Latest news as of 9/23/2025, 7:09:32 AM
Bleeping Computer
Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability. [...]
Bleeping Computer
State-sponsored hackers linked to the Mustang Panda activity cluster targeted diplomats by hijacking web traffic to redirect to a malware serving website. [...]
The Register
Oh, look, a use case for OpenAI's gpt-oss-20b model ESET malware researchers Anton Cherepanov and Peter Strycek have discovered what they describe as the "first known AI-powered ransomware," which they named PromptLock. …
The Register
From hardware security chips and trusted execution pipelines to open source Root of Trust modules Microsoft is one of the biggest names in cybersecurity, but it has a less-than-stellar track record in the department. Given its reputation, Redmond can't afford to mess around when it comes to securing its cloud customers' data and workloads.… Hot Chips
Dark Reading
Though the company is informing its customers of the breach, Farmers isn't publicly divulging what kinds of personal data were affected.
Dark Reading
Researchers say the huge spike of coordinated scanning for Microsoft RDP services could indicate the existence of a new, as-yet-undisclosed vulnerability.
The Register
Remember that cost-cutting group once led by Elon Musk? Federal employees are still dealing with it A Social Security Administration employee has filed a whistleblower complaint alleging that Donald Trump's DOGE cost-cutting unit has put the records of every single American at risk by duplicating an agency database in an unauthorized cloud environment. …
Dark Reading
The flaw is one of three that the company disclosed affecting its NetScaler ADC and NetScaler Gateway technologies.
Dark Reading
The "incident" led to outages affecting a variety of the tech company's operations, though the full scope of the breach is unknown.
The Register
'Many dozens' targeted in ongoing campaign, CheckPoint researcher tells The Reg Cybercriminals are targeting critical US manufacturers and supply-chain companies, looking to steal sensitive IP and other data while deploying ransomware. Their attack involves a novel twist on phishing — and a photo of White House butlers. …