Latest news as of 11/14/2025, 3:51:54 AM
Dark Reading
Researchers discovered more than 550 unique secrets exposed in Visual Studio Code marketplaces, prompting Microsoft to bolster security measures.
The Register
CVE and CVSS systems suffer from misaligned incentives and inconsistency Aram Hovespyan, co-founder and CEO of security biz Codific, says that the rating systems for identifying security vulnerabilities and assessing threat risk need to be overhauled.…
Bleeping Computer
Major international auction house Sotheby's is notifying customers of a data breach incident on its systems where threat actors stole sensitive information, including financial details. [...]
Bleeping Computer
Hackers stole the personal information of over 17.6 million people after breaching the systems of financial services company Prosper. [...]
Bleeping Computer
Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access. [...]
Dark Reading
AI might help some threat actors in certain respects, but one group is proving that its use for cyberattacks has its limits.
Bleeping Computer
Microsoft has disrupted a wave of Rhysida ransomware attacks in early October by revoking over 200 certificates used to sign malicious Teams installers. [...]
The Register
Who needs enemies when you have friends like Xi? China's cyberspies quietly broke into a Russian IT service provider in what researchers say is a rare example of Beijing turning its digital gaze on Moscow.…
Bleeping Computer
Microsoft reminded customers this week that Office 2016 and Office 2019 have reached the end of extended support on October 14, 2025. [...]
The Hacker News
An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely