From bugs to bypasses: adapting vulnerability disclosure for AI safeguards – NCSC Blog
Exploring how far cyber security approaches can help mitigate risks in generative AI systems – Read More
September 2025
Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets – The Hacker News
Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems.…
Wie Erpresser an Coinbase scheiterten – CSO Online
Transparenz und schonungslose Aufarbeitung stehen bei Coinbase im (Security-)Fokus. Coinbase Anfang Mai 2025 ging beim auf Kryptowährungen spezialisierten Finanzdienstleister Coinbase eine E-Mail von Cyberkriminellen ein. Wie dem zugehörigen Bericht an…
SDT rejects managing partner’s bid to blame junior solicitor for errors – Legal Futures
A managing partner has failed to convince the SDT to blame the one-year qualified solicitor he was supervising for failures on a conveyancing transaction at an undervalue. The post SDT…
Land Registry needs to ditch “quasi-legal” culture, review finds – Legal Futures
HM Land Registry needs to shift from a “quasi-legal” culture to one that is more consumer friendly given the changing nature of the home-buying process, according to a review. The…
AI use gaining ground rapidly across legal profession – Legal Futures
Six out of 10 lawyers are using GenAI for work purposes and most of the rest plan to use it, with small law firms twice as likely as larger practices…
Acquisition number 15 for Gateley as it beefs up IP practice – Legal Futures
Gateley has made the 15th acquisition since it listed just over a decade ago by buying intellectual property law firm Groom Wilkes & Wright for up to £9m. The post…
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft – Krebs on Security
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many…
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans – The Hacker News
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware…
Angriffe auf npm-Lieferkette gefährden Entwicklungsumgebungen – CSO Online
Angriffe auf das NX-Build-System und React-Pakete zeigen, dass die Bedrohungen für Softwareentwicklung in Unternehmen immer größer werden. Garun .Prdt – shutterstock.com Ein ausgeklügelter Supply-Chain-Angriff hat das weit verbreitete Entwickler-Tool Nx-Build-System-Paket…
⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More – The Hacker News
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in…
When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider – The Hacker News
As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web…
DASLS President Pam Johns completes stage 1 of charity coastal path walk [blogging] – Devon & Somerset Law Society Blog Updates
DASLS President Pam Johns Charity Coastal Path Challenge 🚶♀️🚶♀️ STAGE 1 COMPLETE 🚶♀️🚶♀️ Pam Johns of Coodes completed the first leg of her challenge, Minehead to Porlock, 9 miles on…
Spotlight report: IT careers in the AI era – CSO Online
Download the September 2025 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World. aria-label=”Embed of Spotlight report: IT careers in the AI era.”>Spotlight…
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics – The Hacker News
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT. The activity has been…