Bitcoin Depot breach exposes data of nearly 27,000 crypto users
Bitcoin Depot, an operator of Bitcoin ATMs, is notifying customers of a data breach incident that has exposed their sensitive information. In the letter sent to affected individuals, the company informs that it first detected suspicious activity on its network...
Qantas tells customers what data was stolen during break-in • The Register
Qantas says that when cybercrooks attacked a "third party platform" used by the airline's contact center systems, they accessed the personal information and frequent flyer numbers of the "majority" of the circa 5.7 million people affected. The Aussie airline...
Microsoft’s first Patch Tuesday of 2025 with nothing hacked • The Register
For the first time this year, Microsoft has released a Patch Tuesday bundle with no exploited security problems, although one has been made public already, and there are ten critical flaws to fix. July's software flaw fix package includes 130 patches with none...
Samsung announces major security enhancements coming to One UI 8
Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android. Key highlights include the introduction of a system-level architecture named Knox Enhanced...
M&S confirms social engineering led to massive ransomware attack
M&S confirmed today that the retail outlet's network was initially breached in a "sophisticated impersonation attack" that ultimately led to a DragonForce ransomware attack. M&S chairman Archie Norman revealed this in a hearing with the UK Parliament's...
The cloud-native imperative for effective cyber resilience • The Register
Partner content Every organization is investing in cyberresilience tools, training, and processes. Unfortunately, only some of them will be able to successfully respond and recover from an attack. Regardless of how hard they work, many IT and security teams are...
Suspected Scattered Spider domains target multiple sectors • The Register
While the aviation industry has borne the brunt of Scattered Spider's latest round of social engineering attacks, the criminals aim to catch manufacturing and medical tech companies — and even Chipotle Mexican Grill — in tjeor web, as evidenced by hundreds of...
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage
A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies. According to Italian media ANSA,...
Public exploits released for Citrix Bleed 2 NetScaler flaw, patch now
Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. The...
CitrixBleed 2 exploits on the loose as orgs slow to patch • The Register
Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of users still haven't patched. CVE-2025-5777 is a 9.3 CVSS-rated...