News
-
CISA adds VMware local privilege‑escalation zero-day to Known Exploited Vulnerabilities catalog
CISA added CVE-2025-41244, a high-severity VMware local privilege‑escalation flaw, to its Known Exploited Vulnerabilities catalog after reports of active exploitation. Broadcom-owned VMware has issued a patch, NVISO Labs reported zero-day use since October 2024, and federal agencies must apply mitigations by Nov. 20, 2025.
-
Ribbon Communications says nation-state hackers breached its network; initial access traced to December 2024
Ribbon Communications disclosed a nation-state-associated breach of its IT network, detected in September 2025 with preliminary evidence of initial access in December 2024. The company is working with outside cybersecurity experts and federal law enforcement, has found customer files on two laptops outside its main network, and said it has not found evidence of theft…
-
Conduent says 2024 breach affected more than 10.5 million people
Conduent said a data breach first compromising its environment in October 2024 and discovered in January 2025 has impacted more than 10.5 million people, with state filings naming Oregon, Texas, Washington and Maine among those affected; exposed data reportedly included names, Social Security numbers and medical information.
-
Researcher discloses ‘Brash’ flaw that can crash Chromium-based browsers by spamming tab title
A researcher has published details of ‘Brash’, a vulnerability in Chromium’s Blink engine that can crash Chromium-based browsers by rapidly updating the document.title field, causing massive DOM mutations and UI thread saturation.
-
Attackers exploit patched WSUS flaw to deploy infostealer on unpatched Windows servers
Attackers have been observed exploiting CVE-2025-59287 in WSUS to deploy an infostealer on unpatched Windows servers, exfiltrate data to webhook.site URLs and use follow-up tooling including Velociraptor and a UPX-packed Skuld Stealer; agencies and vendors are urging immediate patching and investigation.
-
PhantomRaven campaign places malicious code in 126 npm packages
Researchers say a campaign codenamed PhantomRaven has placed malicious code into 126 npm packages since August 2025, using external dynamic dependencies to steal authentication tokens, CI/CD secrets and GitHub credentials; Koi Security and DCODX published analyses.
-
Python Software Foundation withdraws $1.5M NSF proposal over DEI restriction
The Python Software Foundation has withdrawn a $1.5 million NSF grant proposal after the agency attached a clause barring recipients from operating programs that “advance or promote diversity, equity, and inclusion,” a condition the PSF said conflicts with its mission.
-
Canada warns of hacktivist breaches at water, energy and farm facilities
The Canadian Centre for Cyber Security warned that hacktivists have repeatedly breached internet-exposed industrial control systems at water, oil and agricultural sites, altering control settings and prompting guidance to remove direct internet exposure, use multifactor VPNs, and report incidents through the Cyber Centre.
-
Researchers warn of ‘AI-targeted cloaking’ that can poison agentic browsers
Security researchers and hCaptcha warn of an ‘AI-targeted cloaking’ technique that serves different content to human browsers and AI crawlers, potentially poisoning models and enabling misinformation; SPLX and hTAG detail examples and risky agent behaviors.
-
UK data watchdog fines sole trader £200,000 over nearly 1m spam texts targeting people in debt
The Information Commissioner’s Office fined Bharat Singh Chand £200,000 after finding he sent 966,449 unsolicited texts about debt and energy grants from hundreds of numbers; the ICO said the messages lacked sender identification, prompted calls from a firm calling itself The Debt Relief Team, generated more than 19,000 complaints and that Chand has appealed the…
