Latest news as of 8/19/2025, 7:14:11 PM
Bleeping Computer
Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a security vulnerability in the GiveWP WordPress donation plugin. [...]
Dark Reading
Security debt ahoy: only about half of the code that the latest large language models (LLMs) create is cybersecure, and more and more of it is being created all the time.
Dark Reading
When trying to crack your way into a cyber career, true passion and a bold love of the industry is a must, if you want to set yourself apart from hundreds of other job applicants, according to Weave CISO Jessica Sica.
Dark Reading
By creating a safe environment for open discussion, prioritizing human context alongside technical data, and involving diverse stakeholders, organizations can turn security incidents into accelerators of resilience.
Bleeping Computer
A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges. [...]
The Hacker News
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. "The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign," Proofpoint said in a Thursday report. The
The Register
Victims fear leak at Everglades Correctional Institution could lead to violent extortion A data breach at a Florida prison has inmates' families concerned for their welfare after their contact details were allegedly leaked to convicted criminals.…
Dark Reading
What if malware didn't require an operating system to function? How would anyone possibly notice, let alone disable it?
The Hacker News
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer "advanced license validation and registry optimization utilities for high-performance Node.js applications." It was uploaded to npm by a user named "Kodane" on July 28, 2025. The
Dark Reading
Thorium enhances cybersecurity teams' defense capabilities by seamlessly integrating commercial, open-source, and custom tools used to analyze malware.