News

News

NY Business Council Data Breach Affects 47,329 Individuals

Tuesday, November 18, 2025 Top 5 Cybersecurity Stories You Should Know 1. NY Business Council Data Breach Affects 47,329 Individuals — tl;dr: The Business Council of New York State has reported a data breach impacting approximately 47,329 individuals, detected five months after the intrusion occurred on February 24,

News

APT28 Breaches US Firm via Wi-Fi Using Nearest Neighbor Attack Technique

Monday, November 17, 2025 Top 5 Cybersecurity Stories You Should Know 1. APT28 Breaches US Firm via Wi-Fi Using Nearest Neighbor Attack Technique — tl;dr: Russian state hackers APT28 exploited a 'nearest neighbor attack' to breach a U.S. firm by compromising a nearby organization's Wi-Fi

News

Mozilla Patches Critical Firefox 0-Day Vulnerabilities CVE-2025-4918 & CVE-2025-4919

Friday, November 14, 2025 Top 5 Cybersecurity Stories You Should Know 1. Mozilla Patches Critical Firefox 0-Day Vulnerabilities CVE-2025-4918 & CVE-2025-4919 — tl;dr: Mozilla has released an urgent update for Firefox to address two critical 0-day vulnerabilities, CVE-2025-4918 and CVE-2025-4919, which allow remote code execution. These flaws, discovered by security

News

Microsoft November 2025 Patch Tuesday Addresses 63 Vulnerabilities, Including CVE-2025-62215

Thursday, November 13, 2025 Top 5 Cybersecurity Stories You Should Know 1. Microsoft November 2025 Patch Tuesday Addresses 63 Vulnerabilities, Including CVE-2025-62215 — tl;dr: On November 2025 Patch Tuesday, Microsoft resolved 63 vulnerabilities across its ecosystem, including a critical zero-day flaw (CVE-2025-62215) affecting the Windows Kernel. This privilege escalation vulnerability,

News

LANDFALL Spyware Targets Samsung Devices via CVE-2025-21042 Exploit

Wednesday, November 12, 2025 Top 5 Cybersecurity Stories You Should Know 1. LANDFALL Spyware Targets Samsung Devices via CVE-2025-21042 Exploit — tl;dr: Unit 42 has identified LANDFALL, a new commercial-grade Android spyware targeting Samsung Galaxy devices, exploiting the zero-day vulnerability CVE-2025-21042 in Samsung's image processing library. Delivered through

News

Curly COMrades Use Hyper-V for Malware Deployment; AI Chat Vulnerabilities Exposed

Tuesday, November 11, 2025 Top 5 Cybersecurity Stories You Should Know 1. Curly COMrades Use Hyper-V for Malware Deployment; AI Chat Vulnerabilities Exposed — tl;dr: The week saw significant cybersecurity threats, including Curly COMrades exploiting Microsoft's Hyper-V to deploy malware in hidden virtual machines, bypassing endpoint security. A

News

AI-Generated Ransomware Extension Found in Microsoft VS Code Marketplace

Friday, November 7, 2025 Top 5 Cybersecurity Stories You Should Know 1. AI-Generated Ransomware Extension Found in Microsoft VS Code Marketplace — tl;dr: A malicious AI-generated ransomware extension named 'susvsex' infiltrated Microsoft’s Visual Studio Code marketplace, raising serious concerns about supply chain security. Disguised as a legitimate

News

October 2025 Data Breaches: Qantas, SimonMed, and Local Governments Hit Hard

Wednesday, November 5, 2025 Top 5 Cybersecurity Stories You Should Know 1. October 2025 Data Breaches: Qantas, SimonMed, and Local Governments Hit Hard — tl;dr: October 2025 witnessed significant data breaches affecting various sectors, including Qantas Airways and SimonMed Imaging, exposing millions of records. Qantas's breach involved 5.

News

UNC6384 Exploits CVE-2025-9491 to Target European Diplomats

Tuesday, November 4, 2025 Top 5 Cybersecurity Stories You Should Know 1. UNC6384 Exploits CVE-2025-9491 to Target European Diplomats — tl;dr: The China-affiliated threat actor group UNC6384 has exploited the Windows vulnerability CVE-2025-9491 to target European diplomats from Hungary, Belgium, Italy, and the Netherlands. Utilizing spear-phishing emails with malicious .LNK

News

EY Data Leak and Critical Vulnerabilities in BIND 9 and Chrome Fixed

Monday, November 3, 2025 Top 5 Cybersecurity Stories You Should Know 1. EY Data Leak and Critical Vulnerabilities in BIND 9 and Chrome Fixed — tl;dr: This week's cybersecurity update highlights a significant data leak at EY and critical vulnerabilities in BIND 9 and Chrome. The ISC has

News

October 2025 Cyber Attacks: Phishing via Google Careers, Figma Abuse, and LockBit 5.0

Friday, October 31, 2025 Top 5 Cybersecurity Stories You Should Know 1. October 2025 Cyber Attacks: Phishing via Google Careers, Figma Abuse, and LockBit 5.0 — tl;dr: In October 2025, significant cyber threats emerged, including a sophisticated phishing campaign impersonating Google Careers, utilizing Salesforce redirects and CAPTCHAs to steal

News

Active Exploitation of Microsoft WSUS Vulnerability CVE-2025-59287 Detected

Thursday, October 30, 2025 Top 5 Cybersecurity Stories You Should Know 1. Active Exploitation of Microsoft WSUS Vulnerability CVE-2025-59287 Detected — tl;dr: A critical vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287, is under active exploitation, affecting Windows Server versions 2012 to 2025. Despite an emergency patch