Latest news as of 8/19/2025, 9:36:58 PM
Dark Reading
By creating a safe environment for open discussion, prioritizing human context alongside technical data, and involving diverse stakeholders, organizations can turn security incidents into accelerators of resilience.
Bleeping Computer
A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges. [...]
The Hacker News
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. "The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign," Proofpoint said in a Thursday report. The
The Register
Victims fear leak at Everglades Correctional Institution could lead to violent extortion A data breach at a Florida prison has inmates' families concerned for their welfare after their contact details were allegedly leaked to convicted criminals.…
Dark Reading
What if malware didn't require an operating system to function? How would anyone possibly notice, let alone disable it?
The Hacker News
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer "advanced license validation and registry optimization utilities for high-performance Node.js applications." It was uploaded to npm by a user named "Kodane" on July 28, 2025. The
Dark Reading
Thorium enhances cybersecurity teams' defense capabilities by seamlessly integrating commercial, open-source, and custom tools used to analyze malware.
Dark Reading
The SIEM market is at a pivotal point as XDR platforms and generative AI shake up the security analytics space.
The Hacker News
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who spares no expense on equipment—carbon fiber bikes, hydrodynamic wetsuits, precision GPS watches—but fuels their
Bleeping Computer
The Zero Day Initiative is offering a $1 million reward to security researchers who will demonstrate a zero-click WhatsApp exploit at its upcoming Pwn2Own Ireland 2025 hacking contest. [...]