Walmart announced a new partnership with OpenAI that will let customers shop using ChatGPT. "For many years now, eCommerce shopping experiences have consisted of a search bar and a long list of item responses. That is about to change," Walmart CEO Doug McMillon said in a statement. NBC News reports: It was unclear Tuesday what the terms of the Walmart-AI partnership would be. The announcement also did not say when shoppers can expect to see ChatGPT integrated with their Walmart online shopping experiences, only that it's coming "soon." The OpenAI announcement is part of a broader push by Walmart, the biggest private employer in the U.S., to incorporate AI into its daily operations. "We're excited to partner with Walmart to make everyday purchases a little simpler. It's just one way AI will help people every day under our work together," Sam Altman, the co-founder and CEO of OpenAI, said in a statement. The partnership could also serve OpenAI by introducing ChatGPT to a massive set of consumers who may not be as accustomed to using AI chats in their shopping as OpenAI's core user base. "There is a native AI experience coming that is multi-media, personalized and contextual," said Walmart's McMillon.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Today is the official end-of-support date for Microsoft's Windows 10. That doesn't mean these PCs will suddenly stop working, but if you don't take action, it does mean your PC has received its last regular security patches and that Microsoft is washing its hands of technical support. This end-of-support date comes about a decade after the initial release of Windows 10, which is typical for most Windows versions. But it comes just four years after Windows 10 was replaced by Windows 11, a version with stricter system requirements that left many older-but-still-functional PCs with no officially supported upgrade path. As a result, Windows 10 still runs on roughly 40 percent of the world's Windows PCs (or around a third of US-based PCs), according to StatCounter data. But this end-of-support date also isn't set in stone. Home users with Windows 10 PCs can enroll in Microsoft's Extended Security Updates (ESU) program, which extends the support timeline by another year. [...] Home users can only get a one-year stay of execution for Windows 10, but IT administrators and other institutions with fleets of Windows 10 PCs can also pay for up to three years of ESUs, which is also roughly the amount of time users can expect new Microsoft Defender antivirus updates and updates for core apps like Microsoft Edge. Obviously, Microsoft's preferred upgrade path would be either an upgrade to Windows 11 for PCs that meet the requirements or an upgrade to a new PC that does support Windows 11. It's also still possible, at least for now, to install and run Windows 11 on unsupported PCs. Your day-to-day experience will generally be pretty good, though installing Microsoft's major yearly updates (like the upcoming Windows 11 25H2 update) can be a bit of a pain.

Read more of this story at Slashdot.

Salesforce says it's saving about $100 million a year by using AI tools in the software company's customer service operations. From a report: The company is working to sell AI features that can handle work such as customer service or early-stage sales. To illustrate the value of the Agentforce product to business clients, Salesforce has been vocal about its own use of the technology. Chief Executive Officer Marc Benioff announced the statistic on Salesforce's savings during a speech Tuesday at the annual Dreamforce conference in San Francisco. The company said more than 12,000 customers are using Agentforce. For example, Reddit was able to cut customer support resolution time by 84%, Salesforce said.

Read more of this story at Slashdot.

DirecTV wants to use AI to put you, your family, and your pets inside a custom TV screensaver. From a report: If that's not uncanny enough, you'll find items you can shop for within that AI environment, whether it's a piece of clothing similar to the one your AI likeness is wearing or a piece of furniture that pops up alongside it. The satellite TV giant is partnering with the AI company Glance to roll out this experience to DirecTV Gemini devices starting next year. "We are making television a lean-in experience versus lean back," Rajat Wanchoo, the group vice president of commercial partnerships at Glance, tells The Verge. "We want to give users a chance to use the advancements that have happened in generative AI to create a ChatGPT moment for themselves, but on TV." Glance is owned by InMobi, the same company that injected ecommerce bloatware into Motorola's budget phones.

Read more of this story at Slashdot.

An anonymous reader shares a report: An attorney in a New York Supreme Court commercial case got caught using AI in his filings, and then got caught using AI again in the brief where he had to explain why he used AI, according to court documents filed earlier this month. New York Supreme Court Judge Joel Cohen wrote in a decision granting the plaintiff's attorneys' request for sanctions that the defendant's counsel, Michael Fourte's law offices, not only submitted AI-hallucinated citations and quotations in the summary judgment brief that led to the filing of the plaintiff's motion for sanctions, but also included "multiple new AI-hallucinated citations and quotations" in the process of opposing the motion. "In other words," the judge wrote, "counsel relied upon unvetted AI -- in his telling, via inadequately supervised colleagues -- to defend his use of unvetted AI." The case itself centers on a dispute between family members and a defaulted loan. The details of the case involve a fairly run-of-the-mill domestic money beef, but Fourte's office allegedly using AI that generated fake citations, and then inserting nonexistent citations into the opposition brief, has become the bigger story.

Read more of this story at Slashdot.

Indonesia's film industry has started using generative AI tools to produce films at a fraction of Hollywood budgets. The country's filmmakers are deploying ChatGPT for scriptwriting, Midjourney for image generation, and Runway for video storyboarding. VFX artist Amilio Garcia Leonard told Rest of World that AI has reduced his draft editing time by 70%. The Indonesian Film Producer Association supports the technology. Indonesian films typically cost 10 billion rupiah ($602,500), less than 1% of major Hollywood productions. The sector employed about 40,000 people in 2020 and generated over $400 million in box office sales in 2023. Jobs for storyboarders, VFX artists, and voice actors are disappearing.

Read more of this story at Slashdot.

The United Nations Food and Agriculture Organization projects record production of global cereal crops in the 2025-26 farming season. The forecast covers wheat, corn and rice, and comes as the global stocks-to-use ratio stands around 30.6% -- the world is producing nearly a third more of these foundational crops than it currently uses. The U.S. Department of Agriculture reported in August that American farmers would harvest a record corn crop at record yield per acre. The FAO Food Price Index has risen slightly this year but remains nearly 20% below its peak during the early months of the war in Ukraine. Average calories available per person worldwide have climbed from roughly 2,100 to 2,200 kilocalories daily in the early nineteen-sixties to just under 3,000 kilocalories daily by 2022. Cereal yields have roughly tripled since 1961. Yet the World Bank estimates around 2.6 billion people cannot afford a healthy diet, and current famines in Gaza and Sudan stem from political failures rather than crop failures.

Read more of this story at Slashdot.

Generative AI models trained on internet data lack exposure to vast domains of human knowledge that remain undigitized or underrepresented online. English dominates Common Crawl with 44% of content. Hindi accounts for 0.2% of the data despite being spoken by 7.5% of the global population. Tamil represents 0.04% despite 86 million speakers worldwide. Approximately 97% of the world's languages are classified as "low-resource" in computing. A 2020 study found 88% of languages face such severe neglect in AI technologies that bringing them up to speed would require herculean efforts. Research on medicinal plants in North America, northwest Amazonia and New Guinea found more than 75% of 12,495 distinct uses of plant species were unique to just one local language. Large language models amplify dominant patterns through what researchers call "mode amplification." The phenomenon narrows the scope of accessible knowledge as AI-generated content increasingly fills the internet and becomes training data for subsequent models.

Read more of this story at Slashdot.

California has enacted new legislation that aims to limit companies from charging consumers "exorbitant" fees to cancel fixed-term contracts. From a report: Assembly Bill 483 was signed into law by California Gov. Gavin Newsom on Friday, placing transparency requirements and fee limits on early terminations for installment contracts -- plans that allow consumers to make recurring payments for goods and services over a specified duration. This includes services that lure consumers into signing annual contracts by allowing them to pay in installments that appear similar to rolling monthly subscriptions, but with hefty cancellation fees for not locking in for the full year. The bill bans companies from hiding early termination fee disclosures within fine print or obscured hyperlinks, and limits the total fee amount to a maximum of 30 percent of the total contract cost. The goal is to make it easier for Californians to take these fees into account when comparing between services, and lessen the financial burden if they need to end their contract early.

Read more of this story at Slashdot.

Researchers at UC San Diego and the University of Maryland have found that roughly half of geostationary satellite signals transmit sensitive data without encryption. The team spent three years using an $800 satellite receiver on a university rooftop in San Diego to intercept communications from satellites visible from their location. They collected phone calls and text messages from more than 2,700 T-Mobile users in just nine hours of recording. The researchers also obtained data from airline passengers using in-flight Wi-Fi, communications from electric utilities and offshore oil and gas platforms, and US and Mexican military communications that revealed personnel locations and equipment details. The exposed data resulted from telecommunications companies using satellites to relay signals from remote cell towers to their core networks. The researchers examined only about 15% of global satellite transponder communications and presented their findings at an Association for Computing Machinery conference in Taiwan this week. Most companies warned by the researchers have encrypted their satellite transmissions, but some US critical infrastructure owners have not yet added encryption.

Read more of this story at Slashdot.

Five new vehicles and a four-cylinder engine will be developed and produced through 2029 as part of investment into factories in Illinois, Ohio, Michigan and Indiana.

OpenAI says it will soon roll back some of ChatGPT's safeguards, and even allow the chatbot to engage in erotica for adult users.

SpaceX's company town has formed a volunteer fire department, extending control over both the emergency response and permitting process as the company looks to expand Starbase.

Sonic Fire Tech has developed a device that can extinguish flames using acoustic energy below the range of human hearing. The startup is building a demo capable of protecting a home.

Spotify is partnering with Netflix to bring select video podcasts to the streaming platform starting in early 2026. The deal will feature curated shows from Spotify Studios and The Ringer, expanding later to include more genres. The move reflects Spotify’s growing focus on video as a key driver for engagement and ad revenue, with video podcast consumption now growing 20 times faster than audio-only content.

Impulse Space sees a growing demand for mid-sized deliveries to the moon.

The integration offers conversational, cited answers instead of traditional links and follows positive feedback from earlier tests in select markets. Perplexity will expand to mobile soon.

Facebook is reintroducing job listings to users in the U.S., focusing on entry-level, trade, and service jobs.

Designed for one-on-one meetings, the tool lets you insert available time slots directly into an email, automatically creating a calendar invite once a recipient selects a time.

Google Meet finally has a makeup filter for those days when you don't feel like applying lipstick.

Gregg Mayles, the director of Sea of Thieves and designer on Donkey Kong Country, has announced that he's left Rare. News of Mayles' exit was first reported in July 2025 during a rash of layoffs and game cancellations across Xbox Games Studios, but the short poem he shared on X today makes it official.

With a 36-year tenure at the studio, Mayles saw its transition from an exclusive Nintendo partner to a Microsoft subsidiary. He helped design games like Battletoads, created Banjo-Kazooie and when studio founders Tim and Chris Stamper left in 2007, stepped up and became Rare's creative director. Mayles also led the team behind Sea of Thieves, one of Rare's modern successes.

Today was my last day at @RareLtd. Thanks to everyone who played and enjoyed any of the games I helped create while I was there. Also thanks to all the people that worked on the games alongside me. It seemed fitting that I should say farewell with one final rhyme! pic.twitter.com/X54u8Bc2oI

— Gregg Mayles (@Ghoulyboy) October 14, 2025

The studio has been supporting Sea of Thieves with new content since it was released in 2018, but was also working on a new project, Everwild, that was announced in 2019. The game went through a troubled development process over the last few years, and Rare reportedly started from scratch in 2021 with Mayles taking over as director. Microsoft's decision to cancel the game and layoff staff at the studio this summer is likely one of the reasons he left.

Losing Mayles is just one example of Microsoft's self-inflicted wounds from 2025. The company not only made cuts at Halo Studios and Forza Motorsport developer Turn 10, it also increased the prices of both Xbox consoles and Game Pass Ultimate. All of these changes are seemingly in service of shifting the Xbox business into something that's more focused on subscriptions and game publishing, but the transition definitely seems like a painful one.

This article originally appeared on Engadget at https://www.engadget.com/gaming/xbox/banjo-kazooie-director-gregg-mayles-confirms-hes-left-rare-220828667.html?src=rss

Attorney General Pam Bondi posted on X that the Department of Justice contacted Facebook in order to have a group removed that she claimed "was being used to dox and target" US Immigration and Customs Enforcement agents operating in Chicago. We reached out to Meta for confirmation and a representative said, "This Group was removed for violating our policies against coordinated harm," however they did not confirm the name of the group or whether the DOJ was involved in the action.

