Solicitor suspended over dishonest but trivial email change – Legal Futures
A solicitor who dishonestly made a minor amendment to an email when he forwarded it to a client – causing no harm to them or anyone else – has been…
September 2025
Law Society plan for 10-fold rise in SGM threshold “shocking” – Legal Futures
The group that last year requisitioned a special general meeting of the Law Society has described plans to make it much harder to do so in future as “shocking”. The…
Two more lawyers join Lammy at Ministry of Justice in reshuffle – Legal Futures
The government reshuffle has seen two new junior ministers at the Ministry of Justice – both lawyers replacing non-lawyers – alongside David Lammy’s appointment as Lord Chancellor. The post Two…
Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign – The Hacker News
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to…
Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys – The Hacker News
A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. “The packages masquerade as legitimate…
GOP Cries Censorship Over Spam Filters That Work – Krebs on Security
The chairman of the Federal Trade Commission (FTC) last week sent a letter to Google’s CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing…
How Has IoT Security Changed Over the Past 5 Years? – Dark Reading
Experts agree there have been subtle improvements, with new laws and applied best practices, but there is still a long way to go. – Read More
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now – Dark Reading
Exploitation of CVE-2025-42957 requires “minimal effort” and can result in a complete compromise of the SAP system and host OS, according to researchers. – Read More
Anyone Using Agentic AI Needs to Understand Toxic Flows – Dark Reading
The biggest vulnerabilities may lie at the boundaries of where the AI agent connects with the enterprise system. – Read More
Secretive MaaS Group ‘TAG-150’ Develops Novel ‘CastleRAT’ – Dark Reading
TAG-150 is running a multifaceted and relatively successful malware-as-a-service operation, without advertising itself on the Dark Web. – Read More
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation – The Hacker News
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active…
Scammers Are Using Grok to Spread Malicious Links on X – Dark Reading
It’s called “grokking,” and gives spammers a way to skirt X’s ban on links in promoted posts and reach larger audiences than ever before. – Read More
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations – The Hacker News
The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. “Available in both Python and C variants, CastleRAT’s…
Embracing the Next Generation of Cybersecurity Talent – Dark Reading
Programs like student-run SOCs can expand our cybersecurity workforce and better secure our public and private entities for when, not if, cyberattacks occur. – Read More
Hacker nutzen gravierende Schwachstelle bei SAP S/4HANA aus – CSO Online
Ein Exploit für die Schwachstelle wurde bereits in freier Wildbahn beobachtet. Nitpicker / Shutterstock Vergangenen Monat hat SAP einen Patch für S/4HANA herausgebracht, der die kritische Schwachstelle CVE-2025-42957 mit einem…