Cybersecurity
General cybersecurity news and analysis

Payroll Pirate Crew: Exclusive Risky Threat to Campuses
Microsoft warns a cybercriminal group dubbed the Payroll Pirate Crew is targeting U.S. universities with phishing attacks that hijack HR systems to quietly reroute paychecks, leaving staff suddenly unpaid and campuses scrambling. Universities should tighten MFA, limit admin privileges, and require out‑of‑band verification for bank‑detail changes to protect employees and reputations.

CVE-2025-10035: Stunning Critical Timeline Exposed
Fortra’s timeline reveals CVE-2025-10035 in GoAnywhere MFT was actively exploited from at least Sept. 11, 2025 — a wake-up call to patch immediately, audit transfer logs, and lock down MFT servers before attackers move laterally or steal data.

AI Vulnerability Reward Program: Exclusive $30K Best Win
Google’s new AI Vulnerability Reward Program offers up to $30,000 to researchers who responsibly report model flaws — a smart, practical move to incentivize fixes, curb abuse, and make AI safer for everyone.

AI SOC: Must-Have Guide to Best (and Risky) Platforms
By 2026 SOCs will run as much on software agents as on analysts, with copilots, autonomous agents, and hybrid platforms transforming detection, response, and who holds decision authority. Pick tools that speed response but also deliver clear explainability, strong governance, and real adversarial testing so automation amplifies human wisdom instead of human error.

malicious npm packages: Stunning Critical Threat Revealed
Researchers uncovered Beamglea — 175 malicious npm packages downloaded about 26,000 times — that quietly hosted credential‑harvesting phishing campaigns against 135+ organizations, a stark reminder that the convenience of open-source packages can become a gateway for large‑scale theft.

Oracle E-Business Suite Risky: Must-Have Breach Guide
Google’s Threat Analysis Group says the Clop ransomware gang accessed a large volume of data from Oracle E-Business Suite — a wake-up call for any org that hasn’t checked who holds the keys to its crown jewels. Now’s the time to hunt for shadow EBS instances, tighten access, and patch or segment vulnerable systems before attackers turn stolen data into extortion.

water utility attack: Exclusive Risky Honeypot Revelation
Security researchers watched a pro‑Russia hacktivist group walk straight into a lifelike water‑utility honeypot, giving defenders a rare, risk‑free look at their reconnaissance and tools. That intel shows how deception can turn attacker curiosity into actionable defenses—vital for protecting water systems that, if disrupted, could threaten public safety.

firewall configuration backup files: Stunning Risk Exposed
SonicWall says cloud-stored firewall backups were accessed — and even encrypted configuration files can give attackers a dangerous roadmap to your network. Act now: audit affected devices, rotate credentials, enable MFA, and tighten management access to close the window for targeted attacks.

cloud backups Risky: Stunning SonicWall Breach Exposes All
Imagine your firewall’s master keys were left exposed — that’s what SonicWall customers discovered after the vendor revised its estimate from 5% to 100% of cloud backups affected, potentially exposing VPN credentials and network topology. If you used SonicWall cloud backups, inventory impacted devices, rotate credentials, and assume the worst while you await forensic details.

public Wi‑Fi Must-Have Security: Best Practices
Free public Wi‑Fi brings huge civic benefits—but every hotspot is also a potential entry point for attackers, so CISOs must balance easy access with strong defenses. Prioritize segmentation, modern authentication, vendor controls, and clear public onboarding so communities stay connected without exposing municipal systems or citizen data.

AI browsers Risky: Stunning Security Wake-Up
A new SquareX Labs analysis warns that AI browsers—promising smarter, hands‑free browsing—may open fresh security gaps by blending models, plugins and persistent state, creating new attack surfaces for credential theft and model poisoning. Users and enterprises should treat AI-driven suggestions cautiously and push for stronger sandboxing, permission controls and oversight before convenience outpaces safety.