Officers for the immigration agency have reportedly been moving through Chicago with facial coverings, no name tags and sometimes in vehicles with no license plates, although a US District Judge ruled that all ICE agents who are not undercover are required to display visible identification while operating in the Chicagoland area.

The Department of Justice has demanded that other tech companies remove content the current administration has deemed critical of its immigration policies and practices. At the start of the month, Apple removed ICEBlock, an app for tracking the movements of immigration agents, from the App Store following similar pressure from Bondi. "Capitulating to an authoritarian regime is never the right move," ICEBlock developer Joshua Aaron said in an interview following the action. "Our mission has always been to protect our neighbors from the terror this administration continues to reign down on the people of this nation."

This article originally appeared on Engadget at https://www.engadget.com/meta-removes-facebook-group-for-tracking-ice-agents-after-doj-pressure-203429574.html?src=rss

In order to avoid paying billions of dollars in fines for violating the European Union's Digital Markets Act, Google is considering changing how search results are displayed, Reuters reports. EU regulators first took issue with Google's Search and Play Store businesses in March 2025, claiming it favored its own services in search results over third-party options and prevented developers from informing customers of alternative ways of accessing apps.

One of regulators main issues with Google Search was that Google appeared to favor results from services like Google Flights or Google Hotels over ones from "vertical search services," providers that specialize in displaying search results from a specific industry, like Expedia or Hotels.com. To avoid fines, Google now wants Search to give VSS businesses equal treatment in results.

"We will create the opportunity for each VSS to show its own box on Search. A VSS box will be populated with results from that VSS inventory," Google said in a proposal viewed by Reuters. Results from Google's own services will exist with the same formatting alongside, and the winning VSS box will be displayed in search results based on "objective and non-discriminatory criteria." Importantly, search results from actual airlines and car rental companies won't be excluded, they'll also appear in a box "above or below the VSS box depending on the relevance to the user's query."

Engadget has asked Google to comment on Reuters' report and to confirm the details of its proposed changes to Google Search. We'll update this article if we hear back.

Like Apple, Google faces significant scrutiny from the EU because of its monopolistic control over its various platforms and services. The threat of fines from the DMA has forced Apple to open up its products to third-party app stores, among a host of other changes. Clearly, Google is willing to tweak what once seemed like untouchable pillars of its business to avoid fines, too. Whether these proposed changes will be enough for the regulators remains to be seen, though.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/google-reportedly-offers-to-tweak-search-results-to-avoid-eu-fine-193940005.html?src=rss

Customer service support company 5CA has released a statement contradicting claims by Discord that it was the victim of a hack last month. On October 3, Discord disclosed a data breach that the company says included a “small number” of government IDs like driver’s licenses and passports, which some users had submitted to verify their ages. Days later the company updated its statement to name 5CA as the target of the hack, which Discord contracts as part of its customer service efforts. It also disclosed that the "small number" of government IDs encompasses roughly 70,000 users.

"We are aware of media reports naming 5CA as the cause of a data breach involving one of our clients. Contrary to these reports, we can confirm that none of 5CA’s systems were involved, and 5CA has not handled any government-issued IDs for this client. All our platforms and systems remain secure, and client data continues to be protected under strict data protection and security controls," the company’s statement reads in part. The company goes on to explicitly state "the incident occurred outside of our systems and that 5CA was not hacked."

5CA says that a preliminary investigation showed that the incident may have been the result of "human error," though it offers no details as to what exactly that implies. In a recent interview with BleepingComputer, the hackers who claimed responsibility for the breach said they had access to Discord's Zendesk account for 58 hours on September 20. The group claims they gained entry through compromised login credentials belonging to a support agent employed by a third-party company. Discord has not yet responded to the company’s claims.

Update 2:58 PM ET: Added more context about the breach.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/the-company-discord-blamed-for-its-recent-breach-says-it-wasnt-hacked-175536278.html?src=rss

Kobo is making a remote control for its line of ereaders. The appropriately-named Kobo Remote costs $30 and will be available to purchase on November 4.

A remote control for an ereader may seem silly to some, but avid readers will likely appreciate this accessory. It's basically a wireless page turner, so users can lay in bed and read all day without having to physically hold the device or prop a hand up to push a button every 30 seconds. Kobo is calling it "the ideal reading companion."

It has been custom-built for Kobo products and will be available in both black and white, which matches the company's other products. It can integrate with any Kobo ereader with Bluetooth functionality, which includes the Libra 2 and the well-reviewed Clara Colour.

“In a Canadian winter, we know that sometimes maximum reading comfort means burrowing down in the blankets, tucking yourself in and not emerging until spring,” said Rakuten Kobo CEO Michael Tamblyn. “The Kobo Remote is the perfect accessory for peak immersive reading; it’s an invitation to lounge deeper, multitask smarter and simply enjoy reading without limits, no matter whether your environment is beach or blankets."

The remote will be available in multiple regions, including the US, Canada, Europe, Australia, Singapore, Japan and many others. The company says it'll be sharing more details about the remote soon, but we aren't sure what details could be left to share. It's a remote control for an ereader. Maybe it can do one or two unexpected things.

This article originally appeared on Engadget at https://www.engadget.com/mobile/tablets/kobo-made-a-remote-control-for-its-ereaders-185010955.html?src=rss

OpenAI announced today that it is creating an advisory council centered on its users' mental and emotional wellness. The Expert Council on Well-being and AI comprises eight researchers and experts on the intersection of technology and mental health. Some of the members were experts that OpenAI consulted as it developed parental controls. Topics of safety and protecting younger users have become more of a talking point for all artificial intelligence companies, including OpenAI, after lawsuits questioned their complicity in multiple cases where teenagers committed suicide after sharing their plans with AI chatbots.

This move sounds like a wise addition, but the effectiveness of any advisor hinges on listening to their insights. We've seen other tech companies establish and then utterly ignore their advisory councils; Meta is one of the notable recent examples. And the announcement from OpenAI even acknowledges that its new council has no real power to guide its operations: "We remain responsible for the decisions we make, but we’ll continue learning from this council, the Global Physician Network, policymakers, and more, as we build advanced AI systems in ways that support people’s well-being." It may become clearer how seriously OpenAI is taking this effort when it starts to disagree with the council, whether the company is genuinely committed to mitigating the serious risks of AI or whether this is a smoke and mirrors attempt to paper over its issues.

This article originally appeared on Engadget at https://www.engadget.com/openai-forms-advisory-council-on-wellbeing-and-ai-183815365.html?src=rss

OpenAI plans to open the floodgates to more adult uses of ChatGPT starting in December, according to a new post from CEO Sam Altman. The company announced that it would add parental controls and automatic age detection features in September, and it seems like a benefit of sorting out children from adults is an ability to offer more freedom in what ChatGPT can show users.

"In December, as we roll out age-gating more fully and as part of our 'treat adult users like adults' principle, we will allow even more, like erotica for verified adults," Altman says. Some avid ChatGPT users already regularly manipulate the chatbot to engage in NSFW conversations, but Altman's announcement sounds more like tacit approval from OpenAI that those use-cases are okay.

We made ChatGPT pretty restrictive to make sure we were being careful with mental health issues. We realize this made it less useful/enjoyable to many users who had no mental health problems, but given the seriousness of the issue we wanted to get this right.
Now that we have...

— Sam Altman (@sama) October 14, 2025

The company signaled something similar during its DevDay 2025 announcements, when its new guidelines for developers creating apps for ChatGPT shared that "support for mature (18+) experiences will arrive once appropriate age verification and controls are in place." After December, it sounds like adult interactions with ChatGPT or apps the chatbot can access are fair game.

All of these changes are being made in the shadow of disturbing stories of the seemingly negative influence ChatGPT can have on users, including the death of 16-year old Adam Raine, who allegedly used ChatGPT to plan his own suicide.

Reducing the chatbot's sycophantic qualities with the release of GPT-5 was one of the ways OpenAI tried to address the mental health impacts of ChatGPT, along with built-in notifications to remind users to take breaks. It's hard to definitively say whether these tweaks have made a difference, but combined with age-gating, it's clear OpenAI feels comfortable giving its chatbot a longer leash.

This article originally appeared on Engadget at https://www.engadget.com/ai/openai-will-let-adults-use-chatgpt-for-erotica-starting-in-december-182417583.html?src=rss

Spotify is taking the video versions of some of its podcasts to another platform entirely: Netflix. Starting in the US in early 2026 (with more markets and shows to follow), Netflix will start offering sports, culture, lifestyle and true crime podcasts that Spotify Studios and The Ringer produce.

Nine sports podcasts will be available at the jump, including The Bill Simmons Podcast, The Zach Lowe Show, Fairway Rollin’ and The Ringer’s F1, fantasy football, NFL and NBA shows. Other video podcasts that are coming to Netflix include The Rewatchables, The Recipe Club, Dissect, Conspiracy Theories and Serial Killers.

Netflix sees these podcasts as complementary to its current offerings (The Ringer F1 Show, for instance, will sit neatly alongside Drive to Survive). Of course, for Spotify, this is a way to get more eyeballs and eardrums on its original programming.

With TV viewing becoming a bigger priority for YouTube over the last few years, this seems like a way for Netflix to bite back in the battle for consumer attention, given the prevalence of video podcasts on Google’s platform. Many people use streaming services for background comfort sound, and turning to podcasts or talk-radio style formats (something Disney+ also offers with The Rich Eisen Show on weekdays) may be a way for them to do that after pulling the plug on cable and broadcast TV.

This article originally appeared on Engadget at https://www.engadget.com/entertainment/streaming/some-spotify-video-podcasts-are-coming-to-netflix-180000074.html?src=rss

YouTube is bringing a wave of quality of life improvements to its platform. These visual updates and new features will roll out globally starting this week.

The main update to YouTube is a redesigned video player that has made the icons and UI elements to obscure less content. This new player design will appear on mobile, web and TV devices. Some users have had access to this feature for about a month, so it may not be brand new to everyone. The seek feature where a viewer can double-tap to skip has also been updated in a way that YouTube says is "more modern and less intrusive" and transitions between tabs have also been upgraded on mobile.

For those of you who spend a lot of time in the comments, you'll see a new threaded approach to replies. This update aims "to provide a more focused reading experience within the replies panel." The process of adding videos to playlists and the Watch Later queue has also been simplified and adjusted to be a "smoother and more visual" experience. Finally, some content will start displaying little animations when you hit the like button. The blog post gives music videos and sports videos as examples of where users may start seeing the flashier visual.

This article originally appeared on Engadget at https://www.engadget.com/entertainment/youtube/youtube-rolls-out-its-redesigned-video-player-globally-174609883.html?src=rss

X has long been a hotbed for fake accounts, bots and other scammy behavior. Many of those dynamics have been exacerbated by the rise of paid verification, which boosts the visibility of anyone who pays for a subscription. Now, the company is running a small experiment that could help users better identify potentially suspicious accounts.

The service is starting to test a new "about this account" feature that will provide details about when an account joined the platform, where the person running it is based, how many times the username has been changed and how the account is connected to X. The feature is a lot like the "page transparency" information on Facebook, which provides similar details about when a given page was created and where the people running it are based.

"When you read content on X, you should be able to verify its authenticity," X's head of product, Nikita Bier, shared in a post about the change. "This is critical to getting a pulse on important issues happening in the world."

If fully rolled out, this type of feature could help people on X understand a lot of common scams and other deceptive behavior on the platform. For example, scammers often change the handle of a recently compromised account in order to trick an account's existing followers. And understanding the location of an account could help users root out people lying about their identity.

However, it sounds like it could be some time before the feature is implemented in a way that could be broadly useful. Bier said that initially X will show this info on "a handful of profiles of X team members" — most of whom already have an official "X" badge on their profiles — in order to get feedback on the change.

