Latest news as of 7/26/2025, 1:28:56 AM
The Hacker News
Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited, could allow websites to access a user's entire cloud storage content, as opposed to just the files selected for upload via the tool. "This stems from overly broad OAuth scopes and misleading consent screens that fail to clearly explain the extent of access being granted,
Bleeping Computer
The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country's Ministry of Foreign Affairs and critical infrastructure organizations. [...]
Dark Reading
The latest cybersecurity awareness campaign asks users to pause for nine seconds before clicking — but this approach misplaces responsibility and ignores the real problems of system design.
Dark Reading
Dark Reading is offering its readers the opportunity to tell us how we're doing via a new survey.
Bleeping Computer
Microsoft has introduced Windows Backup for Organizations, a new backup tool for enterprises that simplifies backups and makes the transition to Windows 11 easier. [...]
The Hacker News
Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account takeovers with personal services, the real threat is unfolding in the enterprise. Flare’s latest research, The Account and Session Takeover Economy, analyzed over 20 million stealer logs and tracked attacker activity across
The Hacker News
Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional malware to the infected hosts. "Rather than scanning the internet, the malware retrieves a list of targets from a command-and-control (C2) server
Dark Reading
The August acquisition will bring together Red Canary's extensive integration ecosystem with Zscaler's cloud transaction data to deliver an AI-powered security operations platform.
The Register
The latest in a long line of techies to face Putin’s wrath A Russian programmer will face the next 14 years in a "strict-regime" (high-security) penal colony after a regional court ruled he leaked sensitive data to Ukraine.…
Bleeping Computer
Microsoft has introduced a new update orchestration platform built on the existing Windows Update infrastructure, which aims to unify the updating system for all apps, drivers, and system components on Windows systems. [...]