Cybersecurity
General cybersecurity news and analysis

Whisper 2FA: Exclusive Risky Phishing Threat
Think 2FA is foolproof? Researchers warn Whisper 2FA — a phishing‑as‑a‑service tool tied to roughly one million credential‑theft attempts since July 2025 — shows attackers can cheaply scale real‑time relay attacks, so phishing‑resistant authentication and layered defenses are now essential.

Apple Security Bounty: Stunning $2M Boost, Risky Win
Apple just put a price on silence — offering up to $2M (and over $5M with bonuses) for zero‑click exploits to lure researchers into legal disclosure, undercut mercenary spyware markets, and speed fixes that better protect users.

58-hour delay: Stunning £14m fine exposes risky lapse
The ICO fined Capita £14m after a 58‑hour delay in reporting a 2023 breach that exposed 6.6 million records — a stark reminder that slow incident response can magnify harm and erode public trust.

Patch Tuesday: Must-Have Critical Windows 10 Fixes
October’s Patch Tuesday fixes more than 170 CVEs — including six zero-days that were actively exploited — so now’s the time to prioritize updates, stage rollouts, and tighten layered defenses to keep attackers from turning those holes into a breach.

Windows 10 Critical Must-Have Final Security Update
Microsoft just shipped a final, critical Windows 10 update—patching 172 vulnerabilities (including three actively exploited)—so if you’re still on Windows 10, now’s the time to plan an upgrade, enable compensating controls, or secure paid support before unsupported systems become easy targets.

ArcGIS Server Stunning Risk: Backdoor Exposed
Think your network’s safe? Researchers say a China-linked group quietly turned an ArcGIS Server into a persistent backdoor for over a year, using it to move laterally and stash tools while going largely unnoticed. It’s a wake-up call to inventory exposed services, patch urgently, and add monitoring so hidden footholds don’t become strategic liabilities.

legacy Windows authentication: Must-Fix Risky Threat
Think your network’s locked? Resecurity warns that old Windows protocols like LM, NTLM and SMBv1 can hand attackers credential hashes — inventory, isolate, and migrate now before those easy paths are abused.

board-level readiness: Must-Have Critical Wake-Up
The NCSC and ministers have warned FTSE 350 chiefs that many boards are leaving the digital front door wide open—it’s time for executives to treat cyber as a strategic priority, not an IT problem. Stronger board-level accountability, realistic testing and smarter supplier checks can stop breaches from becoming boardroom crises.

ransomware attack: Exclusive Risky Breach Shakes Trust
Japan’s biggest brewer warns a recent ransomware attack may have reached customer databases — turning missed deliveries into a potential privacy crisis that tests corporate accountability and consumer trust.

built-in Firefox VPN: Must-Have Privacy Upgrade
Mozilla is inviting a small, random group of Firefox users to beta-test a built-in VPN — a move that could make strong, browser-level privacy effortless but also raises big questions about speed, jurisdiction, and transparency. Help shape whether Firefox’s integrated VPN becomes a trusted, user-friendly shield or just another half-measure.

ArcGIS application Stunning: Risky Year-Long Persistence
A security firm found China-aligned hackers living undetected inside a trusted ArcGIS mapping app for over a year, turning a vital tool into a stealthy espionage platform. The takeaway: even everyday operational software needs strict security, continuous monitoring, and zero trust—because convenience shouldn’t mean vulnerability.

threat hunting: Must-Have Best Defense Against Attacks
Posters and training are a great start, but real readiness comes from proactive threat hunting that finds attackers hiding in your systems before alerts do. Pairing strong user awareness with telemetry-driven, human-led hunts shortens dwell time and turns everyday vigilance into lasting defense.