This article originally appeared on Engadget at https://www.engadget.com/social-media/x-experiments-with-showing-more-information-about-profiles-to-fight-inauthentic-engagement-172500501.html?src=rss

Plus: Adobe, SAP, Ivanti offer treats, not tricks

Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft vulnerabilities, plus an additional 21 non-Microsoft CVEs. And even scarier than the sheer number of bugs: three are listed as under attack, with three others publicly known, and 17 deemed critical security holes....

America's main cybersecurity agency has lost almost 1,000 people this year

The Trump administration has continued to cut staff at the Cybersecurity and Infrastructure Security Agency (CISA), and is reportedly reassigning others, further imperiling the US' cybersecurity posture. ...

Laptop maker's apolitical endorsement of politically contentious projects meets resistance

Six days ago, upgradeable laptop maker Framework tried to convince its fractious user community to live in a "big tent" after a Debian developer objected to the company's sponsorship of Hyprland and its social media promotion of Omarchy, with both projects associated with politically polarizing viewpoints....

New clusters to feature 800,000 Nvidia Blackwell and 50,000 AMD Instinct MI450X GPUs

Oracle on Tuesday revealed it would field more than 18 zettaFLOPS worth of AI infrastructure from Nvidia and AMD by the second half of next year....

Maybe this will bring in some actual profit?

OpenAI has mitigated ChatGPT behavior that might exacerbate users' mental health issues, claims CEO Sam Altman, so the natural next step is to make ChatGPT act more human again - complete with the ability to generate "erotica for verified adults."...

To the slop trough, kiddos!

Not content to shove Copilot into every corner of the enterprise it can think of, Microsoft has announced plans to force feed AI to students across its home state of Washington. ...

Crims turned trusted mapping software into a hideout - no traditional malware required

A Chinese state-backed cybergang known as Flax Typhoon spent more than a year burrowing inside an ArcGIS server, quietly turning the trusted mapping software into a covert backdoor....

This relatively affordable AI workstation isn’t about going fast; it’s about doing everything well enough

hands on Nvidia bills its long-anticipated DGX Spark as the "world's smallest AI supercomputer," and, at $3,000 to $4,000 (depending on config and OEM), you might be expecting the Arm-based mini-PC to outperform its less-expensive siblings....

University team picks up voice calls, texts, and corporate data from orbit with off-the-shelf kit

Geostationary satellites are broadcasting large volumes of unencrypted data to Earth, including private voice calls and text messages as well as consumer internet traffic, researchers have discovered....

Users left wondering whether to fork it or forget it as another FOSS project bites the dust

The KuzuDB embedded graph database, open source under the MIT license, has been abandoned by its creator and sponsor Kùzu Inc, leaving its community pondering whether to fork or find an alternative....

Starting in early 2026, Netflix subscribers in the US will be able to watch select Spotify Studios and Ringer podcasts directly on the streaming platform.

No, it's not Wordle or Connections, but you've almost certainly heard of it.

This premium series of desktop PCs, created in collaboration with Havn, offer three pricey configs with cutting-edge gaming specs.

The Model Y and Model 3 have a more affordable starting price for EV shoppers.

It's dangerous to explore Kairos without some legendary gear. These promo codes will unlock epic loot and vault hunter cosmetics in Borderlands 4.

Apple also adds some new settings in the beta.

Satellite signals carrying unencrypted calls, texts and information from military and corporate accounts were found to be open to eavesdropping.

The latest version of Home Depot's skeleton is half the size but has animated features and can talk.

The company introduces an AI image generator as it tries to bring more of its AI development in-house.

Here are hints -- and the answers -- for the NYT Strands puzzle for Oct. 15, No. 591.

A Russian sub surfaces off of Western Europe. Is it damaged?

Scams like this one net billions from well-educated victims.

Pam Bondi claims Facebook group was used to “dox and target” ICE agents

Like other companies with streaming businesses, DirecTV is leaning into ads more.

Help Me Schedule creates a meeting widget based on the context of your message.

OpenAI reveals which experts are steering ChatGPT mental health upgrades.

The 1 petaflop DGX Spark system runs AI models with 200 billion parameters locally for $4K.

With EV demand predicted to plummet, GM has rejiggered its production plans.

End users can get an extra year of security updates relatively easily.

New paper reveals reducing "bias" means making ChatGPT stop mirroring users' political language.

Another round of terminations, combined with previous layoffs and departures, has reduced the Centers for Disease Control and Prevention workforce by about 3,000 people since January.

The malicious app required to make a “Pixnapping” attack work requires no permissions.

A presentation that has been shared with the Trump administration references Tesla, Ikea, TSMC, and more in its plan to rebuild Gaza. Some of these companies say they had no idea they were mentioned.

Analyses of its emissions using NASA’s Neil Gehrels Swift Observatory indicate that the interstellar comet probably has a very different structure than comets in the solar system.

Microsoft has stopped supporting the operating system. If you’re still running Windows 10, here are your options.

Track your favorite stuff for a fraction of the usual price.

Officials in the US and UK have taken sweeping action against “one of the largest investment fraud operations in history,” confiscating a historic amount of funds in the process.

It looks like fabric, feels like metal, and is as light as rubber. Meet the Ming Polymesh—the 3D-printed bracelet breaking new ground in horology.

OpenAI has announced “AI sovereignty" partnerships with governments around the world, but can proprietary models compete with Beijing’s open source offerings?

Treat yourself or someone else to days of little gifts, ranging from sweet treats and savory beverages to beauty products and toys. We found a tiny door for everyone.

Clearing out this hidden data can noticeably speed up your computer - here's how to find and access the setting.

I've worn every pair of headphones in Apple's catalog to help you find your iPhone's new best friend.

If there's one thing that annoys me, it's pulling out a bird's nest of cables from my bag. This cable puts an end to that.

HP's EliteBook Ultra G1i is impressively lightweight, reliably powerful, and built to last on battery life. But there's more to it.

Apparently, 'something powerful is coming'. Three new M5-powered Apple products could be launched as soon as October 15.

Sony's WH-1000XM5 headphones are one of our editors' favorites thanks to their excellent sound quality and impressive noise cancellation - especially at this price.

The Fitbit Versa 4 is an inexpensive smartwatch with all the health and fitness metrics you could ask for. It's on sale now at Walmart.

If a Windows upgrade has ever gone sideways on you, you know how vague and unhelpful the error messages can be. Here are my go-to troubleshooting tricks when that happens.

Microsoft has officially ended support for its most popular OS ever. Here's what to do with your Windows 10 PCs that fail Microsoft's Windows 11 compatibility tests.

I still love the Apple Watch SE 2 for its useful features and fair price, especially when it's on sale.

Slack’s rebuilt AI assistant connects directly to Salesforce’s Agentforce suite, providing enterprises with a centralized hub for agents, data, and automation.

The post Salesforce Turns Slack into an AI Hub with Agent360 Integration appeared first on TechRepublic.

Apple’s low-key Apple TV rebranding hints at a deeper strategy to unify Apple’s streaming, device, and content ecosystem.

The post Apple Quietly Drops the ‘+’ From Apple TV appeared first on TechRepublic.

Oracle will deploy 50,000 AMD AI chips and launch a new open lakehouse platform, signaling a major push to rival NVIDIA in the enterprise AI cloud race.

The post Oracle to Deploy 50,000 AMD AI Chips in Bid to Challenge Nvidia appeared first on TechRepublic.

A GitHub Copilot Chat bug let attackers steal private code via prompt injection. Learn how CamoLeak worked and how to defend against AI risks.

The post CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft appeared first on TechRepublic.

OpenAI and Sur Energy plan a $25B, 500-MW AI data center in Patagonia under Argentina’s RIGI, with leaders touting Stargate Argentina as a regional milestone.

The post OpenAI to Build $25B Data Center in Argentina, Expanding Its Global AI Infrastructure appeared first on TechRepublic.

The search giant's latest move lets people collapse sponsored results, with a catch that still guarantees exposure for advertisers.

The post Google Gets Manipulative with New Hide Ads Feature appeared first on TechRepublic.

CEO Huang says DGX Spark is "placing an AI computer in the hands of every developer to ignite the next wave of breakthroughs.”

The post Nvidia Unveils ‘World’s Smallest AI Supercomputer’ appeared first on TechRepublic.

Get fully editable and applicant tracking system-optimized resume and cover letter templates that get results

The post These 950 Resume Templates Will Level Up Your Job Search, Now 94% Off appeared first on TechRepublic.

This bundle comes with Acrobat’s complete suite of PDF tools and Office’s collection of productivity apps.

The post Own the Tools You Actually Use: Adobe Acrobat and Microsoft Office for Just $99 appeared first on TechRepublic.

Oracle patches a high-severity EBS flaw that could let attackers bypass authentication and access sensitive enterprise data.

The post Critical Oracle EBS Flaw Could Expose Sensitive Data appeared first on TechRepublic.

Motorola unveils sleek Edge 70 to rival iPhone Air.

iPhone Air now cheaper on Amazon. iPhone Air Price Drops On Amazon; Latest Deal Brings 256GB Model Down Rs 6,750

Android Auto update disables Quick Controls, frustrating many users globally.

OnePlus 15 to offer faster display, powerful chipset, and new design. OnePlus 15 Flagship To Feature BOE Display And Revamped Camera System

Microsoft enters AI art race with powerful in-house model. Microsoft’s MAI-Image-1 Joins Top AI Models, Challenges Google Gemini

Apple drops ‘Plus’ before Brad Pitt’s F1 film debut. Apple Rebrands Apple TV+ Ahead Of Brad Pitt’s F1 Movie Premiere This December

Microsoft ends Windows 10 support, urges users to upgrade immediately. Microsoft Ends Free Support For Windows 10; Users Urged To Upgrade To Windows 11

The feature will roll out in December

Stylish, and sensibly smart. The Honor X9c combines a gorgeous curved AMOLED display and great battery life into a surprisingly polished mid-range phone, though it plays it safe on performance and cameras.

Microsoft hires former British PM Rishi Sunak as a part-time advisor, while David Azose joins Airtable and Oumi names a new executive. Read More

Seattle-based startup Humanly is buying three recruiting technology companies — Sprockets, Qualifi, and HourWork — as it aims to build… Read More

The company confirmed a new lease of in Seattle's Fremont Lake Union Center. The opening is planned for fall 2026. Read More

A pilot electric ferry service between Seattle and nearby Tacoma could debut next summer to serve the surge of World Cup tourists expected in the region. Read More

There are two narratives unfolding in the press, in VC/founder circles, and in the boardroom. One is about AI automation… Read More

Gretchen Peri has been involved in helping governments around the world find better ways to use technology for more than… Read More

Seattle and Toronto are squaring off on the baseball diamond this week in the American League Championship Series. But how do the two cities fare in a battle over tech bragging rights? Read More

See the technology stories that people were reading on GeekWire for the week of Oct. 5, 2025. Read More

The Pacific Northwest Seismic Network, which monitors earthquakes and volcanoes in Washington and Oregon, installed a sensor inside T-Mobile Park to record seismic energy during the American League Division Series game. Read More

What happens when anyone can build software just by describing it? Longtime tech creator Chris Pirillo joins the GeekWire Podcast to talk about “vibe coding,” the rise of AI-built apps, and his new CTRL + ALT + CREATE Live event series. Read More

The “agentic enterprise” is set to transform how we live and work, if Salesforce has anything to do with it.

NordVPN data reveals cybercriminals built over 120,000 fake Amazon websites before Prime Day, driving a surge in online scams

Apple's SVP of Marketing, Greg Joswiak, just teased that something powerful is coming in a post on X, and it's very likely to be the new M5 MacBook Pro.

The OneOdio Focus A6s may well be the best budget over-ear headphones I’ve ever had the privilege to use. Here’s why.

Anthropic’s study shows just 250 malicious documents is enough to poison massive AI models.

HMD’s $48 Touch 4G combines a phone and Wi-Fi hotspot into a compact, cloud-powered device designed for affordable connectivity.

NordVPN has open-sourced its Linux GUI app and updated its Snap package to include it, with Meshnet set to be next.

Almost three decades since it started backing up the web, the Internet Archive now holds 1 trillion archived pages and over 100,000TB of data.

