Vendors
-
Conduent says 2024 breach affected more than 10.5 million people
Conduent said a data breach first compromising its environment in October 2024 and discovered in January 2025 has impacted more than 10.5 million people, with state filings naming Oregon, Texas, Washington and Maine among those affected; exposed data reportedly included names, Social Security numbers and medical information.
-
Researcher discloses ‘Brash’ flaw that can crash Chromium-based browsers by spamming tab title
A researcher has published details of ‘Brash’, a vulnerability in Chromium’s Blink engine that can crash Chromium-based browsers by rapidly updating the document.title field, causing massive DOM mutations and UI thread saturation.
-
Researchers warn of ‘AI-targeted cloaking’ that can poison agentic browsers
Security researchers and hCaptcha warn of an ‘AI-targeted cloaking’ technique that serves different content to human browsers and AI crawlers, potentially poisoning models and enabling misinformation; SPLX and hTAG detail examples and risky agent behaviors.
-
Dentsu says Merkle subsidiary suffered data breach exposing staff and client information
Dentsu disclosed that U.S. subsidiary Merkle suffered a cybersecurity incident that exposed staff and client data, systems were taken offline, data were stolen and impacted individuals are being notified while an investigation continues.
-
CISA says two Dassault DELMIA Apriso flaws are being actively exploited
CISA warned that two vulnerabilities in Dassault Systèmes’ DELMIA Apriso are being actively exploited. The flaws, CVE-2025-6205 and CVE-2025-6204, were patched by the vendor in August and have been added to CISA’s KEV catalog; U.S. federal agencies must remediate under BOD 22-01 by Nov. 18.
-
Google denies reports that 183 million Gmail accounts were breached
Google said reports that 183 million Gmail accounts were breached are false; the dataset cited appears to be an aggregation of infostealer-sourced credentials shared with Have I Been Pwned, and users are advised to enable two-step verification, use passkeys and change exposed passwords.
-
QNAP: Windows NetBak PC Agent affected by critical ASP.NET Core flaw
QNAP warned that its NetBak PC Agent for Windows is impacted by CVE-2025-55315, a critical ASP.NET Core vulnerability in the Kestrel web server that can enable credential hijacking or request-smuggling attacks, and urged users to reinstall the agent or install the latest ASP.NET Core runtime.
-
Kaspersky links Chrome zero-day campaign to Italian spyware firm Memento Labs
Kaspersky detailed Operation ForumTroll, a campaign that used a Chrome sandbox escape (CVE-2025-2783) to deliver modular spyware LeetAgent and a second implant called Dante, which researchers attribute with high confidence to Memento Labs, a firm formed from assets of the former Hacking Team.
-
Researchers warn ‘CoPhish’ uses Microsoft Copilot Studio agents to harvest OAuth tokens
Datadog Security Labs disclosed “CoPhish,” a phishing method that uses Microsoft Copilot Studio agents and legitimate Microsoft-hosted demo pages to deliver fraudulent OAuth consent flows and harvest session tokens; Microsoft says it will address the issue in a future update and both vendors recommend tightening admin privileges and consent policies.
-
Mass attacks exploit outdated GutenKit and Hunk Companion WordPress plugins
A mass exploitation campaign is targeting WordPress sites running outdated GutenKit and Hunk Companion plugins, leveraging three critical vulnerabilities that can lead to remote code execution; Wordfence said it blocked 8.7 million attack attempts over two days and urged administrators to update plugins and check for indicators of compromise.
