by Syndicated News Feed | Sep 25, 2025 | IT Security
Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms. XCSSET is a...
by Syndicated News Feed | Sep 25, 2025 | IT Security
North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools, including a backdoor that has much of the same code as Pyongyang’s infamous Lazarus Group deploys. In a white paper [PDF] presented at...
by Syndicated News Feed | Sep 25, 2025 | IT Security
The Co-operative Group in the U.K. released its interim financial results report for the first half of 2025 with a massive loss in operating profit of £80 million ($107 million) due to the cyberattack it suffered last April. The impact is analyzed into two categories,...
by Syndicated News Feed | Sep 25, 2025 | IT Security
Cisco has confirmed a new IOS and IOS XE zero-day, the latest in a string of flaws that attackers have been quick to weaponize. Cisco’s IOS, the networking software workhorse running across countless switches and routers, has long been a punching bag for...
by Syndicated News Feed | Sep 24, 2025 | IT Security
Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images. Supermicro is a maker of servers, motherboards, and data center hardware. BMC is a...
by Syndicated News Feed | Sep 24, 2025 | IT Security
OpenAI is internally testing a new version of its AI agent, which uses a special version of GPT-5 dubbed “GPT-Alpha.” Earlier today, OpenAI accidentally pushed an unreleased feature to everyone. As you can see in the above screenshot shared on X, the new...
by Syndicated News Feed | Sep 24, 2025 | IT Security
The Python Software Foundation warned users of a new string of phishing attacks using a phony Python Package Index (PyPI) website and asking victims to verify their account or face suspension, and advised anyone who did provide their credentials to change their...
by Syndicated News Feed | Sep 24, 2025 | IT Security
Unknown intruders – likely China-linked spies – have broken into “numerous” enterprise networks since March and deployed backdoors, providing access for their long-term IP and other sensitive data stealing missions, all the while remaining undetected on...
by Syndicated News Feed | Sep 23, 2025 | IT Security
US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals. Boyd Gaming is a public US...
by Syndicated News Feed | Sep 23, 2025 | IT Security
A survey of cybersecurity bosses has shown that 62 percent reported attacks on their staff using AI over the last year, either by the use of prompt injection attacks or faking out their systems using phony audio or video generated by AI. The most common attack vector...