Here's our quick guide on how to watch Latvia vs England with Thomas Tuchel's men eyeing a spot at the 2026 FIFA World Cup.

We'll show you all the ways you can watch Portugal vs Hungary as the Group F heavyweights come together this Tuesday from anywhere in the world.

De website van het Rijksinstituut voor Volksgezondheid en Milieu (RIVM) is weer online nadat die eerder vandaag offline werd ...

De in Firefox ingebouwde Password Manager slaat wachtwoorden voortaan versleuteld op via AES-encryptie, zo heeft Mozilla ...

Meer dan veertig procent van de computers wereldwijd draait nog op Windows 10, zo stelt TeamViewer op basis van eigen onderzoek ...

Onderzoekers hebben een nieuwe aanval gedemonstreerd waarmee het mogelijk is voor malafide apps om 2FA-codes en andere ...

Het Rijksinstituut voor Volksgezondheid en Milieu (RIVM) heeft de eigen website offline gehaald nadat er malafide berichten op ...

Een defecte software-update heeft er afgelopen vrijdag in de Verenigde Staten voor gezorgd dat allerlei Jeeps langs de kant van ...

Op de dag dat Microsoft de ondersteuning van Windows 10 stopt roept de Australische overheid bedrijven op om legacy IT te ...

Tientallen burgerrechtenbewegingen en maatschappelijke organisaties hebben in een open brief aan de Europese Commissie hun ...

De Friese afvalverwerker Omrin is gisteren getroffen door een ransomware-aanval, wat gevolgen heeft voor de dienstverlening. Zo ...

Het Verenigd Koninkrijk heeft de afgelopen twaalf maanden met een recordaantal cyberaanvallen te maken gekregen die nationale ...

An anonymous reader quotes a report from Ars Technica: Today is the official end-of-support date for Microsoft's Windows 10. That doesn't mean these PCs will suddenly stop working, but if you don't take action, it does mean your PC has received its last regular security patches and that Microsoft is washing its hands of technical support. This end-of-support date comes about a decade after the initial release of Windows 10, which is typical for most Windows versions. But it comes just four years after Windows 10 was replaced by Windows 11, a version with stricter system requirements that left many older-but-still-functional PCs with no officially supported upgrade path. As a result, Windows 10 still runs on roughly 40 percent of the world's Windows PCs (or around a third of US-based PCs), according to StatCounter data. But this end-of-support date also isn't set in stone. Home users with Windows 10 PCs can enroll in Microsoft's Extended Security Updates (ESU) program, which extends the support timeline by another year. [...] Home users can only get a one-year stay of execution for Windows 10, but IT administrators and other institutions with fleets of Windows 10 PCs can also pay for up to three years of ESUs, which is also roughly the amount of time users can expect new Microsoft Defender antivirus updates and updates for core apps like Microsoft Edge. Obviously, Microsoft's preferred upgrade path would be either an upgrade to Windows 11 for PCs that meet the requirements or an upgrade to a new PC that does support Windows 11. It's also still possible, at least for now, to install and run Windows 11 on unsupported PCs. Your day-to-day experience will generally be pretty good, though installing Microsoft's major yearly updates (like the upcoming Windows 11 25H2 update) can be a bit of a pain.

Read more of this story at Slashdot.

Salesforce says it's saving about $100 million a year by using AI tools in the software company's customer service operations. From a report: The company is working to sell AI features that can handle work such as customer service or early-stage sales. To illustrate the value of the Agentforce product to business clients, Salesforce has been vocal about its own use of the technology. Chief Executive Officer Marc Benioff announced the statistic on Salesforce's savings during a speech Tuesday at the annual Dreamforce conference in San Francisco. The company said more than 12,000 customers are using Agentforce. For example, Reddit was able to cut customer support resolution time by 84%, Salesforce said.

Read more of this story at Slashdot.

DirecTV wants to use AI to put you, your family, and your pets inside a custom TV screensaver. From a report: If that's not uncanny enough, you'll find items you can shop for within that AI environment, whether it's a piece of clothing similar to the one your AI likeness is wearing or a piece of furniture that pops up alongside it. The satellite TV giant is partnering with the AI company Glance to roll out this experience to DirecTV Gemini devices starting next year. "We are making television a lean-in experience versus lean back," Rajat Wanchoo, the group vice president of commercial partnerships at Glance, tells The Verge. "We want to give users a chance to use the advancements that have happened in generative AI to create a ChatGPT moment for themselves, but on TV." Glance is owned by InMobi, the same company that injected ecommerce bloatware into Motorola's budget phones.

Read more of this story at Slashdot.

An anonymous reader shares a report: An attorney in a New York Supreme Court commercial case got caught using AI in his filings, and then got caught using AI again in the brief where he had to explain why he used AI, according to court documents filed earlier this month. New York Supreme Court Judge Joel Cohen wrote in a decision granting the plaintiff's attorneys' request for sanctions that the defendant's counsel, Michael Fourte's law offices, not only submitted AI-hallucinated citations and quotations in the summary judgment brief that led to the filing of the plaintiff's motion for sanctions, but also included "multiple new AI-hallucinated citations and quotations" in the process of opposing the motion. "In other words," the judge wrote, "counsel relied upon unvetted AI -- in his telling, via inadequately supervised colleagues -- to defend his use of unvetted AI." The case itself centers on a dispute between family members and a defaulted loan. The details of the case involve a fairly run-of-the-mill domestic money beef, but Fourte's office allegedly using AI that generated fake citations, and then inserting nonexistent citations into the opposition brief, has become the bigger story.

Read more of this story at Slashdot.

Indonesia's film industry has started using generative AI tools to produce films at a fraction of Hollywood budgets. The country's filmmakers are deploying ChatGPT for scriptwriting, Midjourney for image generation, and Runway for video storyboarding. VFX artist Amilio Garcia Leonard told Rest of World that AI has reduced his draft editing time by 70%. The Indonesian Film Producer Association supports the technology. Indonesian films typically cost 10 billion rupiah ($602,500), less than 1% of major Hollywood productions. The sector employed about 40,000 people in 2020 and generated over $400 million in box office sales in 2023. Jobs for storyboarders, VFX artists, and voice actors are disappearing.

Read more of this story at Slashdot.

The United Nations Food and Agriculture Organization projects record production of global cereal crops in the 2025-26 farming season. The forecast covers wheat, corn and rice, and comes as the global stocks-to-use ratio stands around 30.6% -- the world is producing nearly a third more of these foundational crops than it currently uses. The U.S. Department of Agriculture reported in August that American farmers would harvest a record corn crop at record yield per acre. The FAO Food Price Index has risen slightly this year but remains nearly 20% below its peak during the early months of the war in Ukraine. Average calories available per person worldwide have climbed from roughly 2,100 to 2,200 kilocalories daily in the early nineteen-sixties to just under 3,000 kilocalories daily by 2022. Cereal yields have roughly tripled since 1961. Yet the World Bank estimates around 2.6 billion people cannot afford a healthy diet, and current famines in Gaza and Sudan stem from political failures rather than crop failures.

Read more of this story at Slashdot.

Generative AI models trained on internet data lack exposure to vast domains of human knowledge that remain undigitized or underrepresented online. English dominates Common Crawl with 44% of content. Hindi accounts for 0.2% of the data despite being spoken by 7.5% of the global population. Tamil represents 0.04% despite 86 million speakers worldwide. Approximately 97% of the world's languages are classified as "low-resource" in computing. A 2020 study found 88% of languages face such severe neglect in AI technologies that bringing them up to speed would require herculean efforts. Research on medicinal plants in North America, northwest Amazonia and New Guinea found more than 75% of 12,495 distinct uses of plant species were unique to just one local language. Large language models amplify dominant patterns through what researchers call "mode amplification." The phenomenon narrows the scope of accessible knowledge as AI-generated content increasingly fills the internet and becomes training data for subsequent models.

Read more of this story at Slashdot.

California has enacted new legislation that aims to limit companies from charging consumers "exorbitant" fees to cancel fixed-term contracts. From a report: Assembly Bill 483 was signed into law by California Gov. Gavin Newsom on Friday, placing transparency requirements and fee limits on early terminations for installment contracts -- plans that allow consumers to make recurring payments for goods and services over a specified duration. This includes services that lure consumers into signing annual contracts by allowing them to pay in installments that appear similar to rolling monthly subscriptions, but with hefty cancellation fees for not locking in for the full year. The bill bans companies from hiding early termination fee disclosures within fine print or obscured hyperlinks, and limits the total fee amount to a maximum of 30 percent of the total contract cost. The goal is to make it easier for Californians to take these fees into account when comparing between services, and lessen the financial burden if they need to end their contract early.

Read more of this story at Slashdot.

Researchers at UC San Diego and the University of Maryland have found that roughly half of geostationary satellite signals transmit sensitive data without encryption. The team spent three years using an $800 satellite receiver on a university rooftop in San Diego to intercept communications from satellites visible from their location. They collected phone calls and text messages from more than 2,700 T-Mobile users in just nine hours of recording. The researchers also obtained data from airline passengers using in-flight Wi-Fi, communications from electric utilities and offshore oil and gas platforms, and US and Mexican military communications that revealed personnel locations and equipment details. The exposed data resulted from telecommunications companies using satellites to relay signals from remote cell towers to their core networks. The researchers examined only about 15% of global satellite transponder communications and presented their findings at an Association for Computing Machinery conference in Taiwan this week. Most companies warned by the researchers have encrypted their satellite transmissions, but some US critical infrastructure owners have not yet added encryption.

Read more of this story at Slashdot.

An anonymous reader shares a report: China's expansion of its rare earth export controls appeared to mark another escalation in the US-China trade war last week. But the announcements were also significant in another way: unusually, the documents could not be opened using American word processing software. For the first time, China's Ministry of Commerce issued a slew of documents that could be directly accessed only through WPS Office -- China's answer to Microsoft Office -- as Beijing continues its tech self-reliance drive. Developed by the Beijing-based software company Kingsoft, WPS Office uses a different coding structure to Microsoft Office, meaning WPS text files cannot be opened directly in Word without conversion. Previously, the ministry primarily released text documents in Microsoft Word format.

Read more of this story at Slashdot.

Japan's beer behemoth still mopping up after ransomware spill that disrupted deliveries and delayed results

Asahi's cyber hangover just got worse, with the brewer now admitting that personal information may have been tapped in last month's attack....

Lucky few randomly selected to trial the feature, which won't fully roll out for several months

Mozilla is working on a built-in VPN for Firefox, with beta tests opening to select users shortly....

Latest in a long line of EBS flaws leta miscreants remotely compromise enterprise systems to pinch sensitive data

Oracle is rushing out another emergency patch for its embattled E-Business Suite as the fallout from the Clop-linked attacks continues to spread....

Warn businesses to act now as high-severity incidents keep climbing

Cyberattacks that meet upper severity thresholds set by the UK government's cyber agents have risen 50 percent in the last year, despite almost zero change in the volume of cases handled....

Malfunctioning equipment and manual processing cause 90-minute waits

The European Union's new biometric Exit/Entry System (EES) got off to a chaotic start at Prague's international airport, with travelers facing lengthy queues and malfunctioning equipment forcing border staff to process arrivals manually....

'We will never stop,' say crooks, despite retiring twice in the space of a month

The Scattered Lapsus$ Hunters (SLSH) cybercrime collective - compriseed primarily of teenagers and twenty-somethings - announced it will go dark until 2026 following the FBI's seizure of its clearweb site....

Redmond argued schools, education authorities are responsible for GDPR

An Austrian digital privacy group has claimed victory over Microsoft after the country's data protection regulator ruled the software giant "illegally" tracked students via its 365 Education platform and used their data....

Beijing insists it's business as usual – Washington might see it differently

China's competition regulator has launched an investigation into Qualcomm's purchase of Israeli firm Autotalks, the latest salvo in the escalating tech trade war between Washington and Beijing....

Regulator warns penalties will pile up until internet toilet does its paperwork

Ofcom, the UK's Online Safety Act regulator, has fined online message board 4chan £20,000 ($26,680) for failing to protect children from harmful content....

