Cybersecurity

Logitech leaks data after zero-day attack

INFOSEC IN BRIEF PLUS: CISA still sitting on telecoms security report; DoorDash phished again; Lumma stealer returns; and more

Security16 Nov 2025 | 1

UK's Cyber Security and Resilience Bill makes Parliamentary debut

Various touch-ups added as MPs seek greater resilience to attacks on critical sectors

Security12 Nov 2025 | 15

Aviation watchdog says organized drone attacks will shut UK airports ‘sooner or later’

Skies are open for mischief as hard-to-trace drones and fast-moving cyber raids promise new wave of disruption

Edge + IoT12 Nov 2025 | 30

China hates crypto and scams, but is now outraged USA acquired bitcoin from a scammer

A new theory from the agency that brought us ‘America hacked itself to blame Beijing’

Cyber-crime12 Nov 2025 | 12

Australia’s spy boss says authoritarian nations ready to commit ‘high-impact sabotage’

‘Elite teams’ are pondering cyber-attacks to turn off energy supply or telecoms networks

Security12 Nov 2025 | 35

Critical federal cybersecurity funding set to resume as government shutdown draws to a close - for now

Resolution acquiesced to by 8 Dems includes CISA Act funding, layoff reversals, and could be easily undone

Public Sector10 Nov 2025 | 6

Louvre's pathetic passwords belong in a museum, just not that one

Infosec in brief PLUS: CISA layoffs continue; Lawmakers criticize camera security; China to execute scammers; And more

Security09 Nov 2025 | 24

Bank of England says JLR's cyberattack contributed to UK's unexpectedly slower GDP growth

This kind of material economic impact from online crooks thought to be a UK-first

Cyber-crime07 Nov 2025 | 48

AMD red-faced over random-number bug that kills cryptographic security

Local privileges required to exploit flaw in Ryzen and Epyc CPUs. Some patches available, more on the way

Security05 Nov 2025 | 11

Consumer Financial Protection Bureau's security falls apart amid layoffs

Security program fails to meet federal standards as government cuts drain resources

Security04 Nov 2025 | 3

The race to shore up Europe’s power grids against cyberattacks and sabotage

Feature Ukraine first to demo open source security platform to isolate incidents, stop lateral movement

Security03 Nov 2025 | 23

Attackers targeting unpatched Cisco kit notice malware implant removal, install it again

Infosec in brief PLUS: Cyber-exec admits selling secrets to Russia; LastPass isn't checking to see if you're dead; Nation-state backed Windows malware; and more

Security02 Nov 2025 | 1

Proton trains new service to expose corporate infosec cover-ups

Service will tell on compromised organizations, even if they didn't plan on doing so themselves

Security30 Oct 2025 |

Postcode Lottery's lucky dip turns into data slip as players draw each other's info

Biz says 'technical error' caused short-lived leak affecting small number of users

Security30 Oct 2025 | 22

EY exposes 4TB+ SQL database to open internet for who knows how long

The Big Four biz’s big fat fail exposed a boatload of secrets online

Security29 Oct 2025 | 55

9 in 10 Exchange servers in Germany still running out-of-support software

Cybersecurity agency urges organizations to upgrade or risk total network compromise

Security29 Oct 2025 | 32

Iran's school for cyberspies could've used a few more lessons in preventing breaches

Ravin Academy confirms the intrusion on Telegram, says student data was stolen

Cyber-crime27 Oct 2025 | 7

X says passkey reset isn't about a security issue – it's to finally kill off twitter.com

Social media site dispatches crucial clarification days after curious announcement

Personal Tech27 Oct 2025 | 19

Shaq's new ride gets jaq'ed in haq attaq

Infosec In Brief PLUS: Judge spanks NSO; Mozilla requires data use disclosures; TARmageddon meets Rust; And more!

Security26 Oct 2025 | 12

Devs are writing VS Code extensions that blab secrets by the bucketload

Vibe coding may have played a role in what took researchers months to fix

Research15 Oct 2025 | 10

CISA cuts more staff and reassigns others as government stays shut down

America's main cybersecurity agency has lost almost 1,000 people this year

Public Sector14 Oct 2025 | 6

British govt agents demand action after UK mega-cyberattacks surge 50%

Warn businesses to act now as high-severity incidents keep climbing

Cyber-crime14 Oct 2025 | 37

Senators try to save cyber threat sharing law, sans government funding

in brief Also, DraftKings gets stuffed, Zimbra collab software exploited again, and Apple bug bounties balloon

Cybersecurity Month13 Oct 2025 | 2

Pro-Russia hacktivist group dies of cringe after falling into researchers' trap

Forescout's phony water plant fooled TwoNet into claiming a fake cyber victory – then it quietly shut up shop

Security10 Oct 2025 | 10

UK techies' union warns members after breach exposes sensitive personal details

Prospect apologizes for cyber gaffe affecting up to 160K members

Cybersecurity Month10 Oct 2025 | 21

It's trivially easy to poison LLMs into spitting out gibberish, says Anthropic

Just 250 malicious training documents can poison a 13B parameter model - that's 0.00016% of a whole dataset

