Latest news as of 9/19/2025, 9:48:10 PM
Graham Cluley
Ever wondered what would happen if Burger King left the keys to the kingdom lying around for anyone to use? Ethical hackers did - and uncovered drive-thru recordings, hard-coded passwords, and even the power to open a Whopper outlet on the moon. Meanwhile, over in Silicon Valley, one AI wunderkind managed to turn a $7 million payday into a career-ending lawsuit by allegedly walking trade secrets straight out the door as he jumped ship for a rival. All this and much more is discussed in episode 434 of the award-winning “Smashing Security” podcast with computer security veteran Graham Cluley, joined this week by special guest Lianne Potter.
The Register
Patch, turn on MFA, and restrict access to trusted networks…or else Affiliates of the Akira ransomware gang are again exploiting a critical SonicWall vulnerability abused last summer, after a suspected zero-day flaw actually turned out to be related to a year-old bug.…
Bleeping Computer
A DDoS mitigation service provider in Europe was targeted in a massive distributed denial-of-service attack that reached 1.5 billion packets per second. [...]
The Register
'We do believe that this was likely the creation of a cybercrime group,' threat hunter tells The Reg ChillyHell, a modular macOS backdoor believed to be long dormant, has likely been infecting computers for years while flying under the radar, according to security researchers who spotted a malware sample uploaded to VirusTotal in May.…
Bleeping Computer
Microsoft announced that, starting today, individual Windows developers will no longer have to pay for publishing their applications on the Microsoft Store. [...]
Dark Reading
Chinese state-backed threat actors are suspected of posing as Michigan congressman John Moolenaar in a series of spearphishing attacks.
Bleeping Computer
The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, but attackers made little profit off it. [...]
Bleeping Computer
A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it's opened. [...]
Bleeping Computer
Google is integrating C2PA Content Credentials into the Pixel 10 camera and Google Photos, to help users distinguish between authentic, unaltered images and those generated or edited with artificial intelligence technology. [...]
The Register
Systems offline as specialists continue to comb through wreckage Jaguar Land Rover (JLR) says "some data" was affected after the luxury car maker suffered a digital break-in early last week.…