x86.se

2 Min Read

October 31, 2025

OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically

OpenAI has announced the launch of an "agentic security researcher" that's powered by its GPT-5 large language model (LLM) and is programmed to emulate a …

3 Min Read

October 31, 2025

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

A suspected nation-state threat actor has been linked to the…

3 Min Read

October 31, 2025

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

A China-affiliated threat actor known as UNC6384 has been linked to a…

2 Min Read

October 31, 2025

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

The exploitation of a recently disclosed critical security flaw in Motex…

4 Min Read

September 15, 2025

Preparing for the EU’s DORA amidst Technical Controls Ambiguity

The financial sector is bracing for a significant shift in its digital landscape as the EU’s Digital Operational Resilience Act (DORA)…

Microsoft

2 Min Read

September 15, 2025

Microsoft says Windows September updates break SMBv1 shares

Microsoft has confirmed that the September 2025 Windows security updates are causing connection issues to Server Message Block (SMB) v1…

2 Min Read

September 15, 2025

AI-Forged Military IDs Used in North Korean Phishing Attack

A North Korean threat actor has leveraged AI to create fake South Korean military agency ID card images used in a spear-phishing campaign,…

3 Min Read

September 15, 2025

6 Browser-Based Attacks Security Teams Need to Prepare For Right Now

Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we'll explore what a…

24 Min Read

September 15, 2025

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO's real job isn't just to secure technology—it's to preserve institutional trust…

Vulnerabilities

2 Min Read

September 15, 2025

Critical LangChainGo Vulnerability Let Attackers Access Sensitive Files by Injecting Malicious Prompts

A high-severity vulnerability was identified in LangChainGo, the Go implementation of the popular LLM orchestration framework LangChain. …

2 Min Read

September 15, 2025

CVE-2025-58434: Critical FlowiseAI Flaw Enables Full Account Takeover

A severe security vulnerability has been discovered in FlowiseAI, an open-source AI workflow automation tool, exposing users to the risk of…

2 Min Read

September 15, 2025

OpenAI’s New Grove Incubator Is Building the Next Generation of AI Startups

OpenAI recently unveiled its internal incubation initiative, OpenAI Grove. Unlike traditional startup accelerators or incubator programs,…

2 Min Read

September 15, 2025

IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions

A critical permission misconfiguration in the IBM QRadar Security Information and Event Management (SIEM) platform could allow local…

Ransomware

2 Min Read

September 15, 2025

CISA at Risk After OIG Accuses it of Wasting Federal Funds

The US Cybersecurity and Infrastructure Security Agency (CISA) wasted taxpayers’ money and imperilled its mission to protect the nation from…

2 Min Read

September 15, 2025

Phishing Campaigns Drop RMM Tools for Remote Access

Malicious actors are using multiple lures in new phishing campaigns designed to install remote monitoring and management (RMM) software onto…

2 Min Read

September 15, 2025

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices

Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked as…

7 Min Read

September 15, 2025

ACR Stealer – Uncovering Attack Chains, Functionalities And IOCs

ACR Stealer represents one of the most sophisticated information-stealing malware families actively circulating in 2025, distinguished by its…

3 Min Read

September 15, 2025

AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns

A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on…

3 Min Read

September 15, 2025

FlowiseAI Password Reset Token Vulnerability Allows Account Takeover

A critical vulnerability affecting FlowiseAI’s Flowise platform has been disclosed, revealing a severe authentication bypass flaw that…

2 Min Read

September 15, 2025

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are the target of a search engine optimization (SEO) poisoning campaign that uses fake software sites to distribute…

2 Min Read

September 15, 2025

Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication

Two critical vulnerabilities have been discovered in the Linux Common Unix Printing System (CUPS), exposing millions of systems to remote…

2 Min Read

September 15, 2025

PoC Available: FlowiseAI Flaw (CVE-2025-58434) Allows Full Account Takeover (CVSS 9.8)

The open-source generative AI development platform FlowiseAI, widely used for building AI agents and LLM workflows, has been found vulnerable…

2 Min Read

September 15, 2025

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control

The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security flaws in…

2 Min Read

September 15, 2025

CVE-2025-9556 (CVSS 9.8):Critical Vulnerability in LangChainGo Puts LLM Apps at Risk

The rise of large language model (LLM) applications has made frameworks like LangChain and its ports foundational for developers worldwide.…

