Latest news as of 9/18/2025, 9:08:48 AM
Bleeping Computer
WatchGuard has released security updates to address a remote code execution vulnerability impacting the company's Firebox firewalls. [...]
Graham Cluley
Conor Brian Fitzpatrick, the creator of the notorious BreachForums hacking forum, has been resentenced to three years in prison after a US appeals court overturned his prior sentence of time served and 20 years of supervised release. Read more in my article on the Hot for Security blog.
Bleeping Computer
Google has released emergency security updates to patch a Chrome zero-day vulnerability, the sixth one tagged as exploited in attacks since the start of the year. [...]
The Hacker News
Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zero-day vulnerability in question is CVE-2025-10585, which has been described as a type confusion issue in the V8 JavaScript and WebAssembly engine. Type confusion vulnerabilities can have severe consequences as they can be
Have I Been Pwned
In February 2017, the forum for the adult website FreeOnes suffered a data breach . The data included 960k unique email addresses alongside usernames, IP addresses and salted MD5 password hashes. that was later redistributed as part of a larger corpus of data
The Register
As the Trump administration guts efforts to counter election disinfo The Russian troll farm that in the lead-up to the 2024 US presidential election posted a bizarro video claiming Democratic candidate Kamala Harris was a rhino poacher, is back with hundreds of new fake news websites serving up phony political commentary with an AI assist.…
Graham Cluley
When "bad actors" stop being hackers and start being... actual actors. This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before diving into a campaign which saw an Iranian gang luring Israeli performers with fake casting calls for a serious film. We unpack why positive lurescan short-circuit scepticism just as effectively as fear. Plus, the UK's ICO says students are increasingly hacking their own schools. Meanwhile, Graham heads to 1960s Oxford with Endeavour, while Jenny investigates the Wirral’s mysterious "Catman". All this, and more, in episode 435 of the "Smashing Security" podcast.
Bleeping Computer
The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. [...]
Dark Reading
Phishing-as-a-service (PhaaS) kits have become an increasingly popular way for lower-skill individuals who want to get into cybercrime.
Dark Reading
Though the groups have shared their decision to go dark, threat researchers say there are signs that it's business as usual.