Latest news as of 11/9/2025, 6:43:12 AM
The Register
After a £312M upgrade to the retiring OS, Defra still has 24,000 devices to replace The UK's Department for Environment, Food & Rural Affairs (Defra) has spent £312 million (c $407 million) modernizing its IT estate, including replacing tens of thousands of Windows 7 laptops with Windows 10 – which officially reached end of support last month.…
Bleeping Computer
Microsoft has warned that some systems may boot into BitLocker recovery after installing the October 2025 Windows security updates. [...]
The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-11371 (CVSS score: 7.5) - A vulnerability in files or directories accessible to
Dark Reading
The well-known North Korean threat group continues to improve the obfuscation and anti-analysis features of its attack toolchain.
The Register
DHS rule would expand biometric collection to immigrants and some citizens linked to them If you're filing an immigration form - or helping someone who is - the Feds may soon want to look in your eyes, swab your cheek, and scan your face. The US Department of Homeland Security wants to greatly expand biometric data collection for immigration applications, covering immigrants and even some US citizens tied to those cases.…
Bleeping Computer
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts. [...]
Dark Reading
A threat actor known as "Curly COMrades" is using Linux VMs to remain undetected in Windows environments while conducting Russia-aligned activities.
Dark Reading
European organizations face an escalating cyber threat landscape as attackers leverage geopolitical tensions and AI-enhanced social engineering for attacks.
Bleeping Computer
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. [...]
Bleeping Computer
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. [...]