Minister invokes powers to stop firm shifting knowledge to China, citing governance shortcomings

The Dutch government has placed Nexperia - a Chinese-owned semiconductor company that previously operated Britain's Newport Wafer Fab — under special administrative measures, citing serious governance failures that threaten European tech security....

NCEES explains why licensure matters for engineers and answers your top questions about the FE and PE exams. Source Views: 6

La entrada Thinking About Becoming a Licensed Engineer? Start Here. se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

View our compilation of online stories and resources highlighting the Hispanic community and their contributions to STEM. Source Views: 4

La entrada Celebrate Hispanic Heritage Month With SWE se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.troyhunt.com – Author: Troy Hunt Sponsored by: So I had this idea around training a text-to-speech engine with my voice, then using that to speak over the Sonos at home to announce AI-driven events, such as people ringing the doorbell. A few hours’ worth of video from these weekly updates fed into ElevenLabs and […]

La entrada Weekly Update 469 – Source: www.troyhunt.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for a string of data theft and extortion attacks. “Both groups have recently been observed targeting organizations’ Salesforce platforms via different initial […]

La entrada FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.cyberdefensemagazine.com – Author: News team Software supply chain attacks have emerged as a serious threat in the rapidly evolving field of cybersecurity, especially in medical devices. As these devices become more and more interconnected and dependent on complex software ecosystems, the potential for exploitation through the supply chain has grown exponentially. One powerful tool […]

La entrada The Critical Role of Sboms (Software Bill of Materials) In Defending Medtech From Software Supply Chain Threats – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.cyberdefensemagazine.com – Author: News team It’s common knowledge in the cybersecurity industry that ransomware is on the rise, with median demands rising 20% year-over-year across virtually all industries. But it’s not only the ransom sums themselves that are escalating; threat actors are engaging in increasingly aggressive tactics and techniques to extort their victims. It’s […]

La entrada Ransomware Tactics Are Shifting. Here’s How to Keep Up – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.darkreading.com – Author: Rob Wright CERT-FR’s advisory follows last month’s disclosure of a zero-day flaw Apple said was used in “sophisticated” attacks against targeted individuals. Original Post URL: https://www.darkreading.com/vulnerabilities-threats/french-sheds-light-apple-spyware-activity Category & Tags: – Views: 4

La entrada French Advisory Sheds Light on Apple Spyware Activity – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.darkreading.com – Author: Riaz Lakhani Together, we can foster a culture of collaboration and vigilance, ensuring that we are not just waiting for a hero to save us, but actively working to protect ourselves and our communities. Original Post URL: https://www.darkreading.com/cyberattacks-data-breaches/without-federal-help-cyber-defense-cisa Category & Tags: – Views: 6

La entrada Without Federal Help, Cyber Defense Is Up to the Rest of Us – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: securityboulevard.com – Author: Gaurav Banga Here’s a scenario security teams increasingly face. A user—or an attacker pretending to be one—types something like: This is how many prompt injection attempts begin. The phrase looks harmless, but it’s a red flag: the user is telling the AI to forget its built‐in rules. What follows is often […]

La entrada Safer Conversational AI for Cybersecurity: The BIX Approach – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: securityboulevard.com – Author: Sofia Naer Introduction On July 16, 2025, Europol revealed the details of Operation Eastwood, a coordinated international strike against one of the most active pro-Russian cybercrime groups, NoName057(016). The announcement promised a major disruption to the group’s activities. In this blog, we explore whether Operation Eastwood had any real impact on […]

La entrada Operation Eastwood: Measuring the Real Impact on NoName057(16) – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Microsoft restricted access to Edge's IE Mode in August 2025 after hackers used a Chakra zero-day flaw to bypass security and take over user devices. Check out the new steps for enabling IE Mode.

Torrance, United States, 14th October 2025, CyberNewsWire

Tel Aviv, Israel, 14th October 2025, CyberNewsWire

Modern software engineering faces growing complexity across codebases, environments, and workflows. Traditional tools, although effective, rely heavily on…

Spanish Guardia Civil and Group-IB arrest 'GoogleXcoder,' the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil.

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

Astaroth banking trojan has evolved to use GitHub and steganography for resilient C2, hiding its vital commands in images. Learn how this sophisticated malware employs fileless techniques to steal banking and crypto credentials from users across Latin America.

Luxembourg, Luxembourg, 14th October 2025, CyberNewsWire

ShinyHunters and its affiliate hackers have leaked data from 6 firms, including Qantas and Vietnam Airlines, after claiming to breach 39 companies via a Salesforce vulnerability.

Just weeks after its release, OpenAI’s Guardrails system was quickly bypassed by researchers. Read how simple prompt injection attacks fooled the system’s AI judges and exposed an ongoing security concern for OpenAI.

A vulnerability was found in WPBakery Page Builder Plugin up to 8.6.1 on WordPress. It has been declared as problematic. Affected by this issue is some unknown functionality of the component Custom JS Module. Executing manipulation can lead to cross site scripting. This vulnerability is handled as CVE-2025-11160. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in WPBakery Page Builder Plugin up to 8.6.1 on WordPress. It has been classified as problematic. Affected by this vulnerability is the function vc_custom_heading. Performing manipulation of the argument font_container results in cross site scripting. This vulnerability is known as CVE-2025-11161. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Ova Advent Plugin up to 1.1.7 on WordPress and classified as problematic. Affected is an unknown function of the component Shortcode Handler. Such manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-8561. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Quick Featured Images Plugin up to 13.7.2 on WordPress and classified as problematic. This impacts the function qfi_set_thumbnail. This manipulation causes improper control of resource identifiers. This vulnerability appears as CVE-2025-11176. The attack may be initiated remotely. There is no available exploit.

A vulnerability, which was classified as problematic, was found in Wallos 4.1.1. This affects an unknown function of the file /endpoints/currency/currency of the component GET Request Handler. The manipulation results in cross-site request forgery. This vulnerability is reported as CVE-2025-60535. The attack can be launched remotely. No exploit exists.

A vulnerability, which was classified as critical, has been found in Claroty Secure Access up to 4.0.2. The impacted element is an unknown function. The manipulation leads to improper authentication. This vulnerability is documented as CVE-2025-54603. The attack requires being on the local network. There is not any exploit available.

A vulnerability classified as problematic was found in kafka-ui 0.6.0/0.7.2. The affected element is an unknown function of the file /kafka/ui/serdes/CustomSerdeLoader.java. Executing manipulation can lead to improper input validation. This vulnerability is registered as CVE-2025-60537. The attack requires access to the local network. No exploit is available.

A vulnerability classified as problematic has been found in kafka-ui up to 0.7.2. Impacted is an unknown function of the component Configure New Cluster Interface. Performing manipulation results in denial of service. This vulnerability is cataloged as CVE-2025-60536. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability described as critical has been identified in Starnet FastX up to 4.1.51. This issue affects some unknown processing. Such manipulation leads to path traversal. This vulnerability is listed as CVE-2025-57563. The attack may be performed from remote. There is no available exploit.

A vulnerability marked as problematic has been reported in Centreon Infra Monitoring up to 23.10.27/24.04.17/24.10.12. This vulnerability affects unknown code of the component Monitoring Recurrent Downtime Scheduler Module. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2025-8459. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.

https://security-tracker.debian.org/tracker/DSA-6024-1

https://security-tracker.debian.org/tracker/DSA-6023-1

https://security-tracker.debian.org/tracker/DSA-6022-1

https://security-tracker.debian.org/tracker/DSA-6021-1

https://security-tracker.debian.org/tracker/DSA-6020-1

https://security-tracker.debian.org/tracker/DSA-6019-1

https://security-tracker.debian.org/tracker/DSA-6018-1

https://security-tracker.debian.org/tracker/DSA-6017-1

https://security-tracker.debian.org/tracker/DSA-6016-1

https://security-tracker.debian.org/tracker/DSA-6015-1

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.

Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.

Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. **Fax modem hardware dependent on this specific driver will no longer work on Windows.** Microsoft recommends removing any existing dependencies on this hardware.

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. **Fax modem hardware dependent on this specific driver will no longer work on Windows.** Microsoft recommends removing any existing dependencies on this hardware.

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft heeft een kwetsbaarheid verholpen in de JDBC-driver voor SQL Server. Een kwaadwillende kan de kwetsbaarheid misbruiken om middels een Server-in-the-Middle-aanval toegang te krijgen tot gevoelige gegevens, zoals inloggegevens. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden verbinding te maken met een SQL-server onder controle van de kwaadwillende.

Microsoft heeft kwetsbaarheden verholpen in diverse Office producten. Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, willekeurige code uit te voeren met rechten van het slachtoffer, of toegang te krijgen tot gevoelige gegevens in de context van het slachtoffer. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen, of link te volgen. ``` Microsoft Office SharePoint: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59228 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-59237 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office Word: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59221 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-59222 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office Visio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59226 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office PowerPoint: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59238 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59234 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59227 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59229 | 5.50 | Denial-of-Service | |----------------|------|-------------------------------------| Microsoft Office Excel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59231 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59233 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59235 | 7.10 | Toegang tot gevoelige gegevens | | CVE-2025-59236 | 8.40 | Uitvoeren van willekeurige code | | CVE-2025-59243 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59223 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59224 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59225 | 7.80 | Uitvoeren van willekeurige code | | CVE-2025-59232 | 7.10 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| ```

Microsoft heeft kwetsbaarheden verholpen in System Center Configuration Manager. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen en daarmee mogelijk toegang krijgen tot gevoelige gegevens of willekeurige code uit te voeren met verhoogde rechten. Voor succesvol misbruik moet de kwaadwillende over voorafgaande authenticatie beschikken, of lokale toegang hebben tot het kwetsbare systeem. Voor lokaal misbruik is géén voorafgaande authenticatie benodigd.

Microsoft heeft kwetsbaarheden verholpen in diverse Developer Tools. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen, beveiligingsmaatregelen te omzeilen en toegang te krijgen tot gevoelige gegevens. De ernstigste kwetsbaarheid heeft kenmerk CVE-2025-55315 toegewezen gekregen en bevindt zich in ASP .NET core. Een kwaadwillende kan de kwetsbaarheid misbruiken om middels http-request smuggling beveiligingsmaatregelen te omzeilen en zo toegang te krijgen tot gevoelige gegevens in de scope van de applicaties draaiend op de kwetsbare .NET core software. ``` .NET, .NET Framework, Visual Studio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55248 | 4.80 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Visual Studio: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-54132 | 4.40 | Toegang tot gevoelige gegevens | | CVE-2025-55240 | 7.30 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft PowerShell: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-25004 | 7.30 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| ASP.NET Core: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55315 | 9.90 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| .NET: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55247 | 7.30 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| ```

Microsoft heeft kwetsbaarheden verholpen in Exchange Server. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker en zich verhoogde rechten toe te kennen. Voor succesvol misbruik moet de kwaadwillende over voorafgaande authenticatie beschikken.

