The Hacker News reports: A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49704 (CVSS score: 8.8), a code injection and remote code execution bug in Microsoft SharePoint Server that was […]
TechCrunch explains: AI is being forced on us in pretty much every facet of life, from phones and apps to search engines and even drive-throughs, for some reason. The fact that we’re now getting web browsers with baked-in AI assistants and chatbots shows that the way some people are using the internet to seek out and consume information today is very different […]
The South China Morning Post reports: The privacy watchdog has launched an investigation after Louis Vuitton Hong Kong suffered a data breach that compromised the personal information of about 419,000 customers in the city. The Office of the Privacy Commissioner for Personal Data said on Saturday that Louis Vuitton Hong Kong had notified it of […]
TechCrunch reports: Former U.S. Army soldier Cameron John Wagenius pleaded guilty to hacking telecommunication companies and attempting to extort them by threatening to release stolen files, the Department of Justice announced on Tuesday. According to the DOJ, Wagenius, who went online with the nickname “kiberphant0m,” conspired to defraud 10 victim companies by stealing their login credentials, using brute […]
A huge Ministry of Defence leak in 2022 is first being revealed in detail after a superinjunction was lifted. The Independent reports: A huge Ministry of Defence data breach put the lives of up to 100,000 at risk and prompted thousands of Afghans to be evacuated to Britain under a covert £7bn scheme – then was kept secret […]
Major retailers remain vulnerable to attacks by ransomware gangs. The same gang thought to be involved in the Marks & Spencer attack has now claimed another victim. Security Week reports: The DragonForce ransomware gang has claimed responsibility for a disruptive cyberattack on US department store chain Belk. The incident was identified on May 8 and […]
Recorded Future reports: The federal cybersecurity watchdog ordered all civilian agencies to immediately patch a vulnerability impacting several NetScaler products used by organizations to manage network traffic. The Cybersecurity and Infrastructure Security Agency (CISA) added the bug — tracked as CVE-2025-5777 — to its catalog of known exploited vulnerabilities on Thursday afternoon but took the extraordinary step […]
Cyber Magazine reports: McDonald’s job applicants had their personal information exposed when security researchers accessed 64 million records through basic password attacks on the McHire platform. The breach occurred through vulnerabilities in systems operated by AI software firm Paradox.ai, which provides chatbot technology to screen candidates for the fast-food chain. Security researchers Ian Carroll and Sam […]
Reuters reports law enforcement in the UK has arrested four young people believed to be part of the Scattered Spider group that crippled high-end retailers earlier this year: Four people have been arrested as part of a police investigation into cyberattacks that disrupted the operations of retailers Marks & Spencer, the Co-op and Harrods, Britain’s […]
In a Thursday surprise, ransomware gang Hunters International announced they are closing the project and are offering their past victims free decryptor keys if they need them. The Register reports: Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor. Announcing the news on Thursday morning, […]
