News
-
AWS outage disrupts Amazon, Prime Video, Fortnite, Perplexity and more
An AWS outage has caused widespread service disruptions across multiple regions, affecting Amazon, Prime Video, Fortnite, Perplexity, Canva and others, with AWS reporting increased error rates and work underway to mitigate the issue.
-
Microsoft revokes more than 200 certificates used in fake Teams ransomware campaign
Microsoft said it revoked over 200 code signing certificates used by a group tracked as Vanilla Tempest to sign fake Microsoft Teams installers that delivered the Oyster backdoor and Rhysida ransomware; the company said it detected the activity in late September 2025 and has updated protections to flag the malicious signatures.
-
Have I Been Pwned reports 17.6 million addresses affected in Prosper data breach
Prosper, a peer-to-peer lending marketplace, disclosed a breach detected on Sept. 2. Data breach service Have I Been Pwned reported 17.6 million unique email addresses were exposed and said the stolen records include Social Security numbers and other personal data. Prosper said it has not found evidence of account or fund access and is investigating…
-
Sotheby’s reports July breach that exposed Social Security numbers and financial data
Sotheby’s said a July 24 cyber intrusion stole an unspecified amount of data, including Social Security numbers and financial account information; a filing with the Maine attorney general confirmed two Maine residents were affected and the company is offering 12 months of TransUnion monitoring.
-
Google says North Korean hackers used smart-contract “EtherHiding” to deliver malware
Google Threat Intelligence Group says a North Korean actor known as UNC5342 used an “EtherHiding” smart-contract technique to host and deliver JavaScript malware via fake job interviews, enabling stealthy payload updates and theft of credentials and cryptocurrency.
-
German authorities seize 1,406 fraudulent crypto trading domains in Operation Heracles
German authorities seized 1,406 fraudulent cryptocurrency trading domains on Oct. 3, 2025 under Operation Heracles, BaFin said, recording about 866,000 access attempts in ten days and warning that professional-looking sites, call centres and possibly AI were used to target German-speaking victims.
-
CISA adds Adobe AEM flaw to Known Exploited Vulnerabilities list
CISA added CVE-2025-54253, a critical Adobe Experience Manager Forms misconfiguration that can allow remote code execution, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation; Adobe has released a patch and federal agencies were told to apply fixes by Nov. 5, 2025.
-
Analysis says Unitree G1 humanoid robot can be used for espionage and cyber attacks
Alias Robotics says its analysis found Unitree G1 humanoid robots can be taken over via a Bluetooth provisioning flaw, use weak, shared encryption for configuration files, and continuously transmit sensor and telemetry data to servers in China, creating risks for covert surveillance and network attacks.
-
MANGO notifies customers after marketing vendor data breach
Spanish retailer MANGO said on Oct. 14, 2025 that an external marketing service suffered unauthorized access exposing first name, country, postal code, email and telephone numbers; MANGO said last names, payment data and IDs were not compromised and its IT systems were unaffected.
-
UK regulator fines Capita £14m over 2023 cyberattack that exposed 6.6m people
The UK Information Commissioner’s Office has fined Capita £14 million after a 2023 cyberattack exposed data on about 6.6 million people; the ICO said failures in detection and privileged account controls allowed attackers to exfiltrate roughly 1 TB and deploy ransomware.