Microsoft heeft kwetsbaarheden verholpen in diverse Azure componenten. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker en zich mogelijk verhoogde rechten toe te kennen, om zo toegang te krijgen tot gevoelige gegevens of willekeurige code uit te voeren met verhoogde rechten. De ernstigste kwetsbaarheden bevinden zich in Azure Entra ID en stellen een kwaadwillende in staat om zich verhoogde rechten toe te kennen. Deze kwetsbaarheden bevinden zich in een centrale component van Azure en zijn inmiddels verholpen. Voor deze kwetsbaarheden is verder geen actie benodigd en deze zijn opgenomen ter informatie. ``` Azure Connected Machine Agent: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-47989 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-58724 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Azure Entra ID: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59218 | 9.60 | Verkrijgen van verhoogde rechten | | CVE-2025-59246 | 9.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Redis Enterprise: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59271 | 8.70 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Confidential Azure Container Instances: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59291 | 8.20 | Verkrijgen van verhoogde rechten | | CVE-2025-59292 | 8.20 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Azure Monitor Agent: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59494 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-59285 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Azure PlayFab: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59247 | 8.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Azure Monitor: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55321 | 8.70 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| ```

Microsoft heeft kwetsbaarheden verholpen in Windows. Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service - Omzeilen van een beveiligingsmaatregel - Manipulatie van gegevens - Uitvoeren van willekeurige code (gebruikersrechten) - Uitvoeren van willekeurige code (root/adminrechten) - Toegang tot gevoelige gegevens - Verkrijgen van verhoogde rechten - Spoofing De ernstigste kwetsbaarheden hebben de kenmerken CVE-2025-49708 en CVE-2025-59287 toegewezen gekregen. De kwetsbaarheid met kenmerk CVE-2025-49708 bevindt zich in de Graphics Component en stelt een kwaadwillende in staat om uit een Virtual Machine (VM) te breken en acties uit te voeren op de onderliggende Host. De kwetsbaarheid met kenmerk CVE-2025-59287 bevindt zich in de Windows Server Update Servce (WSUS) en stelt een kwaadwillende in staat om op afstand willekeurige code uit te voeren op het kwetsbare systeem. Van de kwetsbaarheid met kenmerk CVE-2025-59230 meldt Microsoft informatie te hebben dat deze actief is misbruikt op verouderde systemen. De kwetsbaarheid bevindt zich in de Remote Access Connection Manager stelt een lokale, geauthenticeerde kwaadwillende in staat om zich SYSTEM-rechten toe te kennen en zo mogelijk willekeurige code uit te voeren als SYSTEM ``` Windows Confidential Virtual Machines (CVM): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-48813 | 6.30 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows Resilient File System (ReFS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55687 | 7.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows DirectX: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55678 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55698 | 7.70 | Denial-of-Service | |----------------|------|-------------------------------------| Windows DWM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55681 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-58722 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Xbox: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53768 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59186 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2025-59207 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-50152 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-55334 | 6.20 | Omzeilen van beveiligingsmaatregel | | CVE-2025-55679 | 5.10 | Toegang tot gevoelige gegevens | | CVE-2025-55683 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2025-55693 | 7.40 | Verkrijgen van verhoogde rechten | | CVE-2025-55699 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2025-59187 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-59194 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Routing and Remote Access Service (RRAS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55700 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-58717 | 6.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Inbox COM Objects: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58732 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-58735 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-59282 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-58730 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-58731 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-58733 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-58734 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-58736 | 7.00 | Uitvoeren van willekeurige code | | CVE-2025-58738 | 7.00 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Agere Windows Modem Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-24990 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-24052 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Active Directory Federation Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59258 | 6.20 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Push Notification Core: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59211 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2025-59209 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Authentication Methods: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59277 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-59275 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-59278 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows File Explorer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58739 | 6.50 | Voordoen als andere gebruiker | | CVE-2025-59214 | 6.50 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Data Sharing Service Client: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59200 | 7.70 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows Hyper-V: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55328 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows NTFS: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55335 | 7.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows ETL Channel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59197 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Microsoft Failover Cluster Virtual Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59260 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Server Update Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59287 | 9.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Windows Speech: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58715 | 8.80 | Verkrijgen van verhoogde rechten | | CVE-2025-58716 | 8.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows NTLM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59284 | 3.30 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows COM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58725 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Network Connection Status Indicator (NCSI): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59201 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| TCG TPM2.0: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-2884 | 5.30 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows MapUrlToZone: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59208 | 7.10 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Internet Explorer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59295 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Core Shell: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59185 | 6.50 | Voordoen als andere gebruiker | | CVE-2025-59244 | 6.50 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows SMB Server: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58726 | 7.50 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Access Connection Manager: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59230 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows PrintWorkflowUserSvc: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55685 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55686 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55689 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55331 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55684 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55688 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55690 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55691 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Taskbar Live: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59294 | 2.10 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows BitLocker: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55333 | 6.10 | Omzeilen van beveiligingsmaatregel | | CVE-2025-55338 | 6.10 | Omzeilen van beveiligingsmaatregel | | CVE-2025-55330 | 6.10 | Omzeilen van beveiligingsmaatregel | | CVE-2025-55332 | 6.10 | Omzeilen van beveiligingsmaatregel | | CVE-2025-55337 | 6.10 | Omzeilen van beveiligingsmaatregel | | CVE-2025-55682 | 6.10 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| NtQueryInformation Token function (ntifs.h): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55696 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows USB Video Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55676 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Ancillary Function Driver for WinSock: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59242 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-58714 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Azure Local: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55697 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Local Session Manager (LSM): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59257 | 6.50 | Denial-of-Service | | CVE-2025-59259 | 6.50 | Denial-of-Service | | CVE-2025-58729 | 6.50 | Denial-of-Service | |----------------|------|-------------------------------------| Windows Resilient File System (ReFS) Deduplication Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59206 | 7.40 | Verkrijgen van verhoogde rechten | | CVE-2025-59210 | 7.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Virtualization-Based Security (VBS) Enclave: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53717 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Cloud Files Mini Filter Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55336 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2025-55680 | 8.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows WLAN Auto Config Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55695 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Software Protection Platform (SPP): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59199 | 8.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Cryptographic Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58720 | 7.80 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Remote Desktop Client: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58718 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows StateRepository API: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59203 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Microsoft Windows Search Component: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59190 | 5.50 | Denial-of-Service | | CVE-2025-59198 | 5.00 | Denial-of-Service | | CVE-2025-59253 | 5.50 | Denial-of-Service | |----------------|------|-------------------------------------| Windows Failover Cluster: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-47979 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2025-59188 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows SMB Client: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59280 | 3.10 | Manipulatie van gegevens | |----------------|------|-------------------------------------| Windows Secure Boot: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-47827 | 4.60 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Microsoft PowerShell: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-25004 | 7.30 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Windows: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55701 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Windows Codecs Library: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-54957 | 7.00 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Error Reporting: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55692 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-55694 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows SSDP Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59196 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Storport.sys Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59192 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Desktop Protocol: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55340 | 7.00 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Connected Devices Platform Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58727 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows NDIS: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55339 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Health and Optimized Experiences Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59241 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Desktop Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59202 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows High Availability Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59184 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Microsoft Brokering File System: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-48004 | 7.40 | Verkrijgen van verhoogde rechten | | CVE-2025-59189 | 7.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows DWM Core Library: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59254 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-59255 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Digital Media: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53150 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-50175 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Hello: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53139 | 7.70 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Connected Devices Platform Service (Cdpsvc): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58719 | 4.70 | Verkrijgen van verhoogde rechten | | CVE-2025-55326 | 7.50 | Uitvoeren van willekeurige code | | CVE-2025-59191 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Device Association Broker service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50174 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-55677 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Bluetooth Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58728 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-59290 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-59289 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Storage Management Provider: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-55325 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Management Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59204 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2025-59193 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Desktop: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-58737 | 7.00 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Graphics Component: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-59195 | 7.00 | Denial-of-Service | | CVE-2025-49708 | 9.90 | Uitvoeren van willekeurige code | | CVE-2016-9535 | 4.00 | Uitvoeren van willekeurige code | | CVE-2025-59205 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-59261 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| ```

Siemens heeft kwetsbaarheden verholpen in diverse producten als SIMATIC, SINEC, SIPLUS en Solid Edge. De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipulatie van gegevens - Omzeilen van een beveiligingsmaatregel - Omzeilen van authenticatie - (Remote) code execution (root/admin rechten) - Toegang tot systeemgegevens - Verhogen van rechten - Spoofing De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.

Juniper heeft kwetsbaarheden verholpen in Junos Space (Specifiek voor alle versies prior tot 24.1R4). De kwetsbaarheden bevinden zich in de wijze waarop Juniper Networks Junos Space gebruikersinvoer verwerkt. Aanvallers kunnen kwaadaardige scripts injecteren in verschillende pagina's, zoals de Device Template Definition, Global Search, en andere secties van de interface. Dit kan leiden tot ongeautoriseerde uitvoering van commando's met de rechten van de getroffen gebruiker. Omdat gebruikers in deze context vaak beheersrechten hebben, is niet uitgesloten dat uitvoer van commando's met verhoogde rechten kan plaatsvinden.

Oracle heeft een kwetsbaarheid verholpen in de Oracle Configurator component van Oracle E-Business Suite (Specifiek voor versies 12.2.3 tot en met 12.2.14). De kwetsbaarheid bevindt zich in de Oracle Configurator component van Oracle E-Business Suite, specifiek in de versies 12.2.3 tot en met 12.2.14. Deze kwetsbaarheid stelt niet-geauthenticeerde aanvallers in staat om toegang te krijgen tot kritieke gegevens. Dit probleem heeft een CVSS-score van 7.5 gekregen, wat wijst op een significante impact op de vertrouwelijkheid. De kwetsbaarheid kan leiden tot ongeautoriseerde blootstelling van gegevens.

Vandaag heeft het NCSC samen met 27 partijen het convenant samenwerking Cyclotron ondertekend op de ONE Conference. De ondertekenaars zijn een groot aantal private partijen en daarnaast ook de AIVD, MIVD, Politie en het NCTV. De ondertekening is een volgende belangrijke stap in de samenwerking met als doel om het beeld op cyberdreigingen en incidenten te versterken door het structureel delen van informatie, het gezamenlijk analyseren van informatie en het verstrekken van informatie uit die analyses aan belanghebbende organisaties. Hiermee wordt de digitale weerbaarheid van Nederland verhoogd.

Voor kleine bedrijven die een financiële drempel ervaren bij het (laten) uitvoeren van cybermaatregelen, is tijdelijk een subsidie beschikbaar: Mijn Cyberweerbare Zaak. Deze subsidie dekt 50% van de kosten van diverse cybermaatregelen, tot een maximum van € 1.250. Kleinere bedrijven met 1 tot en met 50 medewerkers voor wie cybersecurity vaak niet een kerntaak is, kunnen nu met deze subsidie van het ministerie van Economische Zaken de nodige stappen zetten om hun bedrijf beter te beschermen tegen de toenemende cyberdreigingen en eisen die andere bedrijven in de bedrijfsketen stellen.

De cyberweerbaarheid van Nederland is niet langer op te vangen met losse initiatieven. Deze tijd vraagt om één samenhangend netwerk: het Cyberweerbaarheidsnetwerk, kortweg CWN. In het CWN komen publieke en private organisaties samen. Daar brengen ze hun kennis, expertise en ervaring in om gezamenlijk aan opgaven te werken die bijdragen aan de cyberweerbaarheid van alle organisaties in het Koninkrijk der Nederlanden, en daarmee ook de overzeese gebieden. Want alleen samen worden we weerbaarder.

Recentelijk kwam een wereldwijde malwareinfectie van Windows computers aan het licht dankzij software die gebruikers zelf installeerden. Het NCSC adviseert daarom toegang tot de betreffende C2-domeinen te blokkeren, te controleren op de aanwezigheid van de applicaties “Manualfinder”, “PDF-editor” en varianten daarvan, te controleren op de aanwezigheid van JavaScript bestanden met een op een GUID lijkende naam in de directory /AppData/Local/TEMP en om eindgebruikers er met klem op te wijzen om geen externe, onvertrouwde tools te installeren.

Er zijn nieuwe kwetsbaarheden in Citrix Netscaler ontdekt. Met een eerder gepubliceerd detectiescript van het NCSC kan compromittatie worden gedetecteerd.

Eefje Zents wordt met ingang van 15 september 2025 Chief Relations Officer/directeur Samenwerking Digitale weerbaarheid bij het Nationaal Cyber Security Centrum (NCSC) van het ministerie van Justitie en Veiligheid.

Via deze pagina biedt het NCSC een update op de eerdere berichtgeving. We bieden hierin de publicatie van twee nieuwe checkscripts die voorzien zijn van nieuwe indicators of compromise, aanvullende context waarbij we belichten dat het hier om een geraffineerde aanval gaat waarbij meerdere Nederlandse organisaties succesvol aangevallen zijn. Daarnaast deelt het NCSC aanvullende adviezen in het licht van deze digitale aanval. Hiermee willen we organisaties aansporen en ondersteunen om hun digitale weerbaarheid verder te verhogen en zich op de juiste elementen van digitale veiligheid te richten.

