SecOps News

Get this as an RSS feed

  • Anthropic chucks chump change at studies on job-killing tech (7 hours ago)
  • Crims are posing as insurance companies to steal health records and payment info (8 hours ago)
  • Uncle Sam wants you – to use memory-safe programming languages (11 hours ago)
  • Fed chair Powell says AI is coming for your job (12 hours ago)
  • Scattered Spider hackers shift focus to aviation, transportation firms (12 hours ago)
  • Cisco punts network-security integration as key for agentic AI (13 hours ago)
  • Aloha, you’ve been pwned: Hawaiian Airlines discloses ‘cybersecurity event’ (14 hours ago)
  • Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black (14 hours ago)
  • Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign (15 hours ago)
  • Russia’s throttling of Cloudflare makes sites inaccessible (15 hours ago)
  • So you CAN turn an entire car into a video game controller (15 hours ago)
  • Citrix Bleed 2 flaw now believed to be exploited in attacks (16 hours ago)
  • In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update (17 hours ago)
  • Data spill in aisle 5: Grocery giant Ahold Delhaize says 2.2M affected after cyberattack (17 hours ago)
  • PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack (17 hours ago)
  • Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage (19 hours ago)
  • The network is indeed trying to become the computer (19 hours ago)
  • Business Case for Agentic AI SOC Analysts (20 hours ago)
  • SafePay ransomware: What you need to know (20 hours ago)
  • The year of the European Union Linux desktop may finally arrive (20 hours ago)
  • Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit (20 hours ago)
  • RevEng.ai Raises $4.15 Million to Secure Software Supply Chain (21 hours ago)
  • Chinese Hackers Target Chinese Users With RAT, Rootkit (21 hours ago)
  • Retail giant Ahold Delhaize says data breach affects 2.2 million people (22 hours ago)
  • Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability (22 hours ago)
  • Vulnerability Exposed All Open VSX Repositories to Takeover (22 hours ago)
  • Microsoft 365 Direct Send Abused for Phishing (23 hours ago)
  • MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted (23 hours ago)
  • Windows 11 KB5060829 update released with 38 new changes, fixes (23 hours ago)
  • OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors (1 days ago)
  • HPE customers on agentic AI: No, you go first (1 days ago)
  • Whole Foods supplier UNFI restores core systems after cyberattack (1 days ago)
  • Hawaiian Airlines discloses cyberattack, flights not affected (1 days ago)
  • More trouble for authors as Meta wins Llama drama AI scraping case (1 days ago)
  • Disruption with some GitHub services (1 days ago)
  • FTC approves $126 million in Fortnite refunds over ‘dark patterns’ (1 days ago)
  • Back in black: Microsoft Blue Screen of Death is going dark (1 days ago)
  • FBI used bitcoin wallet records to peg notorious IntelBroker as UK national (1 days ago)
  • What if Microsoft just turned you off? Security pro counts the cost of dependency (1 days ago)
  • What if Microsoft just turned you off? Security pro counts the cost of dependency (1 days ago)
  • Brother printer bug in 689 models exposes default admin passwords (1 days ago)
  • GitHub Enterprise Importer delays (1 days ago)
  • Cisco fixes two critical make-me-root bugs on Identity Services Engine components (1 days ago)
  • Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks (1 days ago)
  • Bipartisan Bill Aims to Block Chinese AI From Federal Agencies (1 days ago)
  • Exif marks the spot as fresh version of PNG image standard arrives (1 days ago)
  • Ex-student charged over hacking university for cheap parking, data breaches (1 days ago)
  • Cisco warns of max severity RCE flaws in Identity Services Engine (1 days ago)
  • The SmartNIC revolution fell flat, but AI might change that (1 days ago)
  • Gridlocked: AI’s power needs could short-circuit US infrastructure (1 days ago)
  • Man pleads guilty to hacking networks to pitch security services (1 days ago)
  • 3 key takeaways from the Scattered Spider attacks on insurance firms (1 days ago)
  • Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access (1 days ago)
  • New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks (1 days ago)
  • Kaseya CEO: Why AI adoption is below industry expectations (1 days ago)
  • Man Who Hacked Organizations to Advertise Security Services Pleads Guilty (1 days ago)
  • Glasgow City Council online services crippled following cyberattack (1 days ago)
  • Qilin ransomware attack on NHS supplier contributed to patient fatality (1 days ago)
  • The Hidden Risks of SaaS: Why Built-In Protections Aren’t Enough for Modern Data Resilience (1 days ago)
  • OpenDylan sheds some parentheses in 2025.1 update (1 days ago)
  • UK to buy nuclear-capable F-35As that can’t be refueled from RAF tankers (1 days ago)
  • Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks (1 days ago)
  • Frozen foods supermarket chain deploys facial recognition tech (1 days ago)
  • Frozen foods supermarket chain deploys facial recognition tech (1 days ago)
  • Top AI models - even American ones - parrot Chinese propaganda, report finds (1 days ago)
  • Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa (1 days ago)
  • That WhatsApp from an Israeli infosec expert could be a Iranian phish (2 days ago)
  • CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet (2 days ago)
  • Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title - Tag (2 days ago)
  • WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews (2 days ago)
  • Japanese company using mee-AI-ow to detect stressed cats (2 days ago)
  • Smashing Security podcast #423: Operation Endgame, deepfakes, and dead slugs (2 days ago)
  • Citrix bleeds again: This time a zero-day exploited - patch now (2 days ago)
  • Amazon’s Ring can now use AI to ‘learn the routines of your residence’ (2 days ago)
  • Cosmoe: New C++ toolkit for building native Wayland apps (2 days ago)
  • Computer vision research feeds surveillance tech as patent links spike 5× (2 days ago)
  • Supply chain attacks surge with orgs ‘flying blind’ about dependencies (2 days ago)
  • nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery (2 days ago)
  • Hyperscalers to eat 61% of global datacenter capacity by decade’s end (2 days ago)
  • French cybercrime police arrest five suspected BreachForums admins (2 days ago)
  • Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC (2 days ago)
  • CloudBees CEO says customers are slowing down on ‘black box’ code from AIs (2 days ago)
  • Robinsons Malls - 195,597 breached accounts (2 days ago)
  • Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure (2 days ago)
  • Microsoft dangles extended Windows 10 support in exchange for Reward Points (2 days ago)
  • Anthropic: All the major AI models will blackmail us if pushed hard enough (2 days ago)
  • Germany asks if US hyperscalers hold keys to AI kingdom (2 days ago)
  • Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games (2 days ago)
  • Beware the Hidden Risk in Your Entra Environment (2 days ago)
  • Brit politicians question Fujitsu’s continued role in public sector contracts (2 days ago)
  • UK govt dept website that campaigns against encryption hijacked to advertise … payday loans (2 days ago)
  • Cybercrime is surging across Africa (2 days ago)
  • SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks (2 days ago)
  • Bank of England expands data and cloud framework by £26.7 million after revising data strategy (2 days ago)
  • North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages (2 days ago)
  • Have Fun Teaching - 27,126 breached accounts (3 days ago)
  • Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options (3 days ago)
  • Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack (3 days ago)
  • New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public (3 days ago)
  • Beware of fake SonicWall VPN app that steals users’ credentials (3 days ago)
  • How to Write a GDPR Data Privacy Notice – Updated Guide and Template for 2025 (3 days ago)
  • The vulnerability management gap no one talks about (3 days ago)
  • The AI Fix #56: ChatGPT traps man in a cult of one, and AI is actually stupid (3 days ago)
  • Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue (3 days ago)
  • Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers (3 days ago)
  • Aflac, one of the USA’s largest insurers, is the latest to fall “under siege” to hackers (3 days ago)
  • Repository Navigation Bar Missing in GitHub Enterprise Cloud (3 days ago)
  • Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt (3 days ago)
  • Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address (4 days ago)
  • CVE-2025-32978 - Quest KACE SMA Unauthenticated License Replacement (4 days ago)
  • CVE-2025-32977 - Quest KACE Unauthenticated Backup Upload (4 days ago)
  • CVE-2025-32976 - Quest KACE SMA 2FA Bypass (4 days ago)
  • CVE-2025-32975 - Quest KACE SMA Authentication Bypass (4 days ago)
  • RansomLord (NG v1.0) anti-ransomware exploit tool (4 days ago)
  • Disclosure Yealink Cloud vulnerabilities (4 days ago)
  • Typhoon-like gang slinging TLS certificate ‘signed’ by the Los Angeles Police Department (4 days ago)
  • Marks & Spencer ransomware attack was good news for other retailers (4 days ago)
  • Twitter refuses to explain what it’s doing about hate speech and misinformation, sues New York State for asking (4 days ago)
  • Weekly Update 457 (6 days ago)
  • Krispy Kreme hack exposed sensitive data of over 160,000 people (7 days ago)
  • The Critical Role of a DPO: Why Outsourcing is the Smart Choice (7 days ago)
  • Iranian State TV hacked, and that’s modern warfare (7 days ago)
  • Disruption with the GitHub mobile android application (7 days ago)
  • Qilin offers “Call a lawyer” button for affiliates attempting to extort ransoms from victims who won’t pay (7 days ago)