ClayRat spyware: Exclusive Risky Android Threat
Imagine a trusted Telegram app secretly scanning your messages, recording calls and sending everything off-device — that’s exactly what the new ClayRat spyware campaign is doing by spreading fake Android APKs through Telegram channels. Avoid sideloading, tighten app permissions, and treat APK links with suspicion to stop your phone from becoming a surveillance tool.

cloud backup service Risky Breach: Must-Have Fixes
SonicWall says attackers accessed cloud backup files holding encrypted firewall credentials and configs — turning the safety net meant to speed recovery into a potential roadmap for targeted attacks. If you used their Cloud Backup, assume exposure: rotate keys and credentials, review firewall and VPN access, and verify your backups and key management now.

observability and threat hunting: Must-Have Critical Fixes
The NCSC warns many organisations are blind to attackers already inside their networks and is urging urgent improvements in observability and threat hunting. Its practical guidance shows how better telemetry, retention and detection engineering can help teams find, contain and recover from breaches faster.

Windows 10 end-of-life: Must-Have Guide to Risky Exposure
Microsoft ends Windows 10 security updates mid‑October, yet roughly 40% of endpoints still run it — leaving millions of devices exposed. Now’s the time to inventory systems, prioritize upgrades, or put strong compensating controls in place before the updates stop.

authentication bypass: Critical, Dangerous Exploit
Thousands of WordPress sites are at risk after a critical authentication bypass (CVE-2025-5947, CVSS 9.8) in the Service Finder theme and bundled Bookings plugin is being actively exploited — attackers can log in as any user, including admins. If you run that theme, update or disable it now, audit for signs of compromise, and restore from clean backups if needed.

extortion attempt: Exclusive Risky Refusal Shakes Trust
When an extortionist claimed nearly a billion Salesforce records were stolen, the company made a bold choice: no negotiation, no payment. That stance forces customers and the industry to balance short-term harm against the long-term need to deter cybercrime.

WordPress themes and plugins: Risky Must-Have Fix
A routine verification prompt can hide a dangerous trap: attackers are hijacking WordPress themes and plugins to inject stealthy JavaScript that redirects visitors to convincing phishing pages. Keep themes and plugins updated, use strong admin controls and a WAF, and vet all extensions to stop these silent, high-impact compromises before they spread.

automated license-plate readers: Stunning Privacy Risk
Retired Navy veteran Lee Schmidt and co-plaintiff Crystal Arrington say they were tracked hundreds of times by Flock’s automated license-plate readers, sparking a federal lawsuit that asks whether neighborhood safety tools have quietly become mass surveillance. As courts and communities wrestle with warrantless access, the case highlights how searchable location logs can map our every move — and why many call for stronger limits and transparency.

PHP web shells: Exclusive Alert – Dangerous Campaign
A new campaign is exploiting unpatched PHP web apps to plant web shells and deploy Nezha and Ghost RAT for fast, persistent access — a clear reminder to patch, harden, and monitor your web-facing systems now.

Chat Control: Stunning German Win vs Risky EU Plan
Germany has put the brakes on the EU’s controversial “Chat Control” device‑scanning plan, turning a behind‑closed‑doors tech debate into a public showdown over encryption, privacy and how far governments should go to fight child abuse. Its opposition could stall client‑side scanning and forces Brussels to choose whether to prioritize citizens’ privacy or new surveillance powers.

Embed AI Now: Must-Have Fix to Reduce Risk
AI can find vulnerabilities in seconds but also flood teams with noisy alerts — embedding AI thoughtfully with context-aware scoring, human-in-the-loop checks, and better telemetry turns automation into a force-multiplier that speeds remediation and reduces risk.

Met Police arrest two teens: Shocking Risky Warning
Two 17‑year‑olds have been arrested after a cyber-attack on Kido nurseries exposed sensitive staff and parent data — a stark reminder that even childcare providers need stronger security, clear answers and better protections for families now.

pasting personally identifiable information: Risky Stunning
We keep pasting customer names, order numbers and card details into ChatGPT because it’s fast — but one casual prompt can lead to fines, fraud and lost trust. Make safe AI the easy choice: use sanctioned tools, DLP and clear rules before your next prompt.