SecOps News

Get this as an RSS feed

  • Disruption with some GitHub services (12 minutes ago)
  • Disruption with some GitHub services (25 minutes ago)
  • Scholars sneaking phrases into papers to fool AI reviewers (44 minutes ago)
  • CitrixBleed 2 exploits are on the loose as security researchers yell and wave their hands (2 hours ago)
  • Employee gets $920 for credentials used in $140 million bank heist (3 hours ago)
  • Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild (4 hours ago)
  • Atomic macOS infostealer adds backdoor for persistent attacks (4 hours ago)
  • SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools (5 hours ago)
  • Qantas is being extorted in recent data-theft cyberattack (5 hours ago)
  • ‘Batavia’ Windows spyware campaign targets dozens of Russian orgs (5 hours ago)
  • Employee arrested after Brazil’s central bank service provider hacked for US $140 million (7 hours ago)
  • Hackers abuse leaked Shellter red team tool to deploy infostealers (7 hours ago)
  • The 5 CISA Domains Explained (8 hours ago)
  • Move over bit barns, here come Japan’s floating bit barges (8 hours ago)
  • Hunters International Shuts Down, Offers Free Decryptors as It Morphs Into World Leaks (8 hours ago)
  • Game, set, botch: AI umpiring at Wimbledon goes long (9 hours ago)
  • Ingram Micro Scrambling to Restore Systems After Ransomware Attack (9 hours ago)
  • Phishing platforms, infostealers blamed as identity attacks soar (10 hours ago)
  • ⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More (11 hours ago)
  • Manufacturing Security: Why Default Passwords Must Go (11 hours ago)
  • AI scores a huge own goal if you play up and play the game (14 hours ago)
  • Yes, I wrote a very expensive bug. In my defense I was only seven years old at the time (15 hours ago)
  • VMware’s rivals ramp up their efforts to create alternative stacks (17 hours ago)
  • TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors (17 hours ago)
  • Atlassian migrated 4 million Postgres databases to shrink AWS bill (21 hours ago)
  • OpenAI says GPT-5 will unify breakthroughs from different models (22 hours ago)
  • Hands on with Windows 11 Notepad’s new markdown support (22 hours ago)
  • ChatGPT is testing disruptive Study Together feature (23 hours ago)
  • Stalkerware firm gets scooped by SQL-slinging security snoop (1 days ago)
  • Ingram Micro confirms ransomware behind multi-day outage (1 days ago)
  • Ingram Micro outage caused by SafePay ransomware attack (2 days ago)
  • Massive spike in use of .es domains for phishing abuse (2 days ago)
  • Police in Brazil Arrest a Suspect Over $100M Banking Hack (2 days ago)
  • Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties (2 days ago)
  • Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS (2 days ago)
  • ChatGPT Deep Research tests new connectors for more context (3 days ago)
  • Ousted US copyright chief argues Trump did not have power to remove her (3 days ago)
  • Microsoft finally bids farewell to PowerShell 2.0 (3 days ago)
  • Technical difficulties or cyber attack? Ingram Micro’s website goes down just in time for the holiday weekend (3 days ago)
  • Catwatchful stalkerware app spills secrets of 62,000 users – including its own admin (3 days ago)
  • Amazon built a massive AI supercluster for Anthropic called Project Rainier – here’s what we know so far (3 days ago)
  • Ingram Micro suffers global outage as internal systems inaccessible (3 days ago)
  • Hacker leaks Telefónica data allegedly stolen in a new breach (3 days ago)
  • NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors (3 days ago)
  • We’re number 1! Windows 11 finally overtakes Windows 10 (3 days ago)
  • In Other News: Hacker Helps Kill Informants, Crylock Developer Sentenced, Ransomware Negotiator Probed (3 days ago)
  • Hunters International ransomware group shuts down – but will it regroup under a new guise? (3 days ago)
  • How ISO 42001 supports EU AI Act compliance (3 days ago)
  • Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It (3 days ago)
  • Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros (3 days ago)
  • Former and current Microsofties react to the latest round of layoffs (3 days ago)
  • Global Data Breaches and Cyber Attacks in June 2025: Over 16 billion records exposed (3 days ago)
  • Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without Permission (3 days ago)
  • EU businesses want a pause on AI regulations so they can cope with unregulated Big Tech players (3 days ago)
  • Microsoft leaves Pakistan but promises customers won’t notice the change (3 days ago)
  • Catwatchful - 61,641 breached accounts (3 days ago)
  • AI models just don’t understand what they’re talking about (4 days ago)
  • Big Tech’s Mixed Response to U.S. Treasury Sanctions (4 days ago)
  • Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams (4 days ago)
  • Microsoft Windows Firewall complains about Microsoft code (4 days ago)
  • Microsoft Windows Firewall complains about Microsoft code (4 days ago)
