by Syndicated News Feed | Oct 24, 2025 | IT Security
A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE). WordPress security firm Wordfence says that it...
by Syndicated News Feed | Oct 24, 2025 | IT Security
Microsoft fixed a security hole in Microsoft 365 Copilot that allowed attackers to trick the AI assistant into stealing sensitive tenant data – like emails – via indirect prompt injection attacks. But the researcher who found and reported the bug to Redmond...
by Syndicated News Feed | Oct 24, 2025 | IT Security
Attackers are now exploiting a critical-severity Windows Server Update Service (WSUS) vulnerability, which already has publicly available proof-of-concept exploit code. Tracked as CVE-2025-59287, this remote code execution (RCE) flaw affects only Windows servers with...
by Syndicated News Feed | Oct 24, 2025 | IT Security
Amazon says a major DNS failure was behind a massive AWS (Amazon Web Services) outage that took down many websites and online services on Monday. As BleepinComputer reported earlier this week, this incident impacted a critical Northern Virginia data center in the...
by Syndicated News Feed | Oct 24, 2025 | IT Security
LastPass is warning customers of a phishing campaign sending emails with an access request to the password vault as part of a legacy inheritance process. The activity started in mid-October, and the domains and infrastructure used point to a financially motivated...
by Syndicated News Feed | Oct 24, 2025 | IT Security
We all need to reset our passwords occasionally, whether it’s due to a simple memory lapse or wider security concerns. However, the process can rack up surprising expenses for organizations. This means self-service password resets (SSPR) aren’t just a ‘nice to have’,...
by Syndicated News Feed | Oct 24, 2025 | IT Security
Starting next month, Mozilla will require Firefox extension developers to disclose whether their add-ons collect or share user data with third parties. The devs will be required to disclose any new extension’s data practices in the manifest.json file using a...
by Syndicated News Feed | Oct 24, 2025 | IT Security
Microsoft has released an out-of-band update to patch a critical vulnerability in Windows Server Update Services (WSUS). The update addresses CVE-2025-59287″>CVE-2025-59287, a remote code execution flaw affecting Windows Server versions 2012 through 2025. The...
by Syndicated News Feed | Oct 24, 2025 | IT Security
UK Prime Minister Keir Starmer has relaunched his digital ID scheme as something that will make people’s lives easier, less than four weeks after announcing it as a measure to tackle illegal working. Digital ID will be compulsory for anyone taking a new job...
by Syndicated News Feed | Oct 24, 2025 | IT Security
US defense technology biz Shield AI claims it can build a jet-powered vertical take-off and landing (VTOL) autonomous fighter drone that doesn’t need a runway to operate. The California-based biz this week unveiled a mock-up of its X-BAT aircraft at an event...