Op deze pagina gaat het NCSC verder in op de recent ontdekte kwetsbaarheden in Microsoft SharePoint Server en bieden we handelingsperspectief in het omgaan met deze kwetsbaarheden.

Het NCSC waarschuwt organisaties voor ernstige kwetsbaarheden in Microsoft SharePoint Server. Microsoft heeft inmiddels beveiligingsupdates beschikbaar gesteld voor de kwetsbare systemen. Omdat het NCSC actief misbruik ziet, is het nadrukkelijke advies om de updates zo snel mogelijk te installeren. De kwetsbaarheden in Microsoft SharePoint Server staan los van de kwetsbaarheden in de Citrix-producten waarvoor het NCSC al eerder waarschuwde.

Het NCSC heeft beveiligingsadviezen uitgebracht ten aanzien van kwetsbaarheden Citrix NetScaler ADC en NetScaler Gateway. Op dit moment is er sprake van actief misbruik, waardoor het NCSC hier opnieuw aandacht voor vraagt. Citrix heeft inmiddels updates beschikbaar gesteld om deze kwetsbaarheden te verhelpen. Het NCSC roept organisaties met klem op om de maatregelen uit de adviezen te volgen en systemen te controleren op compromittatie.

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um Daten zu manipulieren oder einen Denial of Service herbeizuführen.

Ein Angreifer kann mehrere Schwachstellen in Veeam Backup & Replication ausnutzen, um beliebigen Programmcode auszuführen und sich erweiterte Berechtigungen zu verschaffen.

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in LibTiff ausnutzen, um einen Code auszuführen.

Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen und nicht näher spezifizierte Auswirkungen zu erzielen.

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Dateien zu manipulieren.

Ein lokaler Angreifer kann eine Schwachstelle im Linux UDisks Daemon ausnutzen, um seine Privilegien zu erhöhen oder einen Denial of Service herbeizuführen.

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Podman ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen unspezifischen Angriff durchzuführen.

Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder andere nicht spezifizierte Angriffe durchzuführen.

Ein Angreifer in Funk-Reichweite kann eine Schwachstelle in bluez ausnutzen, um beliebigen Programmcode auszuführen.

De multiples vulnérabilités ont été découvertes dans les produits Mattermost. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.

De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

De multiples vulnérabilités ont été découvertes dans Joomla!. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

De multiples vulnérabilités ont été découvertes dans Mozilla Firefox. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

De multiples vulnérabilités ont été découvertes dans OpenSSL. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

De multiples vulnérabilités ont été découvertes dans Tenable Security Center. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un contournement de la politique de sécurité.

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.

De multiples vulnérabilités ont été découvertes dans Zabbix. Elles permettent à un attaquant de provoquer une élévation de privilèges et une atteinte à la confidentialité des données.

Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked as Ethereal Panda and RedJuliett. According to the U.S. government, it's assessed to be a publicly-traded

Every October brings a familiar rhythm - pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal milestone. Make no mistake, as a security professional, I love this month. Launched by CISA and the National

Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The attack, per ETH Zürich researchers Benedict Schlüter and Shweta Shinde, exploits AMD's incomplete protections that make it possible to perform a single memory

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel. The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University of

Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and enabling attackers to map your

Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks. Webhooks on Discord are a way to post messages to channels in the platform without requiring a bot user or authentication, making them an attractive mechanism for attackers to

Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveraging web injections and filtering checks as part of its attack chains. "TA585 is notable because it

Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done. This week’s edition looks at how attackers are changing the game — linking different flaws, working together across borders, and even turning trusted tools into weapons.

Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment data while your WAF and intrusion detection systems see nothing. With the 2025 shopping season weeks away, visibility gaps must close now. Get the complete Holiday Season Security Playbook here. Bottom Line Up Front The 2024 holiday season saw major

Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an "exploit shotgun" approach, has singled out a wide range of internet-exposed infrastructure, including routers, digital video recorders (DVRs), network video recorders (NVRs), CCTV systems, web servers, and

A GitHub Copilot Chat bug let attackers steal private code via prompt injection. Learn how CamoLeak worked and how to defend against AI risks.

The post CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft appeared first on TechRepublic.

Oracle patches a high-severity EBS flaw that could let attackers bypass authentication and access sensitive enterprise data.

The post Critical Oracle EBS Flaw Could Expose Sensitive Data appeared first on TechRepublic.

The World Economic Forum and Accenture offer a practical roadmap for organizations to leverage responsible AI into a competitive advantage.

The post New Playbook Offers Guidelines on Advancing Transformative Responsible AI appeared first on TechRepublic.

After breaching the security of Oracle’s E-Business Suite, a well-known group of hackers is actively trying to extort execs for millions of dollars.

The post Oracle Extortion Case: $50M Demand From ‘Notorious’ Hacking Group appeared first on TechRepublic.

Microsoft 365 Premium subscription bundles Copilot AI and Office apps for $19.99/month. It replaces Copilot Pro and offers a secure way to use AI at work.

The post Microsoft Unveils 365 Premium, Its New Top-Tier AI and Productivity Bundle appeared first on TechRepublic.

Developers can sell security solutions and agents that work with Microsoft security products, including the Copilot AI.

The post Microsoft Launches Security Store to Unify AI-Powered Defense Tools appeared first on TechRepublic.

The US Commerce Chief has also issued a warning about DeepSeek that reliance on those AI models is "dangerous and shortsighted."

The post DeepSeek AI Models Are Easier to Hack Than US Rivals, Warn Researchers appeared first on TechRepublic.

CISA is among the government agencies affected. The shutdown is a reminder for government contractors to harden their cybersecurity.

The post What Does the Government Shutdown Mean for Cybersecurity? appeared first on TechRepublic.

This new ransomware detection is available in beta in Google Drive for desktop on Windows or macOS, with a general release expected by the end of the year.

The post Google Adds AI-Powered Ransomware Protection and Recovery to Drive for Desktop appeared first on TechRepublic.

Two defendants pleaded guilty in a Bitcoin laundering case tied to the UK's record crypto seizure. The Met’s seven-year probe moves to sentencing 10–11 November.

The post UK Police Convicts Pair in £5.5 Billion Bitcoin Launder Case appeared first on TechRepublic.

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors. [...]

In what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final free update for the operating system as it reaches the end of its support lifecycle. [...]

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content. [...]

Microsoft has reminded that Exchange Server 2016 and 2019 reached the end of support and advised IT administrators to upgrade servers to Exchange Server SE or migrate to Exchange Online. [...]

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. Get patching! [...]

Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities and issues. [...]

The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. [...]

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]

Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities. [...]

FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs' reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding over disclosure process. [...]

Large language models are reshaping how we write software. With a few prompts, developers can generate boilerplate, integrate dependencies, write tests, and scaffold entire systems in a fraction of the time it used to take.

The post The LLM Dependency Trap appeared first on Security Boulevard.

4 min readSay goodbye to long-lived personal access tokens as you replace them with ephemeral, policy-driven credentials and automated service account management.

The post Aembit Connects AI and Workload Access to AWS Secrets Manager appeared first on Aembit.

The post Aembit Connects AI and Workload Access to AWS Secrets Manager appeared first on Security Boulevard.

Author, Creator & Presenter: Keynote2: Frederik Braun (Mozilla)

Session 3: Web3 and Work in Progress: Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) 2025, co-located with the Network and Distributed System Security (NDSS) Symposium 2025

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’YouTube channel.

Permalink

The post NDSS 2025 – MADWeb 2025, Keynote 2 and Session 3 appeared first on Security Boulevard.

Jeff Reed, chief product officer at Vectra AI, talks about the company’s latest advances in detection and response—and how AI is transforming the way enterprises defend against modern cyber threats. Reed, who joined Vectra after years leading cloud security and product teams at Google, explains that traditional approaches to threat detection are no longer sufficient...

The post Beyond Alerts: Building Smarter, Context-Aware Threat Detection appeared first on Security Boulevard.

Cristian Rodriguez, Field CTO for the Americas at CrowdStrike, discusses how artificial intelligence and evolving threat dynamics are reshaping cybersecurity. Rodriguez brings a unique perspective—equal parts technical and creative—describing how CrowdStrike continues to innovate in an era defined by speed and complexity. He notes that attackers are evolving just as quickly as defenders, with AI..

The post Preparing for the Next Wave of AI-Driven Threats appeared first on Security Boulevard.

The China-based APT group Flax Typhoon used a function within ArcGIS' legitimate geo-mapping software to create a webshell through which it established persistence for more than a year to execute malicious commands and steal credentials.

The post China’s Flax Typhoon Exploits ArcGIS App for Year-Long Persistence appeared first on Security Boulevard.

Despite continued investments in SIEMs, threat intelligence platforms, and managed detection services, many Security Operations Centers (SOCs) remain in a defensive position. SOCs are reactive, overstretched, and underprepared. High-profile breaches continue to grab headlines, but they are only what is visible. The reality is that SOC teams are overwhelmed by alert fatigue, organizational friction, and..

The post The Defensive Gap: Why Modern SOCs Are Losing Ground and How to Close It appeared first on Security Boulevard.

Your users aren’t downloading files to their desktops anymore. They’re not running local applications. They’re working in Google Docs, Salesforce, Slack, and dozens of other browser-based platforms. The endpoint—the place where work actually happens—has moved entirely into the browser. Your security tools haven’t made that move with them. Legacy vendors built traditional Secure Web Gateways..

The post The Endpoint Has Moved to the Browser — Your Security Tools Haven’t appeared first on Security Boulevard.

Learn how microsegmentation builds OT breach ready cyber defense, limits lateral movement, and protects industrial systems from disruptions.

The post What is OT Breach Ready Cyber Defense? appeared first on ColorTokens.

The post What is OT Breach Ready Cyber Defense? appeared first on Security Boulevard.

As a leader in AI-centric DevSecOps, Sonatype has been recognized as a Visionary in the 2025 Gartner Magic Quadrant for Application Security Testing (AST).

The post Sonatype Named a Visionary in the 2025 Gartner® Magic QuadrantTM for Application Security Testing appeared first on Security Boulevard.

Topic: Perfex CRM Chatbot Cross Site Scripting Risk: Low Text:# CVE-2025-60374 CVE-2025-60374: Stored Cross-Site Scripting (XSS) in Perfex CRM Chatbot > **⚠️ Security Advisory** ...

Topic: DirectAdmin v1.680 DOM Injection via return-to Parameter Risk: Low Text: # Exploit Title: DirectAdmin v1.680 DOM Injection via return-to Parameter (UI Misrepresentation) # E...

Topic: SugarCRM unauthenticated Remote Code Execution (RCE) Risk: High Text:# Exploit Title: SugarCRM unauthenticated Remote Code Execution (RCE) # Exploit Author: DANG # Vendor Homepage: https://www.s...

Topic: GaatiTrack-1.0 Copyright©2025-Multiple-SQLi - Metasploit module Risk: Medium Text:# Titles: GaatiTrack-1.0 Copyright©2025-Multiple-SQLi - Metasploit module # Author: nu11secur1ty # Date: 10/06/2025 # Vend...

Topic: CPAS Audit Management Information System 4.9 SQL Injection Risk: Medium Text:# CPAS-bug CPAS audit management information system has SQL injection vulnerability # Beijing YouDataSum Technology Co., Lt...

Topic: ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting Risk: Low Text:...

Topic: nopCommerce 4.40.3 - Stored Cross-Site Scripting (XSS) Risk: Low Text:# Exploit Title: nopCommerce 4.40.3 - Stored Cross-Site Scripting (XSS) # Exploit Author: Scott Sturrock 'ssturrock -at- proto...

Topic: DirectAdmin v1.680 DOM Injection via return-to Parameter (UI Misrepresentation) Risk: Medium Text:# Exploit Title: DirectAdmin v1.680 DOM Injection via return-to Parameter (UI Misrepresentation) # Exploit Author: Scott Sturr...

Topic: WordPress Quentn WP 1.2.8 Privilege Escalation Risk: Medium Text:#!/usr/bin/env python3 # -*- coding: utf-8 -*- import argparse import base64 import hashlib import json import random ...

