Latest news as of 9/23/2025, 11:10:46 AM
The Register
Criminals already abusing its latest zero-days Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they've already been used in the wild before the vendor got around to patching.…
Graham Cluley
In episode 65 of The AI Fix, a pigeon gives a PowerPoint presentation, Mark plays Graham a song about the Transformer architecture, a robot dog delivers parcels, some robots fall over at the World Humanoid Robot Games, and Graham takes credit for one of computing’s greatest insights. Plus, Graham explains why Microsoft doesn’t want you to use Excel’s new Copilot feature in any spreadsheet calculations that are meant to be useful, accurate, reproducible, or relied on for anything important, and Mark discovers what happened when researchers gave 500 AIs their own social network. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Bleeping Computer
Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. [...]
Bleeping Computer
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. [...]
Krebs on Security
The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they'd made with company called DSLRoot, which was paying $250 a month to plug a pair of laptops into the Redditor's high-speed Internet connection in the United States. This post examines the history and provenance of DSLRoot, one of the oldest "residential proxy" networks with origins in Russia and Eastern Europe.
Dark Reading
Until businesses begin to account for uncontrolled variables in their threat models, attackers will continue to exploit the weakest link in the chain.
The Register
Remy Ra St Felix led a vicious international crime ring A violent home invader and gunpoint cryptocurrency thief will now spend more than 50 years behind bars after being found guilty of assaulting a witness.…
Bleeping Computer
Nissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its subsidiaries, Creative Box Inc. (CBI). [...]
The Hacker News
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that's targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. "Instead of sending unsolicited phishing emails, attackers initiate contact through a company's public 'Contact Us' form, tricking
Check Point Research
Key findings: Introduction Check Point Research (CPR) has been closely monitoring the activity of a highly persistent and sophisticated threat actor who leverages social engineering tactics to gain the trust of targeted U.S.-based organizations. While analyzing the phishing lures used by the actors, we repeatedly noticed an intriguing pattern: in every case, it was the victim who […] The post appeared first on . ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies Check Point Research