  • Young Consulting finds even more folks affected in breach mess – now over 1 million (4 days ago)
  • Tariffs and trade turmoil driving up cost and build times for datacenters (4 days ago)
  • Meta calls €200M EU fine over pay-or-consent ad model ‘unlawful’ (4 days ago)
  • Undetectable Android Spyware Backfires, Leaks 62,000 User Logins (4 days ago)
  • Cisco Warns of Hardcoded Credentials in Enterprise Software (4 days ago)
  • Ransomware crew Hunters International shuts down, hands out keys to victims (4 days ago)
  • Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets (4 days ago)
  • Canonical adds extra shots to Ubuntu Java (4 days ago)
  • The Hidden Weaknesses in AI SOC Tools that No One Talks About (4 days ago)
  • North Korean Hackers Use Fake Zoom Updates to Install macOS Malware (4 days ago)
  • UK charity bank branded a ‘disaster’ after platform migration goes wrong (4 days ago)
  • Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms (4 days ago)
  • Wayback gives X11 desktops a fighting chance in a Wayland world (4 days ago)
  • How multi-agent systems revolutionize data work flows (4 days ago)
  • Let’s Encrypt rolls out free security certs for IP addresses (4 days ago)
  • Disruption with some GitHub services (4 days ago)
  • ChatGPT creates phisher’s paradise by recommending the wrong URLs for major companies (4 days ago)
  • Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials (4 days ago)
  • Alibaba Cloud reveals DB cluster manager it says can beat rival hyperscalers (4 days ago)
  • Welcoming Truyu to Have I Been Pwned’s Partner Program (4 days ago)
  • Smashing Security podcast #424: Surveillance, spyware, and self-driving snafus (4 days ago)
  • Cisco scores a perfect 10 - sadly for a critical flaw in its comms platform (5 days ago)
  • CISA warns the Signal clone used by natsec staffers is being attacked, so patch now (5 days ago)
  • Call center staffers explain to researchers how their AI assistants aren’t very helpful (5 days ago)
  • Trillion with a T: Surpassing 2 Trillion Events Processed!🚀🚀 (5 days ago)
  • 23andMe’s new owner says your DNA is safe this time (5 days ago)
  • North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign (5 days ago)
  • Disruption with some GitHub services (5 days ago)
  • Microsoft kicks off new fiscal year with more layoffs (5 days ago)
  • Swiss government warns attackers have stolen sensitive data, after ransomware attack at Radix (5 days ago)
  • 7 Steps to a Successful ISO 27001 Risk Assessment (Updated for 2025) (5 days ago)
  • Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response (5 days ago)
  • Impact of Microsoft taking over Enterprise Account renewals starts to ‘bite’ (5 days ago)
  • US Calls Reported Threats by Pro-Iran Hackers to Release Trump-Tied Material a ‘Smear Campaign’ (5 days ago)
  • US imposes sanctions on second Russian bulletproof hosting vehicle this year (5 days ago)
  • PureLogs Forensics (5 days ago)
  • That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat (5 days ago)
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns (5 days ago)
  • Disruption with some GitHub services (5 days ago)
  • Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks (5 days ago)
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware (5 days ago)
  • UK eyes new laws as cable sabotage blurs line between war and peace (5 days ago)
  • Weekly Update 458 (5 days ago)
  • Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale (5 days ago)
  • Australian airline Qantas reveals data theft impacting six million customers (5 days ago)
  • Microsoft admits to Intune forgetfulness (6 days ago)
  • Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits (6 days ago)
  • International Criminal Court swats away ‘sophisticated and targeted’ cyberattack (6 days ago)
  • TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns (6 days ago)
  • The AI Fix #57: AI is the best hacker in the USA, and self-learning AI (6 days ago)
  • New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status (6 days ago)
  • CapLoader 2.0.1 Released (6 days ago)
  • 50 customers of French bank hit after insider helped SIM swap scammers (6 days ago)
  • A New Maturity Model for Browser Security: Closing the Last-Mile Risk (6 days ago)
  • How to Write a GDPR Data Protection Policy (Updated for 2025) (6 days ago)
  • Terrible tales of opsec oversights: How cybercrooks get themselves caught (6 days ago)
  • Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update (6 days ago)
  • iOS Activation Flaw Enables Pre-User Device Compromise and Identity Exposure (iOS 18.5) (6 days ago)
  • Proton bashes Apple and joins antitrust suit that seeks to throw the App Store wide open (6 days ago)
  • US shuts down a string of North Korean IT worker scams (7 days ago)
  • Disruption with Claude 3.7 Sonnet in Copilot Chat (7 days ago)
  • Incident With Actions (7 days ago)
  • British IT worker sentenced to seven months after trashing company network (7 days ago)
  • Senator Chides FBI for Weak Advice on Mobile Security (7 days ago)