  • The Data (Use and Access) Act and How it Affects the UK GDPR and DPA 2018, and PECR (8 days ago)
  • Disruption with some GitHub services (9 days ago)
  • Smashing Security podcast #422: The curious case of the code copier (9 days ago)
  • Ransomware gang busted in Thailand hotel raid (9 days ago)
  • Partial Actions Cache degradation (9 days ago)
  • Partial Degradation in Issues Experience (9 days ago)
  • Understanding the CIA Triad in 2025: A Cornerstone of Cyber Security (9 days ago)
  • Yes, the Co-op lost your data. Have a £10 shopping voucher (9 days ago)
  • Timelines for migration to post-quantum cryptography (10 days ago)
  • : “Glass Cage” – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) (10 days ago)
  • SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer) (10 days ago)
  • SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem (10 days ago)
  • Call for Applications: ERCIM STM WG 2025 Award for the Best Ph.D. Thesis on Security and Trust Management (July 31, 2025) (10 days ago)
  • Incident with multiple GitHub services (10 days ago)
  • The AI Fix #55: Atari beats ChatGPT at chess, and Apple says AI “thinking” is an illusion (10 days ago)
  • Infecting insurance firms with ransomware… for dummies (10 days ago)
  • Global Data Breaches and Cyber Attacks in May 2025 – More Than 1.4 Billion Records Breached (10 days ago)
  • Breaking news – the Washington Post has been hacked (12 days ago)
  • WestJet investigates cyberattack disrupting internal systems (13 days ago)
  • Cybercriminals left hanging as Victoria’s Secret bounces back (13 days ago)
  • Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?” (13 days ago)
  • India: Servers of two city hospitals hacked; police register FIR (13 days ago)
  • Ph: Coop Hospital confirms probe into reported cyberattack (14 days ago)
  • Dutch police identify users as young as 11-year-old on Cracked.io hacking forum (14 days ago)
  • Bert ransomware: what you need to know (14 days ago)
  • Why Denmark is breaking up with Microsoft (14 days ago)
  • V2: Hacking my Tesla Powerwalls to be the ultimate home energy solution! (14 days ago)
  • Slapped wrists for Financial Conduct Authority staff who emailed work data home (14 days ago)
  • Ualabee - 472,296 breached accounts (15 days ago)
  • Inside a Dark Adtech Empire Fed by Fake CAPTCHAs (15 days ago)
  • Some Copilot chat models are failing requests (15 days ago)
  • School Districts Unaware BoardDocs Software Published Their Private Files (15 days ago)
  • A guilty plea in the PowerSchool case still leaves unanswered questions (15 days ago)
  • Incident with Actions (15 days ago)
  • Brussels Parliament hit by cyber-attack (15 days ago)
  • Penetration Testing for SaaS Providers: Building Trust and Security (15 days ago)
  • Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider (15 days ago)
  • Sweden under cyberattack: Prime minister sounds the alarm (15 days ago)
  • Former CIA Analyst Sentenced to Over Three Years in Prison for Unlawfully Transmitting Top Secret National Defense Information (15 days ago)
  • Weekly Update 456 (15 days ago)
  • Authentication methods: choosing the right type (16 days ago)
  • Disruption with some GitHub services (17 days ago)
  • Patch Tuesday, June 2025 Edition (17 days ago)
  • Codespaces billing is delayed (17 days ago)
  • How to Start Your Career in Data Protection and Privacy (17 days ago)
  • Incident with Pull Requests (17 days ago)
  • WiredBucks - 918,529 breached accounts (17 days ago)
  • SEC Consult SA-20250604-0 :: Local Privilege Escalation and Default Credentials in INDAMED - MEDICAL OFFICE (Medical practice management) Demo version (18 days ago)
  • Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft (18 days ago)
  • Detecting PureLogs traffic with CapLoader (18 days ago)
  • GDPR Documentation: The Documents You Need to Comply with the UK and EU GDPR (18 days ago)
  • Weekly Update 455 (18 days ago)
  • Disk Union - 690,667 breached accounts (21 days ago)
  • Incident With Copilot (21 days ago)
  • Incident with Copilot (21 days ago)
  • Proxy Services Feast on Ukraine’s IP Address Exodus (22 days ago)
  • Incident with Actions (22 days ago)
  • How to FastTrack your ISO 27001 ISMS Implementation and Certification (22 days ago)
  • Incident with Actions (23 days ago)
  • Author of the Month: Bridget Kenyon (23 days ago)
  • Defense in depth – the Microsoft way (part 89): user group policies don’t deserve tamper protection (24 days ago)
  • CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 (24 days ago)
  • ColoCrossing - 7,183 breached accounts (25 days ago)
  • CapLoader 2.0 Released (25 days ago)
  • Weekly Update 454 (25 days ago)
  • Codespaces Scheduled Maintenance (28 days ago)
  • Disruption with some GitHub services (28 days ago)
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams (29 days ago)
  • Codespaces Scheduled Maintenance (29 days ago)