3 Min Read

September 15, 2025

Phishing Wave Hits U.S. Energy Giants: Chevron, ConocoPhillips Targeted

The U.S. energy industry has become a prime target for large-scale phishing operations in 2025, according to new research from Hunt…

2 Min Read

September 14, 2025

Samsung Fixes Image Parsing Vulnerability Exploited in Android Attacks

Samsung has patched a serious security vulnerability that hackers were already using in live attacks against its Android devices. The issue,…

Security

3 Min Read

September 14, 2025

FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data

The FBI has issued a FLASH alert warning that two threat clusters, tracked as UNC6040 and UNC6395, are compromising organizations’…

5 Min Read

September 14, 2025

Beyond the Firewall: Protecting Your Marketing Department from Cyber Threats and Safeguarding Digital Assets

Digital media created more opportunities for companies to engage with consumers than ever before, but such increased interconnectedness has a…

Security

2 Min Read

September 14, 2025

New VoidProxy phishing service targets Microsoft 365, Google accounts

A newly discovered phishing-as-a-service (PhaaS) platform, named VoidProxy, targets Microsoft 365 and Google accounts, including those…

5 Min Read

September 14, 2025

Beyond Buzzwords: The Real Impact of AI on Identity Security

Artificial intelligence (AI) has become one of the most discussed technologies in recent years, often touted as the answer to many of…

3 Min Read

September 13, 2025

600 GB of Alleged Great Firewall of China Data Published in Largest Leak Yet

Hackers leaked 600 GB of data linked to the Great Firewall of China, exposing documents, code, and operations. Full details available on the…

Microsoft

2 Min Read

September 13, 2025

Microsoft reminds of Windows 10 support ending in 30 days

On Friday, Microsoft reminded customers once again that Windows 10 will reach its end of support in 30 days, on October 14. Windows 10 2015…

2 Min Read

September 13, 2025

Qrator Labs Mitigated Record L7 DDoS Attack from 5.76M-Device Botnet

In early September, Qrator Labs detected and mitigated one of the most significant L7 DDoS attacks seen this year, carried out by what is now…

4 Min Read

September 13, 2025

A CISO’s Guide to Managing Cyber Risk in Healthcare

Now more than ever before, our healthcare data is under attack. Of all of the sensitive information available on the dark web, medical records…

Security

3 Min Read

September 13, 2025

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio…

4 Min Read

September 13, 2025

Why The Open Web Application Security Project (OWASP) Mobile Application Security (MAS) Project Is Critical

The OWASP MAS project continues to lead the way in mobile application security. This article describes the resources and tools which have…

2 Min Read

September 13, 2025

New VoidProxy Phishing Service Bypasses MFA on Microsoft and Google Accounts

Okta Threat Intelligence exposes VoidProxy, a new PhaaS platform. Learn how this advanced service uses the Adversary-in-the-Middle technique…

3 Min Read

September 13, 2025

FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks

The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two…

2 Min Read

September 13, 2025

Google Chrome Patches Critical Security Flaws in September 2025 Update

In early September 2025, Google released an important security update for its Chrome browser—version 140.0.7339.127—to patch two…

2 Min Read

September 13, 2025

New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems

In late July 2025, a series of ransomware samples surfaced on VirusTotal under filenames referencing the notorious Petya and NotPetya attacks.…

2 Min Read

September 13, 2025

Samsung Zero-Day Vulnerability Actively Exploited to Execute Remote Code

Samsung has released its September 2025 security update, addressing a critical zero-day vulnerability that is being actively exploited in the…

2 Min Read

September 13, 2025

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot

ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware,…

3 Min Read

September 13, 2025

Samsung fixes Android 0-day that may have been used to spy on WhatsApp messages

Samsung has fixed a critical flaw that affects its Android devices - but not before attackers found and exploited the bug, which could allow…

2 Min Read

September 13, 2025

CISA Warns of Attacks on DELMIA Manufacturing Software Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a manufacturing operations management software vulnerability to its…

2 Min Read

September 13, 2025

Microsoft Windows Defender Privilege Escalation Flaws

It was an uneventful Patch Tuesday—until the headlines hit. Security feeds and vuln catalogs started buzzing: The Microsoft Windows…

Uncategorized

5 Min Read

September 13, 2025

The Critical Role of Sboms (Software Bill of Materials) In Defending Medtech From Software Supply Chain Threats

Software supply chain attacks have emerged as a serious threat in the rapidly evolving field of cybersecurity, especially in medical devices.…

Explore Trending Topics