Friday, December 5, 2025 Top 5 Cybersecurity Stories You Should Know 1. Google Patches Actively Exploited Sandbox Escape Zero-Day CVE-2025-6558 in Chrome — tl;dr: Google has released a critical security update for Chrome, addressing multiple vulnerabilities, including a high-severity zero-day flaw (CVE-2025-6558) that is actively being exploited. This vulnerability allows
Thursday, December 4, 2025 Top 5 Cybersecurity Stories You Should Know 1. CISA Alerts on Android Zero-Day Vulnerabilities CVE-2025-48572 and CVE-2025-48633 — tl;dr: The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android vulnerabilities, CVE-2025-48572 and CVE-2025-48633, to its Known Exploited Vulnerabilities catalog due to active exploitation. CVE-2025-48572
Wednesday, December 3, 2025 Top 5 Cybersecurity Stories You Should Know 1. November 2025 Cybersecurity Threat Report: Ransomware and Data Theft Surge — tl;dr: The November 2025 Cybersecurity Threat Report reveals a significant rise in ransomware attacks, particularly from the Cl0p syndicate, affecting over 100 organizations, including major entities like
Tuesday, December 2, 2025 Top 5 Cybersecurity Stories You Should Know 1. Google Patches Critical Zero-Day Vulnerabilities CVE-2025-48633 & CVE-2025-48572 in Android — tl;dr: Google has swiftly addressed critical zero-day vulnerabilities CVE-2025-48633 and CVE-2025-48572 affecting Android versions 13 to 16, amid reports of active exploitation. The vulnerabilities, which include an
Monday, December 1, 2025 Top 5 Cybersecurity Stories You Should Know 1. WK Kellogg Reports Data Breach Tied to Clop Ransomware Exploiting Cleo Vulnerabilities — tl;dr: WK Kellogg Co has disclosed a data breach resulting from a Clop ransomware attack that exploited two zero-day vulnerabilities in Cleo software, identified as
Friday, November 28, 2025 Top 5 Cybersecurity Stories You Should Know 1. Clorox Sues Cognizant Over Cyberattack Negligence; Multiple Data Breaches Reported — tl;dr: Clorox has filed a $380 million lawsuit against IT company Cognizant, alleging negligence in handling a cyberattack that disrupted its operations in August 2023. The lawsuit
Thursday, November 27, 2025 Top 5 Cybersecurity Stories You Should Know 1. Nippon Steel Solutions Data Breach Linked to Zero-Day Vulnerability — tl;dr: Nippon Steel Solutions, a subsidiary of Nippon Steel Corporation, experienced a critical data breach due to a zero-day attack, allowing unauthorized access to sensitive internal systems. The
Wednesday, November 26, 2025 Top 5 Cybersecurity Stories You Should Know 1. Dior Notifies Customers of Data Breach; Clorox Sues Cognizant for Cyberattack Negligence — tl;dr: Dior has informed U.S. customers of a data breach exposing personal information from a January 2025 incident, including names and Social Security numbers,
Tuesday, November 25, 2025 Top 5 Cybersecurity Stories You Should Know 1. Nippon Steel Solutions Faces Data Breach from Zero-Day Attack — tl;dr: Nippon Steel Solutions, a subsidiary of Nippon Steel Corporation, has experienced a critical data breach due to a zero-day attack, exploiting an unknown vulnerability. This incident allows
Monday, November 24, 2025 Top 5 Cybersecurity Stories You Should Know 1. Cisco Zero-Day Alert: DoS Attacks Exploit CVE-2025–20333 & CVE-2025–20362 — tl;dr: Cisco Systems has announced a critical zero-day vulnerability affecting its firewall products, specifically CVE-2025–20333 and CVE-2025–20362. This exploit leads to Denial-of-Service (DoS) conditions
Friday, November 21, 2025 Top 5 Cybersecurity Stories You Should Know 1. Mozilla Patches Critical Firefox 0-Day Flaws CVE-2025-4918 & CVE-2025-4919 — tl;dr: Mozilla has released an urgent update for Firefox to address two critical 0-day vulnerabilities, CVE-2025-4918 and CVE-2025-4919, that could allow remote code execution. Discovered by researchers from
Thursday, November 20, 2025 Top 5 Cybersecurity Stories You Should Know 1. October is Cybersecurity Awareness Month: Strengthening Critical Infrastructure — tl;dr: October marks Cybersecurity Awareness Month, emphasizing the importance of cybersecurity for U.S. critical infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA) urges small and medium businesses, along
