Russia’s APT28 Targets Microsoft Outlook With ‘NotDoor’ Malware – Dark Reading
The notorious Russian state-sponsored hacking unit, also known as Fancy Bear, is abusing Microsoft Outlook for covert data exfiltration. – Read More
September 2025
Cloudflare Holds Back the Tide on 11.5Tbps DDoS Attack – Dark Reading
It’s the equivalent of watching more than 9,350 full-length HD movies or streaming 7,480 hours of high-def video nonstop in less than a minute. – Read More
Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers – The Hacker News
Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised systems,…
Relief for European Commission as court upholds EU Data Privacy Framework agreement with US – CSO Online
The controversial Data Privacy Framework (DPF) agreement between the EU and the US has been upheld after the European Court of Justice (ECJ) General Court rejected a high-profile legal challenge…
Buyer’s guide: Data protection for hybrid clouds – CSO Online
Data protection is a broad category that includes data security but also encompasses backup and disaster recovery, safe data storage, business continuity and resilience, and compliance with data privacy regulations.…
Hacked Routers Linger on the Internet for Years, Data Shows – Dark Reading
While trawling Internet scan data for signs of compromised infrastructure, researchers found that asset owners may not know for years their devices had been hacked. – Read More
Zero Trust bereitet CISOs Probleme – CSO Online
Laut einer Umfrage ist die Umsetzung von Zero Trust für die meisten CISOs nicht leicht. Gannvector – shutterstock.com Laut einem aktuellen Bericht von Accenture haben fast neun von zehn Sicherheitsverantwortlichen…
WhatsApp Bug Anchors Targeted Zero-Click iPhone Attacks – Dark Reading
A “sophisticated” attack that also exploits an Apple zero-day flaw is targeting a specific group of iPhone users, potentially with spyware. – Read More
Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure – The Hacker News
Threat actors are attempting to leverage a newly released artificial intelligence (AI) offensive security tool called HexStrike AI to exploit recently disclosed security flaws. HexStrike AI, according to its website,…
Baker McKenzie retains 17 of 20 qualifying trainees – Legal Cheek
85% Baker McKenzie has announced an 85% retention rate for its latest batch of London trainees. Of the 20 qualifying trainees, 17 are staying on in newly qualified (NQ) roles…
Varonis Acquires Email Security Provider SlashNext to Enhance BEC Defenses – Dark Reading
Varonis plans to integrate SlashNext’s advanced phishing, BEC, and social engineering attack protection capabilities into its data security platform. – Read More
Detecting Data Leaks Before Disaster – The Hacker News
In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According…
Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack – The Hacker News
Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said…
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats – The Hacker News
An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world. The activity has been…
The Renter’s Rights Bill – hope for private sector claimants – Legal Futures
The private rented sector has been growing in the UK. From 2008/09 to 2023/24, the number of households rose from 3.1m to 4.7m. It makes up 19% of all tenured…