Infosec In Brief A critical vulnerability in the on-prem version of Trend Micro's Apex One endpoint security platform is under active exploitation, the company admitted last week, and there's no patch available. Trend Micro last week warned Apex One 2019...

def con A DEF CON hacker walks into a small-town water facility…no, this is not the setup for a joke or a (super-geeky) odd-couple rom-com. It's a true story that happened at five utilities across four states. And now, nine months into providing free...

Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. "We're writing to let you know about an event that affected a limited set of data in one of Google's...

Sixty malicious Ruby gems containing credential-stealing code have been downloaded over 275,000 times since March 2023, targeting developer accounts. The malicious Ruby gems were discovered by Socket, which reports they targeted primarily South Korean users of...

OpenAI's CEO, Sam Altman, overpromised on GPT-5, and real-life results are underwhelming, but it looks like a new update is rolling out that might address some of the concerns. GPT-5 is a state-of-the-art model. In our tests, BleepingComputer found that GPT-5...

A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was fixed in WinRAR 7.13, which allows specially crafted archives...

DEF CON A cache of documents uncovered by Vanderbilt University has revealed disturbing details about how a Chinese company is building up a database of US politicians and influencers with whom to share propaganda. A Vanderbilt security researcher says...

Americans aged 60 and older lost a staggering $700 million to online scams in 2024, marking a sharp rise in fraud targeting seniors, according to the Federal Trade Commission. This figure, presented in the agency's latest Consumer Protection Data Spotlight,...

As Trixie gets ready to début, a little-known app is hogging the limelight: StarDict, which sends whatever text you select, unencrypted, to servers in China. A discussion on the oss-security mailing list on OpenWall highlights an interesting feature of an...

A sky-high premium may not always reflect your company’s security posture 08 Aug 2025  •  , 3 min. read When a cyber risk insurance quote lands on your desk and the premium is sky high, it’s natural to assume that the insurer is judging your environment to be...