Topic: StoryChief Wordpress Plugin 1.0.42 Arbitrary File Upload Risk: High Text:# Exploit Title: StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload # Exploit Author: xpl0dec # Vendor Homepage: http...

The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating efforts to limit collateral damage from the botnet's attacks, which shattered previous records this week with a brief traffic flood that clocked in at nearly 30 trillion bits of data per second.

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility for a recent breach involving Discord user data, and for stealing terabytes of sensitive files from thousands of customers of the enterprise software maker Red Hat.

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.

In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before Russia invaded Ukraine and quickly became a top source of Kremlin-linked cyberattacks and disinformation campaigns. But new data shows those sanctions have done little to stop Stark from simply rebranding and transferring their assets to other corporate entities controlled by its original hosting providers.

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's most-dire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn that a similar attack with a slightly more nefarious payload could quickly lead to a disruptive malware outbreak that is far more difficult to detect and restrain.

The chairman of the Federal Trade Commission (FTC) last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followed media reports accusing Gmail of disproportionately flagging messages from the GOP fundraising platform WinRed and sending them to the spam folder. But according to experts who track daily spam volumes worldwide, WinRed's messages are getting blocked more because its methods of blasting email are increasingly way more spammy than that of ActBlue, the fundraising platform for Democrats.

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We've since learned that these scam gambling sites have proliferated thanks to a new Russian affiliate program called "Gambler Panel" that bills itself as a "soulless project that is made for profit."

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

This week's video was recorded on Friday morning Aussie time, and as promised, hackers dumped data the following day. Listening back to parts of the video as I write this on a Sunday morning, pretty much what was predicted happened: data was dumped, it included Qantas, and the

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

You see it all the time after a tragedy occurs somewhere, and people flock to offer their sympathies via the "thoughts and prayers" line. Sympathy is great, and we should all express that sentiment appropriately. The criticism, however, is that the line is often offered as a substitute

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

This probably comes through pretty strongly in this week's video, but I love the vibe at CERN. It's a place so focused on the common good of science that all the other cultural attributes that often put people at odds these days fade into the distance.

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

It's hard to explain the significance of CERN. It's the birthplace of the World Wide Web and the home of the largest machine ever built, the Large Hadron Collider. The bit that's hard to explain is, well, I mean, look at it!

Charlotte and

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

I'm so happy to finally be getting those HIBP demos out! The first couple are simple, but as I say in this week's vid, it's the simple questions we're still dealing with. As if to taunt me (or prove my point), we

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

One of the most common use cases for HIBP's API is querying by email address, and we support hundreds of millions of searches against this endpoint every month. Loads of organisations use this service to understand the exposure of their customers and provide them with better protection against

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

Imagine jumping on board a class action after your precious datas have been breached, then sticking through it all the way until a settlement is reached. Then, finally, after a long and arduous battle, cashing in and getting... $1. Well, kinda $1, the ParkMobile class action granted up to $1

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

Well, one of them is, but what's important is that we now have a platform on which we can start pushing out a lot more. It's not that HIBP is a particularly complex system that needs explaining in any depth, but we still get a lot

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

So I had this idea around training a text-to-speech engine with my voice, then using that to speak over the Sonos at home to announce AI-driven events, such as people ringing the doorbell. A few hours' worth of video from these weekly updates fed into ElevenLabs and wammo! Here

Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device.

I only just realised, as I prepared this accompanying blog post, that I didn't talk about one of the points in the overview: food. One of my fondest memories as a child living in Singapore and now as an adult visiting there is the food. It's

This is a current list of where and when I am scheduled to speak:

• I and Nathan E. Sanders will be giving a book talk on Rewiring Democracy at the Harvard Kennedy School’s Ash Center in Cambridge, Massachusetts, USA, on October 22, 2025 at noon ET.
• I and Nathan E. Sanders will be speaking and signing books at the Cambridge Public Library in Cambridge, Massachusetts, USA, on October 22, 2025 at 6:00 PM ET. The event is sponsored by Harvard Bookstore.
• I and Nathan E. Sanders will give a virtual talk about our book Rewiring Democracy on October 23, 2025 at 1:00 PM ET. The event is hosted by Data & Society...

This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US:

The administration has also adapted its methods of social media surveillance. Though agencies like the State Department have gathered millions of handles and monitored political discussions online, the Trump administration has been more explicit in who it’s targeting. Secretary of State Marco Rubio announced a new, zero-tolerance “Catch and Revoke” strategy, which uses AI to monitor the public speech of foreign nationals and revoke visas...

My latest book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship, will be published in just over a week. No reviews yet, but you can read chapters 12 and 34 (of 43 chapters total).

You can order the book pretty much everywhere, and a copy signed by me here.

Please help spread the word. I want this book to make a splash when it’s public. Leave a review on whatever site you buy it from. Or make a TikTok video. Or do whatever you kids do these days. Is anyone a Slashdot contributor? I’d like the book to be announced there...

Two years ago, Americans anxious about the forthcoming 2024 presidential election were considering the malevolent force of an election influencer: artificial intelligence. Over the past several years, we have seen plenty of warning signs from elections worldwide demonstrating how AI can be used to propagate misinformation and alter the political landscape, whether by trolls on social media, foreign influencers, or even a street magician. AI is poised to play a more volatile role than ever before in America’s next federal election in 2026. We can already see how different groups of political actors are approaching AI. Professional campaigners are using AI to accelerate the traditional tactics of electioneering; organizers are using it to reinvent how movements are built; and citizens are using it both to express themselves and amplify their side’s messaging. Because there are so few rules, and so little prospect of regulatory action, around AI’s role in politics, there is no oversight of these activities, and no safeguards against the dramatic potential impacts for our democracy...

Video.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

AI agents are now hacking computers. They’re getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation, and hack autonomously, at computer speeds and scale. This is going to change everything.

Over the summer, hackers proved the concept, industry institutionalized it, and criminals operationalized it. In June, AI company XBOW took the top spot on HackerOne’s US leaderboard after submitting over 1,000 new vulnerabilities in just a few months. In August, the seven teams competing in DARPA’s AI Cyber Challenge ...

The company Flok is surveilling us as we drive:

A retired veteran named Lee Schmidt wanted to know how often Norfolk, Virginia’s 176 Flock Safety automated license-plate-reader cameras were tracking him. The answer, according to a U.S. District Court lawsuit filed in September, was more than four times a day, or 526 times from mid-February to early July. No, there’s no warrant out for Schmidt’s arrest, nor is there a warrant for Schmidt’s co-plaintiff, Crystal Arrington, whom the system tagged 849 times in roughly the same period.

You might think this sounds like it violates the Fourth Amendment, which protects American citizens from unreasonable searches and seizures without probable cause. Well, so does the American Civil Liberties Union. Norfolk, Virginia Judge Jamilah LeCruise also agrees, and in 2024 she ruled that plate-reader data obtained without a search warrant couldn’t be used against a defendant in a robbery case...

Citizen Lab has uncovered a coordinated AI-enabled influence operation against the Iranian government, probably conducted by Israel.

Key Findings

• A coordinated network of more than 50 inauthentic X profiles is conducting an AI-enabled influence operation. The network, which we refer to as “PRISONBREAK,” is spreading narratives inciting Iranian audiences to revolt against the Islamic Republic of Iran.
• While the network was created in 2023, almost all of its activity was conducted starting in January 2025, and continues to the present day.
• The profiles’ activity appears to have been synchronized, at least in part, with the military campaign that the Israel Defense Forces conducted against Iranian targets in June 2025. ...

We are nearly one year out from the 2026 midterm elections, and it’s far too early to predict the outcomes. But it’s a safe bet that artificial intelligence technologies will once again be a major storyline.

The widespread fear that AI would be used to manipulate the 2024 US election seems rather quaint in a year where the president posts AI-generated images of himself as the pope on official White House accounts. But AI is a lot more than an information manipulator. It’s also emerging as a politicized issue. Political first-movers are adopting the technology, and that’s opening a ...

Article. Report.

A botnet of 100K+ IPs from multiple countries is attacking U.S. RDP services in a campaign active since October 8. GreyNoise researchers uncovered a large-scale botnet that is targeting Remote Desktop Protocol (RDP) services in the United States starting on October 8. The company discovered the botnet after detecting an unusual spike in Brazilian IP […]

Harvard University confirmed being targeted in the Oracle EBS campaign after the Cl0p ransomware group leaked 1.3 TB of data. Harvard University confirmed it was targeted in the Oracle E-Business Suite campaign after the Cl0p ransomware group listed it on its leak site. The cybercrime group claimed to have leaked 1.3 TB of data allegedly […]

The UK’s NCSC handled 429 cyberattacks from Sept 2024–Aug 2025, including 204 nationally significant cases, over double the previous year’s total. The UK’s National Cyber Security Centre (NCSC) reported a record surge in major cyberattacks, responding to 429 incidents from September 2024 to August 2025, including 204 deemed “nationally significant”, more than double the previous […]

SpyChain shows how unverified COTS hardware in small satellites can enable persistent, multi-component supply chain attacks using NASA’s NOS3 simulator. The rise of small satellites has transformed scientific, commercial, and defense operations. Using commercial off-the-shelf (COTS) parts makes them cheaper and faster to build but also introduces new, poorly understood security risks unique to space […]

Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884. Oracle released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS Score of 7.5), in E-Business Suite’s Runtime UI component (versions 12.2.3–12.2.14). “Oracle has just released Security Alert CVE-2025-61884. This vulnerability affects some deployments of Oracle E-Business […]

Malicious code on Unity Technologies’s SpeedTree site skimmed sensitive data from hundreds of customers, the company confirmed. Video game software development firm Unity Technologies revealed that malicious code on its SpeedTree website skimmed sensitive information from hundreds of customers, impacting users who accessed the compromised site. The company discovered on August 26, 2025, the presence […]

Medusa ransomware hit SimonMed Imaging, stealing 200 GB of data and impacting over 1.2 million people in a major healthcare data breach. SimonMed Imaging suffered a ransomware attack by the Medusa group, which claimed to have stolen 200 GB of data. SimonMed Imaging is one of the largest outpatient medical imaging providers in the U.S., […]

Microsoft updated Edge’s Internet Explorer mode after August 2025 reports that attackers exploited it to access users’ devices without authorization. Microsoft updated Edge’s Internet Explorer mode after reports in August 2025 that threat actors exploited the backward compatibility feature to gain unauthorized device access. Microsoft Edge’s IE mode lets organizations run legacy Internet Explorer 11 […]

The Astaroth banking Trojan uses GitHub to host malware configs, evade C2 takedowns and stay active by pulling new settings from the platform. McAfee discovered a new Astaroth campaign using GitHub repositories to host malware configurations. This allows attackers to evade takedowns by pulling fresh configs from GitHub whenever C2 servers are shut down, ensuring […]

Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant […]

"'Shift left’ is a very trendy concept over the past few years [in application security]. The weird thing is, prevention is seen as something that's kind of old school in endpoint security or security operations."

Use this short checklist as a launchpad: adopt the basics consistently, strengthen the controls that matter most, and build routines that keep those protections current and effective.

Counter Threat UnitTM (CTU) researchers are investigating multiple incidents in an ongoing campaign targeting users of the WhatsApp messaging platform. The campaign, which started on September 29, 2025, is focused on Brazil and seeks to trick users into executing a malicious file attached to a self-spreading message received from a previously infected WhatsApp web session. […]

292 IT and cybersecurity leaders reveal the ransomware realities for healthcare establishments today.

Sophos MDR is all but mandatory to keep this New York-based MSP’s customers secure.

See how your networks, systems, and employees stand up to simulated attacks before an adversary strikes.

The consequences of this burnout are far-reaching, affecting productivity, incident response times, and employee retention.

Security teams are under increasing pressure to detect and respond to threats in real time, especially as the median dwell time for ransomware attacks has dropped from weeks to a few days. Yet many organizations still rely on legacy Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) tools. These tools […]

A milestone that reflects our progress.

How the notorious Packer-as-a-Service operation built itself into a hydra