Cyber

OT-Security: Warum der Blick auf Open Source lohnt – CSO Online

September 10, 2025

Auch im OT-Security-Bereich stellen Open-Source-Lösungen eine kostengünstige Alternative zu kommerziellen Tools dar. MY STOCKERS – Shutterstock.com OT-Security als strategischer Erfolgsfaktor Die zunehmende Digitalisierung und Vernetzung in der industriellen Produktion haben…

Cyber Dark Reading

Southeast Asian Scam Centers Face More Financial Sanctions – Dark Reading

September 10, 2025

Firms cooperating with cybercrime syndicates in Burma and Cambodia face sanctions by the US government and enforcement actions by China, but the scams continue to grow. – Read More

Cyber Hacker News

Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts – The Hacker News

September 10, 2025

Adobe has warned of a critical security flaw in its Commerce and Magento Open Source platforms that, if successfully exploited, could allow attackers to take control of customer accounts. The…

Cyber Hacker News

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws – The Hacker News

September 10, 2025

SAP on Tuesday released security updates to address multiple security flaws, including three critical vulnerabilities in SAP Netweaver that could result in code execution and the upload arbitrary files. The…

CSO Online Cyber

Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V – CSO Online

September 10, 2025

CISOs with SAP NetWeaver AS Java servers in their environments should make sure admins patch two highly critical vulnerabilities as soon as possible. They are among the most important of…

Cyber Krebs

Microsoft Patch Tuesday, September 2025 Edition – Krebs on Security

September 9, 2025

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or actively exploited vulnerabilities in this…

Cyber Dark Reading

EoP Flaws Again Lead Microsoft Patch Day – Dark Reading

September 9, 2025

Nearly half the CVEs Microsoft disclosed in its September security update, including one publicly known bug, enable escalation of privileges. – Read More

Cyber Dark Reading

Is the Browser Becoming the New Endpoint? – Dark Reading

September 9, 2025

While the jury is still out on whether the browser is the new endpoint, it’s clear that use has skyrocketed and security needs to align. – Read More

Cyber Dark Reading

Qantas Reduces Executive Pay Following Cyberattack – Dark Reading

September 9, 2025

The data breach, which occurred earlier this year, saw threat actors compromise a third-party platform to obtain Qantas customers’ personal information. – Read More

Cyber Dark Reading

Huge NPM Supply-Chain Attack Goes Out With Whimper – Dark Reading

September 9, 2025

Threat actors phished Qix’s NPM account, then used their access to publish poisoned versions of 18 popular open-source packages accounting for more than 2 billion weekly downloads. – Read More

Cyber NCSC Blogs

Cyber resilience matters as much as cyber defence – NCSC Blog

September 9, 2025

Why planning and rehearsing your recovery from an incident is as vital as building your defences – Read More

Cyber Dark Reading

Salty2FA Takes Phishing Kits to Enterprise Level – Dark Reading

September 9, 2025

Cybercriminal operations use the same strategy and planning as legitimate organizations as they arm adversarial phishing kits with advanced features. – Read More

Cyber Hacker News

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks – The Hacker News

September 9, 2025

Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly efficient attack pipeline” in recent phishing campaigns, according to new…

CSO Online Cyber

Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting – CSO Online

September 9, 2025

Security researchers at Arctic Wolf have uncovered a novel malware campaign targeting users in Western Europe, delivered through Google Ads and employing sophisticated evasion techniques. Dubbed GPUGate, the campaign uses…

CSO Online Cyber

Phishing kit Salty2FA washes away confidence in MFA – CSO Online

September 9, 2025

A newly uncovered phishing campaign has been linked to Salty2FA, a phishing-as-a-service framework built to sidestep multi-factor authentication (MFA). The ongoing campaign is using the kit to bypass MFA protections…

OT-Security: Warum der Blick auf Open Source lohnt – CSO Online

Southeast Asian Scam Centers Face More Financial Sanctions – Dark Reading

Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts – The Hacker News

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws – The Hacker News

Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V – CSO Online

Microsoft Patch Tuesday, September 2025 Edition – Krebs on Security

EoP Flaws Again Lead Microsoft Patch Day – Dark Reading

Is the Browser Becoming the New Endpoint? – Dark Reading

Qantas Reduces Executive Pay Following Cyberattack – Dark Reading

Huge NPM Supply-Chain Attack Goes Out With Whimper – Dark Reading

Cyber resilience matters as much as cyber defence – NCSC Blog

Salty2FA Takes Phishing Kits to Enterprise Level – Dark Reading

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks – The Hacker News

Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting – CSO Online

Phishing kit Salty2FA washes away confidence in MFA – CSO Online

You Missed

‘Landfall’ Malware Targeted Samsung Galaxy Users – Dark Reading

‘Ransomvibing’ Infests Visual Studio Extension Market – Dark Reading

Microsoft Backs Massive AI Push in UAE, Raising Security Concerns – Dark Reading

Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp – The Hacker News