SQE: There’s an upside to the stress – Legal Futures
While the SQE clearly exerts considerable pressure, under the new regime the work experience element of qualification becomes more important The post SQE: There’s an upside to the stress appeared…
October 2025
Pwn2Own Underscores Secure Development Concerns – Dark Reading
Pwn2Own Ireland kicked off on Oct. 21 and what researchers found continued to highlight how secure development practices are lacking across the industry. – Read More
Prompt hijacking puts MCP-based AI workflows at risk – CSO Online
Model context protocol (MCP) gives IT teams a standardized way to connect large language models (LLMs) to tools and data sources when developing AI-based workflows. But security researchers warn that…
The Best End User Security Awareness Programs Aren’t About Awareness Anymore – Dark Reading
The goal is to apply psychology principles to security training to change behaviors and security outcomes. – Read More
It Takes Only 250 Documents to Poison Any AI Model – Dark Reading
Researchers find it takes far less to manipulate a large language model’s (LLM) behavior than anyone previously assumed. – Read More
Too Many Secrets: Attackers Pounce on Sensitive Data Sprawl – Dark Reading
Hardcoded credentials, access tokens, and API keys are ending up in the darnedest places, prompting a call for organizations to stop over-privileging secrets. – Read More
WhatsApp Secures Ban on NSO Group After 6-Year Legal Battle – Dark Reading
NSO Group must pay $4 million in damages and is permanently prohibited from reverse-engineering WhatsApp or creating new accounts after targeting users with spyware. – Read More
Canada Fines Cybercrime Friendly Cryptomus $176M – Krebs on Security
Financial regulators in Canada this week levied $176 million in fines against Cryptomus, a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The…
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign – The Hacker News
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations…
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files – The Hacker News
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket…
Aiden Technologies Product Demo: Automating endpoint management – Legal IT Insider
In this product demonstration, Paul Wilson, director of customer success at Aiden Technologies walks us through Aiden’s technology stack and how their solution is designed to automate the entire lifecycle…
Russia Pivots, Cracks Down on Resident Hackers – Dark Reading
Thanks to improving cybersecurity and law enforcement action from the West, Russia’s government is reevaluating which cybercriminals it wants to give safe haven from the law. – Read More
MuddyWater Targets 100+ Gov Entities in MEA with Phoenix Backdoor – Dark Reading
The Iranian threat group is using a compromised mailbox accessed through NordVPN to send phishing emails that prompt recipients to enable macros. – Read More
Thomson Reuters enters partnership with DeepJudge – Legal IT Insider
Thomson Reuters today (22 October) announced a new partnership with AI search engine DeepJudge, which will enable law firms to combine CoCounsel research with their own work product. DeepJudge, founded…
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch – The Hacker News
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched…