Latest news as of 9/23/2025, 9:05:39 AM
The Register
'Many dozens' targeted in ongoing campaign, CheckPoint researcher tells The Reg Cybercriminals are targeting critical US manufacturers and supply-chain companies, looking to steal sensitive IP and other data while deploying ransomware. Their attack involves a novel twist on phishing — and a photo of White House butlers. …
Bleeping Computer
Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from its Drift chat agent integration with Salesforce to pivot to customer environments and exfiltrate data. The ShinyHunters extortion group claims responsibility for these additional Salesforce attacks. [...]
Dark Reading
New features to take over smartphones and monitor user activity demonstrate the continued evolution of the malware, which is now being spread on GitHub.
The Hacker News
A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB). The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software toolkit named Sni5Gect (short for "Sniffing 5G Inject") that's
The Hacker News
Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild. The vulnerabilities in question are listed below - CVE-2025-7775 (CVSS score: 9.2) - Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service CVE-2025-7776 (CVSS score: 8.8) - Memory overflow
Bleeping Computer
Nevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and forcing all state offices to close on Monday. [...]
The Register
Criminals already abusing its latest zero-days Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they've already been used in the wild before the vendor got around to patching.…
Graham Cluley
In episode 65 of The AI Fix, a pigeon gives a PowerPoint presentation, Mark plays Graham a song about the Transformer architecture, a robot dog delivers parcels, some robots fall over at the World Humanoid Robot Games, and Graham takes credit for one of computing’s greatest insights. Plus, Graham explains why Microsoft doesn’t want you to use Excel’s new Copilot feature in any spreadsheet calculations that are meant to be useful, accurate, reproducible, or relied on for anything important, and Mark discovers what happened when researchers gave 500 AIs their own social network. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Bleeping Computer
Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. [...]
Bleeping Computer
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. [...]