x86.se

3 Min Read

October 28, 2025

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for …

2 Min Read

October 28, 2025

New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human

Cybersecurity researchers have disclosed details of a new Android…

6 Min Read

October 28, 2025

Researchers Expose GhostCall and GhostHire: BlueNoroff's New Malware Chains

Threat actors tied to North Korea have been observed targeting the Web3…

4 Min Read

October 28, 2025

Why Early Threat Detection Is a Must for Long-Term Business Growth

In cybersecurity, speed isn't just a win — it's a multiplier. The…

Security

2 Min Read

September 29, 2025

Harrods suffers new data breach exposing 430,000 customer records

UK retail giant Harrods has disclosed a new cybersecurity incident after hackers compromised a third-party supplier and stole 430,000 records…

2 Min Read

September 29, 2025

New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data

A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive…

2 Min Read

September 29, 2025

National Cyber Authorities Launch OT Security Guidance

National cybersecurity agencies from seven countries, including the Five Eyes nations, have released new operational technology (OT) security…

4 Min Read

September 29, 2025

Data Is a Dish Best Served Fresh: “In the Wild” Versus Active Exploitation

The term “In the Wild” is broadly used to refer to any activity that has been observed outside of a controlled environment.…

2 Min Read

September 29, 2025

ChatGPT tests free trial for paid plans, rolls out cheaper Go in more regions

OpenAI is offering some users a free trial for ChatGPT Plus, which costs $20. In addition, $4 GPT Go is now available in Indonesia. As spotted…

15 Min Read

September 29, 2025

Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden…

1 Min Read

September 29, 2025

OpenAI is routing GPT-4o to safety models when it detects harmful activities

Over the weekend, some people noticed that GPT-4o is routing requests to an unknown model out of nowhere. Turns out it's a "safety" feature.…

5 Min Read

September 29, 2025

The State of AI in the SOC 2025 – Insights from Recent Study

Security leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit breaking points. A…

2 Min Read

September 29, 2025

WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File

WhatsApp 0-click remote code execution (RCE) vulnerability affecting Apple’s iOS, macOS, and iPadOS platforms, detailed with a proof of…

1 Min Read

September 29, 2025

Vulnerability in CivetWeb software

CVE ID CVE-2025-9648 Publication date 29 September 2025 Vendor CivetWeb Product CivetWeb Vulnerable versions All before 1.08 Vulnerability…

2 Min Read

September 29, 2025

SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account

A critical flaw in SUSE Rancher’s user management module allows privileged users to disrupt administrative access by modifying usernames…

3 Min Read

September 29, 2025

Google Project Zero Exposes ASLR Bypass Vulnerability in Apple’s Serialization Framework

Google Project Zero has revealed a new technique capable of bypassing Address Space Layout Randomization (ASLR) protections on Apple devices.…

2 Min Read

September 29, 2025

SonicWall SSL VPN Attacks Escalate, Bypassing MFA

Security experts have warned of a surge in malicious activity from Akira ransomware actors targeted at victims running SonicWall SSL VPN…

10 Min Read

September 29, 2025

Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild

The cybersecurity landscape experienced a significant escalation in September 2025, when Cisco disclosed multiple critical zero-day…

4 Min Read

September 29, 2025

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated…

2 Min Read

September 29, 2025

Harrods Reveals Supply Chain Breach Impacting Online Customers

Luxury London department store Harrods has revealed that some of its e-commerce customers have had their personal information stolen via a…

2 Min Read

September 29, 2025

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

Cybersecurity researchers have discovered what has been described as the first-ever instance of a Model Context Protocol (MCP) server spotted…

3 Min Read

September 29, 2025

Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization

A critical security flaw discovered in Formbricks, an open-source experience management platform, demonstrates how missing JWT signature…

3 Min Read

September 29, 2025

Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code

A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code…

Windows

1 Min Read

September 29, 2025

Microsoft May Finally Let Windows Search Results Open in Your Default Browser

At present, in Windows 11, online search results from the search panel are forcibly opened in Microsoft Edge, regardless of whether users have…

2 Min Read

September 29, 2025

SUSE Rancher Security Team Patches Three Vulnerabilities in Rancher Manager

The SUSE Rancher Team has issued fixes for three affecting Rancher Manager, with severities ranging from Medium to High. These could lead to…

