Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Microsoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving "credible reports" in August 2025 that unknown threat actors ...
Read More...
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations...
Read More...
New Rust-Based Malware ChaosBot Uses Discord Channels to Control Victims PCs
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arb...
Read More...
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensi...
Read More...
BreachForums seized but hackers say they will still leak Salesforce data
Law enforcement agencies in the United States and France have seized control of domains linked to the notorious BreachForums hacking forum, commonly used for th...
Read More...
Best Practices
US government shutdown clouds an otherwise sunny ServiceNow forecast
Enterprise software giant lifts guidance but adds 'prudence' as federal contracts stall
ServiceNow has built some "prudence" into its earnings guidance due to t...
Read More...
Microsoft Azure challenges AWS for downtime crown
Azure Front Door service outage disrupts airlines and other online services
Microsoft Azure has been experiencing a global outage since around 1600 UTC, or 0900...
Read More...
Attackers targeting unpatched Cisco kit notice malware implant removal install it again
PLUS: Cyber-exec admits selling secrets to Russia; LastPass isn't checking to see if you're dead; Nation-state backed Windows malware; and more
Infosec in brief...
Read More...
Ransomware gang runs ads for Microsoft Teams to pwn victims
You click and think you're getting a download page, but get malware instead
Imagine searching for Microsoft Teams, seeing a text link at the top of the results,...
Read More...
Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal
And they’re likely still abusing the same SharePoint flaws for initial access
The ransomware gang caught exploiting Microsoft SharePoint zero-days over the summ...
Read More...
New Threats and Vulnerabilities
Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations
Summary
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to dissemina...
Read More...
Patch Tuesday: Windows 10 end of life pain for IT departments
Windows 10 is no longer supported, but that does not mean it is not impacted by the latest Patch Tuesday update
Read More...
Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances o...
Read More...
Fast Flux: A National Security Threat
Executive summary
Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a signi...
Read More...
[R1] Stand-alone Security Patch Available for Tenable Security Center versions 651 and 660: SC-2025091
[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.1
Jason Schavel
Wed, 09/24/2025 - 10:34
...
Read More...
.png)
.png)
