Latest news as of 9/22/2025, 1:54:18 PM
Dark Reading
Flashpoint published its 2025 mid-year ransomware report that highlighted the top five most prolific groups currently in operation.
Dark Reading
One of the most sophisticated supply chain attacks to date caused immense amounts of data to leak to the Web in a matter of hours.
The Register
$6.4M VerifTools marketplace offline The FBI and Dutch police today said that they seized two domains and a blog tied to VerifTools, an international criminal marketplace that sold identity documents for as little as $9.…
The Register
'The homeland is no longer secure,' says Defense Counterintelligence and Security Agency leader The Pentagon outfit responsible for preventing foriegn agents from infiltrating defense agencies says the US isn't doing a very good job of preventing state secrets from falling into Chinese hands.…
Bleeping Computer
Google is working to resolve authentication failures preventing users from signing into their Clever and ClassLink accounts on some ChromeOS devices. [...]
Dark Reading
Dark Reading Confidential Episode 9: Join us for a look around today's Dark Web, and find out how law enforcement, AI, nation-state activities, and more are reshaping the way cybercriminals conduct their dirty business online. Keith Jarvis, senior security researcher at Sophos' Counter Threat Unit joins Dark Reading's Alex Culafi for a conversation you don't want to miss.
The Hacker News
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named "ahbanC.shiba" that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld –
Krebs on Security
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We've since learned that these scam gambling sites have proliferated thanks to a new Russian affiliate program called "Gambler Panel" that bills itself as a "soulless project that is made for profit."
Bleeping Computer
Anthropic's Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. [...]
Bleeping Computer
Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. [...]