RMPocalypse: Stunning Risky SEV‑SNP Threat
A tiny, targeted 8‑byte write dubbed RMPocalypse shows how a subtle hardware interaction can quietly break AMD’s SEV‑SNP confidential computing guarantees, forcing cloud operators and customers to scramble for patches and rethink trust. The exploit is a wake‑up call: small, elegant faults can have huge consequences, so defenders must harden validation, monitoring, and patch rollouts now.

cyber incidents Surge: Must-Have Defenses for Risky Times
Britain’s cyber agencies warn that although overall attack numbers stayed flat, high-severity incidents jumped about 50% in a year—fewer breaches are now causing far bigger damage. It’s a wake-up call for government, businesses and IT teams to harden defenses, rehearse responses and invest in resilience before the next catastrophic hit.

EU biometric border system: Stunning but Risky Launch
What was meant to speed travelers through the Schengen area instead triggered 90‑minute queues at Prague, as faulty scanners, integration hiccups and shaky fallback plans laid bare the risks of a rushed rollout. The episode is a wake‑up call: better testing, redundancy and clearer contingency training are needed if the EES is to win back travelers’ time — and trust.

Scattered Lapsus$ Hunters: Exclusive Risky Hiatus
After the FBI seized their site, teenage collective Scattered Lapsus$ Hunters vowed to go dark until 2026 — a defiant restart in a familiar retire-regroup-return cycle. Whether they stick to it or not, defenders should treat the pause as a chance to patch vulnerabilities, rotate credentials and strengthen defenses.

RMM software Must-Have Protections: Best Defenses
Remote monitoring tools like ScreenConnect make IT life easier—but when attackers hijack them through phishing or stolen credentials, that convenience becomes a powerful way to spread ransomware and steal data. Protect your RMM consoles with strong authentication, network segmentation, and vigilant monitoring before a single click turns into a network-wide crisis.

Stealit infostealer: Exclusive Dangerous VPN Threat
Think twice before installing that VPN or cracked game—attackers are hiding the Stealit info‑stealer inside trusted-looking installers to harvest passwords, cookies and crypto keys. Stick to official downloads, keep software updated, and watch for unusual app behavior to stay safe.

transition of care: Must-Have Best Practices
Caring for veterans means getting the handoff from military to civilian health care right — reliable records, seamless coordination, and secure telehealth make that possible. With practical fixes like interoperable EHRs, stronger care coordination, and a resilient workforce, we can honor service by delivering timely, equitable care when it matters most.

unmonitored JavaScript: Must-Have Fixes for Secure Holidays
This holiday season, tiny unmonitored JavaScript snippets are letting attackers skim cards and siphon credentials right from checkout pages while WAFs and IDS stay blind. Retailers need client‑side monitoring, script integrity checks, and tighter third‑party controls now — or risk thousands of compromised customers and shattered trust.

Apple bug bounty: Stunning $5M Boost — Best Move
Apple just doubled its top direct bug bounty and added bonuses that can push total payouts to $5M—a clear signal it’s serious about paying for the most dangerous fixes. That boost could speed patches, entice top researchers away from gray markets, and reshape how the industry rewards the people who keep our devices safe.

weaponizing Velociraptor: Exclusive Dangerous Alert
Attackers tied to Storm‑2603 are turning the trusted DFIR tool Velociraptor into a stealthy foothold for Warlock and LockBit ransomware, using its legit capabilities to map networks, harvest credentials and evade detection. That shift means defenders must double down on zero‑trust controls, behavioral telemetry and tighter agent governance — without breaking the very tools they rely on.

industrial control systems: Stunning Risky Honeypot Exposed
Researchers built a realistic fake water-utility honeypot that fooled a pro‑Russia hacktivist crew into bragging about an attack, revealing how online bravado can mask real impact while letting defenders safely harvest vital intelligence. The quiet takedown highlights both the power of deception to strengthen critical‑infrastructure security and the tricky legal and ethical questions it raises.

Payroll Pirate Crew: Exclusive Risky Threat to Campuses
Microsoft warns a cybercriminal group dubbed the Payroll Pirate Crew is targeting U.S. universities with phishing attacks that hijack HR systems to quietly reroute paychecks, leaving staff suddenly unpaid and campuses scrambling. Universities should tighten MFA, limit admin privileges, and require out‑of‑band verification for bank‑detail changes to protect employees and reputations.