AI + ML09 Oct 2025 | 54

Discord says 70,000 photo IDs compromised in customer service breach

No word on why the outsourced supplier was storing this data in the first place

Cybersecurity Month09 Oct 2025 | 51

Hobble your AI agents to prevent them from hurting you too badly

That's the main takeaway from the Zenity AI Agent Security Summit

Cybersecurity Month09 Oct 2025 | 11

Germany slams brakes on EU's Chat Control device-scanning snoopfest

Berlin's opposition likely kills off Brussels' bid to scan everyone's messages

CSO08 Oct 2025 | 47

Subpoena tracking platform blames outage on AWS social engineering attack

Software maker Kodex said its domain registrar fell for a fraudulent legal order

Cybersecurity Month02 Oct 2025 |

Tile trackers are a stalker's dream, say Georgia Tech researchers

Plaintext transmissions, fixed MAC addresses, rotating 'unique' IDs, and more, make abuse easy

Research30 Sep 2025 | 15

Warnings about Cisco vulns under active exploit are falling on deaf ears

50,000 firewall devices still exposed

Patches30 Sep 2025 | 22

UK may already be at war with Russia, ex-MI5 head suggests

Baroness Manningham-Buller cites Kremlin sabotage, cyberattacks, and assassinations as signs of an undeclared conflict

Security29 Sep 2025 | 113

Jaguar Land Rover gets £1.5B government jump-start after cyber breakdown

Hundreds of thousands of workers in financial despair supported with landmark loan

Cyber-crime29 Sep 2025 | 31

Cyber threat-sharing law set to shut down, along with US government

Act passed in 2015 is due to lapse unless a continuing resolution passes - and that's unlikely

Security26 Sep 2025 | 9

Federal agencies DOGE questions about what cost-cutting team is doing

Oversight efforts have been rebuffed, says Democratic report, 'putting Americans' personal data at risk'

Public Sector26 Sep 2025 | 25

Politicos: 'There is a good strong case for government intervention' on JLR cyberattack

Covid-style financial support? Nothing to confirm yet, say MPs

Cyber-crime24 Sep 2025 | 23

OnePlus leaves researchers on read over Android bug that exposes texts

Updated Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up

Security23 Sep 2025 | 11

SIM city: Feds say 100,000-card farms could have killed cell towers in NYC

Secret Service seizes 300-server network allegedly tied to nation-state hackers

Cyber-crime23 Sep 2025 | 81

EV charging biz zaps customers with data leak scare

Names, emails unplugged in DCS support snafu – but 'billing is safe'

Security23 Sep 2025 | 8

EU’s cyber agency blames ransomware as Euro airport check-in chaos continues

Airport staff revert to manual ops as travellers urged to use self-service check-in where possible

Cyber-crime22 Sep 2025 | 25

Tech troubles create aviation chaos on both sides of the Atlantic

‘Cyber-attack’ on ticketing outfit Collins and cable cuts at Dallas ground hundreds of flights

Cyber-crime22 Sep 2025 | 53

Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug

Outside experts say the vulnerability has probably already been exploited

Patches19 Sep 2025 | 7

Self-propagating worm fuels latest npm supply chain compromise

Intrusions bear the same hallmarks as recent Nx mess

Cybersecurity Month16 Sep 2025 | 15

China slaps 1-hour deadline on reporting serious cyber incidents

Cyberspace watchdog tightens reporting regime, leaving little time to hide incidents

Cybersecurity Month16 Sep 2025 | 16

Jaguar Land Rover supply chain workers must get Covid-style support, says union

As post-cyberattack layoffs begin, labor org argues UK goverment should step in

Cybersecurity Month15 Sep 2025 | 56

CISA program gave out $20k+ payments to unqualified employees, auditor says

The OIG says the Cyber Incentive program was rife with 'fraud, waste, and abuse'

Cybersecurity Month12 Sep 2025 | 1

All your vulns are belong to us! CISA wants to maintain gov control of CVE program

Get ready for a fight over who steers the global standard for vulnerability identification

Cybersecurity Month12 Sep 2025 | 9

1,200 undergrads hung out to dry after jailbreak attack on laundry machines

Dorm management refuses to cover costs after payment system borked

Offbeat12 Sep 2025 | 96

Huntress's 'hilarious' attacker surveillance splits infosec community

Ethical concerns raised after crook offered themselves up on silver platter

Security12 Sep 2025 | 47

Attacker steals customer data from Brit rail operator LNER during break-in at supplier

Major UK player cagey on specifics but latest attack follows string blamed on 'third party' suppliers

Cyber-crime11 Sep 2025 | 7

Flu jab email mishap exposes hundreds of students' personal data

One parent expressed concern for their child's safety

Security10 Sep 2025 | 17

New cybersecurity rules land for Defense Department contractors

Now if only someone would remember to apply those rules inside the DoD

Security09 Sep 2025 | 4

What the Plex? Streaming service suffers yet another password spill

For the third time in a decade

Cyber-crime09 Sep 2025 | 17

The US government has no idea how many cybersecurity pros it employs

Auditors find federal cybersecurity workforce data messy, incomplete, and unreliable

Public Sector08 Sep 2025 | 14

UK government dragged for incomplete security reforms after Afghan leak fallout

Senior officials summoned to science and tech committee to explain further

CSO29 Aug 2025 | 25