official blog
KASPERSKY.COM — 24 Sep 2025
📡
Step into the future: The full AI Stage at TechCrunch Disrupt 2025
TECHCRUNCH.COM — 24 Sep 2025
📡
Helping OT Organizations to Establish Defensible Architecture and More Resilient Operations
CISA.GOV — Wed, 24 Sep 25 1
📡
Kali Linux 2025.3 released with 10 new tools, wifi enhancements
BLEEPINGCOMPUTER.COM — 24 Sep 2025
📡
Neon, the No. 2 social app on the Apple App Store, pays users to record their phone calls and sells data to AI firms
TECHCRUNCH.COM — 24 Sep 2025
📡
OpenAI is testing a new GPT-5-based AI agent "GPT-Alpha"
BLEEPINGCOMPUTER.COM — 24 Sep 2025