by Syndicated News Feed | Oct 28, 2025 | IT Security
Here’s what to know about a recent spin on an insider threat – fake North Korean IT workers infiltrating western firms 28 Oct 2025 • , 5 min. read Back in July 2024, cybersecurity vendor KnowBe4 began to observe suspicious activity linked to a new hire. The...
by Syndicated News Feed | Oct 27, 2025 | IT Security
More threat intel teams are sounding the alarm about a critical Windows Server Update Services (WSUS) remote code execution vulnerability, tracked as CVE-2025-59287 and now under active exploitation, just days after Microsoft pushed an emergency patch and the US...
by Syndicated News Feed | Oct 27, 2025 | IT Security
Google was once again forced to announce that it had not suffered a data breach after numerous news outlets published sensational stories about a fake breach that purportedly exposed 183 million accounts. This claim began over the weekend and into today, with news...
by Syndicated News Feed | Oct 27, 2025 | IT Security
X is warning that users must re-enroll their security keys or passkeys for two-factor authentication (2FA) before November 10 or they will be locked out of their accounts until they do so. In a series of posts on X, the company says this change only affects users who...
by Syndicated News Feed | Oct 27, 2025 | IT Security
Iran’s school for state-sponsored cyberattackers admits it suffered a breach exposing the names and other personal information of its associates and students. The Ravin Academy was established in 2019, ostensibly to train individuals in all facets of...
by Syndicated News Feed | Oct 27, 2025 | IT Security
The Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its catalog of security flaws exploited in attacks. Tracked as...
by Syndicated News Feed | Oct 26, 2025 | IT Security
The United Nations on Saturday staged a signing ceremony for the Convention against Cybercrime, the world’s first agreement to combat online crime. And while 72 nations picked up the pen, critics continue to point out the convention’s flaws. The Convention took five...
by Syndicated News Feed | Oct 25, 2025 | IT Security
A new phishing technique dubbed ‘CoPhish’ weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. The technique was developed by researchers at Datadog Security Labs, who warned...
by Syndicated News Feed | Oct 25, 2025 | IT Security
The UK’s Home Secretary should use her powers to push the tech industry to deploy stronger technical measures against the surge in phone thefts, according to a House of Commons committee. Metropolitan Police figures show 117,211 phones were stolen during 2024,...
by Syndicated News Feed | Oct 24, 2025 | IT Security
A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE). WordPress security firm Wordfence says that it...