  • Scattered Spider crime spree takes flight as focus turns to aviation sector (7 days ago)
  • Building Your Cyber Security Career: The Credentials Needed for Management and Specialist Roles (7 days ago)
  • Unlocking Access: How to Respond to a DSAR (Data Subject Access Request) (7 days ago)
  • When hackers become hitmen (8 days ago)
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024 (9 days ago)
  • Battlefords Union Hospitals notifies patients of employee snooping in their records (9 days ago)
  • BreachForums broken up? French police arrest five members of notorious cybercrime site (9 days ago)
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list (10 days ago)
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected (10 days ago)
  • Privacy commissioner reviewing reported Ontario Health atHome data breach (10 days ago)
  • CMS warns Medicare providers of fraud scheme (10 days ago)
  • SafePay ransomware: What you need to know (10 days ago)
  • Disruption with some GitHub services (10 days ago)
  • GitHub Enterprise Importer delays (11 days ago)
  • Ex-student charged with wave of cyber attacks on Sydney uni (11 days ago)
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders (11 days ago)
  • Potential Cyberattack Scrambles Columbia University Computer Systems (11 days ago)
  • 222,000 customer records allegedly from Manhattan Parking Group leaked (11 days ago)
  • Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title - Tag (11 days ago)
  • Smashing Security podcast #423: Operation Endgame, deepfakes, and dead slugs (11 days ago)
  • Hackers breach Norwegian dam (12 days ago)
  • Robinsons Malls - 195,597 breached accounts (12 days ago)
  • Apple Wallet just went full Bono (but with Brad Pitt this time) (12 days ago)
  • Cybercrime is surging across Africa (12 days ago)
  • Have Fun Teaching - 27,126 breached accounts (12 days ago)
  • How to Write a GDPR Data Privacy Notice – Updated Guide and Template for 2025 (13 days ago)
  • The AI Fix #56: ChatGPT traps man in a cult of one, and AI is actually stupid (13 days ago)
  • Aflac, one of the USA’s largest insurers, is the latest to fall “under siege” to hackers (13 days ago)
  • Repository Navigation Bar Missing in GitHub Enterprise Cloud (13 days ago)
  • CVE-2025-32978 - Quest KACE SMA Unauthenticated License Replacement (13 days ago)
  • CVE-2025-32977 - Quest KACE Unauthenticated Backup Upload (13 days ago)
  • CVE-2025-32976 - Quest KACE SMA 2FA Bypass (13 days ago)
  • CVE-2025-32975 - Quest KACE SMA Authentication Bypass (13 days ago)
  • RansomLord (NG v1.0) anti-ransomware exploit tool (13 days ago)
  • Disclosure Yealink Cloud vulnerabilities (13 days ago)
  • Marks & Spencer ransomware attack was good news for other retailers (14 days ago)
  • Twitter refuses to explain what it’s doing about hate speech and misinformation, sues New York State for asking (14 days ago)
  • Weekly Update 457 (16 days ago)
  • Krispy Kreme hack exposed sensitive data of over 160,000 people (17 days ago)
  • The Critical Role of a DPO: Why Outsourcing is the Smart Choice (17 days ago)
  • Disruption with the GitHub mobile android application (17 days ago)
  • The Data (Use and Access) Act and How it Affects the UK GDPR and DPA 2018, and PECR (18 days ago)
  • Disruption with some GitHub services (18 days ago)
  • Partial Actions Cache degradation (19 days ago)
  • Partial Degradation in Issues Experience (19 days ago)
  • Timelines for migration to post-quantum cryptography (19 days ago)
  • : “Glass Cage” – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) (19 days ago)
  • SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer) (19 days ago)
  • SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem (19 days ago)
  • Call for Applications: ERCIM STM WG 2025 Award for the Best Ph.D. Thesis on Security and Trust Management (July 31, 2025) (19 days ago)
  • Incident with multiple GitHub services (20 days ago)
  • V2: Hacking my Tesla Powerwalls to be the ultimate home energy solution! (24 days ago)
  • Ualabee - 472,296 breached accounts (24 days ago)
  • Inside a Dark Adtech Empire Fed by Fake CAPTCHAs (25 days ago)
  • Some Copilot chat models are failing requests (25 days ago)
  • Incident with Actions (25 days ago)
  • Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider (25 days ago)
  • Weekly Update 456 (25 days ago)
  • Authentication methods: choosing the right type (26 days ago)
  • Disruption with some GitHub services (26 days ago)
  • Patch Tuesday, June 2025 Edition (26 days ago)
  • Codespaces billing is delayed (27 days ago)
  • Incident with Pull Requests (27 days ago)
  • WiredBucks - 918,529 breached accounts (27 days ago)
  • SEC Consult SA-20250604-0 :: Local Privilege Escalation and Default Credentials in INDAMED - MEDICAL OFFICE (Medical practice management) Demo version (27 days ago)
  • Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft (27 days ago)
  • Detecting PureLogs traffic with CapLoader (28 days ago)
  • Weekly Update 455 (28 days ago)