2 Min Read

September 29, 2025

TamperedChef Malware Rises: Deceptive Apps Use Signed Binaries and SEO Poisoning to Hijack Browsers

Field Effect’s Threat Intelligence team has uncovered a new wave of the TamperedChef malware campaign, leveraging digitally signed…

2 Min Read

September 29, 2025

Akira Ransomware Exploits SonicWall VPN Accounts With Lightning-Fast Intrusions

Akira ransomware Leaksite Arctic Wolf has observed a major uptick in Akira ransomware activity since late July 2025, with attackers…

3 Min Read

September 29, 2025

RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms

A new report from Recorded Future’s Insikt Group reveals that the Chinese state-sponsored threat group RedNovember has significantly…

2 Min Read

September 29, 2025

Morte Botnet Unveiled: A Rapidly Growing Loader-as-a-Service Campaign Exploiting Routers and Enterprise Apps

Researchers at CloudSEK Threat Intelligence (TRIAD) have exposed a sophisticated botnet operation that systematically compromises SOHO…

2 Min Read

September 29, 2025

DLL Hijacking Flaw (CVE-2025-56383) Found in Notepad++, Allowing Arbitrary Code Execution, PoC Available

A newly disclosed in Notepad++ v8.8.3 has been assigned CVE-2025-56383. The , rated CVSS 6.5, allows attackers to hijack Notepad++’s DLL…

Security

3 Min Read

September 28, 2025

Akira ransomware breaching MFA-protected SonicWall VPN accounts

Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully…

8 Min Read

September 28, 2025

Prompt Injection and Model Poisoning: The New Plagues of AI Security

You wake up. Your AI wakes up. Somewhere, a stranger types a sentence, and your AI listens. This is not science fiction. This is the…

2 Min Read

September 28, 2025

EU probes SAP over anti-competitive ERP support practices

The European Comission is investigating potential anti-competitive practices in aftermarket services SAP provides for its on-premise ERP…

12 Min Read

September 28, 2025

Cybersecurity Weekly – Chrome 0-Day, 22.2 Tbps DDOS Attack, Kali Linux Release, Cisco IOS 0-Day and More

This week in cybersecurity was marked by a relentless pace of critical disclosures and unprecedented attack volumes, underscoring the…

3 Min Read

September 28, 2025

AsyncRAT Malware Campaign Found Targeting South American Hotels

A new AsyncRAT malware campaign from threat actor TA558 is targeting the South American hospitality industry, demanding the attention of…

5 Min Read

September 28, 2025

Week in review: Cisco ASA zero-day vulnerabilities exploited, Fortra GoAnywhere instances at risk

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How Juventus protects fans,…

Security

2 Min Read

September 27, 2025

Fake Microsoft Teams installers push Oyster malware via malvertising

Hackers have been spotted using SEO poisoning and search engine advertisements to promote fake Microsoft Teams installers that infect…

6 Min Read

September 27, 2025

The Looming Authorization Crisis: Why Traditional IAM Fails Agentic AI

In today’s enterprise world, AI no longer just answers questions or writes emails, but it takes action. From copilots booking travel to…

Security

2 Min Read

September 27, 2025

Dutch teens arrested for trying to spy on Europol for Russia

Two Dutch teenage boys aged 17, reportedly used hacking devices to spy for Russia, have been arrested by the Politie on Monday.…

Ransomware

3 Min Read

September 27, 2025

Embracing the AI Revolution: How to Incorporate Generative AI into Your SOC 2 Compliance Plan

Generative AI (Gen AI) has emerged as a transformative force. From streamlining operations to enhancing customer experiences, AI-powered…

3 Min Read

September 27, 2025

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign…

5 Min Read

September 27, 2025

Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign

RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the globe between June…

Vulnerabilities

2 Min Read

September 27, 2025

Apache Airflow Vulnerability Exposes Sensitive Details to Read-Only Users

A critical security flaw has emerged in Apache Airflow 3.0.3, exposing sensitive connection information to users with only read permissions.…

2 Min Read

September 27, 2025

New Botnet Loader-as-a-Service Exploiting Routers and IoT Devices to Deploy Mirai Payloads

A sophisticated botnet operation has emerged, employing a Loader-as-a-Service model to systematically weaponize internet-connected devices…

2 Min Read

September 27, 2025

CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens

The Formbricks project, an open-source platform for building in-app and website surveys, has released an urgent patch addressing a critical…

Explore Trending Topics