News
Tuesday, November 18, 2025 Top 5 Cybersecurity Stories You Should Know 1. NY Business Council Data Breach Affects 47,329 Individuals — tl;dr: The Business Council of New York State has reported a data breach impacting approximately 47,329 individuals, detected five months after the intrusion occurred on February 24,
News
Monday, November 17, 2025 Top 5 Cybersecurity Stories You Should Know 1. APT28 Breaches US Firm via Wi-Fi Using Nearest Neighbor Attack Technique — tl;dr: Russian state hackers APT28 exploited a 'nearest neighbor attack' to breach a U.S. firm by compromising a nearby organization's Wi-Fi
News
Friday, November 14, 2025 Top 5 Cybersecurity Stories You Should Know 1. Mozilla Patches Critical Firefox 0-Day Vulnerabilities CVE-2025-4918 & CVE-2025-4919 — tl;dr: Mozilla has released an urgent update for Firefox to address two critical 0-day vulnerabilities, CVE-2025-4918 and CVE-2025-4919, which allow remote code execution. These flaws, discovered by security
News
Thursday, November 13, 2025 Top 5 Cybersecurity Stories You Should Know 1. Microsoft November 2025 Patch Tuesday Addresses 63 Vulnerabilities, Including CVE-2025-62215 — tl;dr: On November 2025 Patch Tuesday, Microsoft resolved 63 vulnerabilities across its ecosystem, including a critical zero-day flaw (CVE-2025-62215) affecting the Windows Kernel. This privilege escalation vulnerability,
News
Wednesday, November 12, 2025 Top 5 Cybersecurity Stories You Should Know 1. LANDFALL Spyware Targets Samsung Devices via CVE-2025-21042 Exploit — tl;dr: Unit 42 has identified LANDFALL, a new commercial-grade Android spyware targeting Samsung Galaxy devices, exploiting the zero-day vulnerability CVE-2025-21042 in Samsung's image processing library. Delivered through
News
Tuesday, November 11, 2025 Top 5 Cybersecurity Stories You Should Know 1. Curly COMrades Use Hyper-V for Malware Deployment; AI Chat Vulnerabilities Exposed — tl;dr: The week saw significant cybersecurity threats, including Curly COMrades exploiting Microsoft's Hyper-V to deploy malware in hidden virtual machines, bypassing endpoint security. A
News
Friday, November 7, 2025 Top 5 Cybersecurity Stories You Should Know 1. AI-Generated Ransomware Extension Found in Microsoft VS Code Marketplace — tl;dr: A malicious AI-generated ransomware extension named 'susvsex' infiltrated Microsoft’s Visual Studio Code marketplace, raising serious concerns about supply chain security. Disguised as a legitimate
The world of cybersecurity is full of brilliant people — but behind every firewall and incident report are real humans navigating fear, doubt, and growth. That’s what Inside Cyber Minds is all about. Hosted by Luciano Ferrari, this new series from Lufsec Podcast explores how cybersecurity professionals think, lead, and
After months of recording, editing, and building, Season 1 of the Lufsec Podcast is ready to premiere. Our first episode features Ean Meyer, who opens up about imposter syndrome in cybersecurity — and why the feeling of “never knowing enough” might actually be a sign you’re growing. 🧠 Imposter syndrome is
Cybersecurity Career
The ISC2 Cybersecurity Hiring Trends Report 2025 reveals why certifications, soft skills, and training programs are reshaping the cybersecurity job market. Learn how Lufsec helps bridge the gap.
News
Wednesday, November 5, 2025 Top 5 Cybersecurity Stories You Should Know 1. October 2025 Data Breaches: Qantas, SimonMed, and Local Governments Hit Hard — tl;dr: October 2025 witnessed significant data breaches affecting various sectors, including Qantas Airways and SimonMed Imaging, exposing millions of records. Qantas's breach involved 5.
News
Tuesday, November 4, 2025 Top 5 Cybersecurity Stories You Should Know 1. UNC6384 Exploits CVE-2025-9491 to Target European Diplomats — tl;dr: The China-affiliated threat actor group UNC6384 has exploited the Windows vulnerability CVE-2025-9491 to target European diplomats from Hungary, Belgium, Italy, and the Netherlands. Utilizing spear-phishing emails with malicious .LNK