Orange Belgium discloses data breach impacting 850,000 customers
Orange Belgium, a subsidiary of telecommunications giant Orange Group, disclosed on Wednesday that attackers who breached its systems in July have stolen the data of…
Month: August 2025
Russian Hackers Exploiting 7-Year-Old Cisco Vulnerability to Collect Configs from Industrial Systems
A Russian state-sponsored cyber espionage group designated as Static Tundra has been actively exploiting a seven-year-old vulnerability in Cisco networking devices to steal configuration data…
CISA Issues Four ICS Advisories on Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released four critical Industrial Control Systems (ICS) advisories on August 19, 2025, alerting organizations to current security vulnerabilities…
Doppel Simulation combats social engineering attacks
Doppel announced Doppel Simulation, a new product and expansion to the Doppel Vision Platform that enables organizations to redefine security awareness training and social engineering…
DOM‑based Extension Clickjacking Threatens User Data
A newly discovered technique, dubbed DOM-based extension clickjacking, has raised serious concerns about the security of browser-based password managers. Despite their role in protecting sensitive…
University of Melbourne reprimanded for using wi-fi data to identify protesters
The University of Melbourne has been reprimanded for using wi-fi location data to identify students involved in a sit-in protest last year. An investigation by…
Critical Apache Tika PDF Parser Vulnerability Allow Attackers to Access Sensitive Data
A critical security vulnerability has been discovered in Apache Tika’s PDF parser module that could enable attackers to access sensitive data and trigger malicious requests…
Apple Confirms Critical 0-Day Under Active Attack – Immediate Update Urged
Apple has issued an emergency security update for iOS 18.6.2 and iPadOS 18.6.2 to address a critical zero-day vulnerability that the company confirms is being…
Using lightweight LLMs to cut incident response times and reduce hallucinations
Researchers from the University of Melbourne and Imperial College London have developed a method for using LLMs to improve incident response planning with a focus…
CBA keeps pushing limits of its Workday environment
CBA has 20 apps in production that run off its now decade-old Workday system for human resources, part of a strategy to treat the software…
Google Announces New Capabilities for Enabling Defenders and Securing AI Innovation
Google Cloud has unveiled a comprehensive suite of security enhancements at its Security Summit 2025, marking a significant evolution in enterprise AI security frameworks. The…
Critical Flaw in Apache Tika PDF Parser Exposes Sensitive Data to Attackers
A critical XML External Entity (XXE) vulnerability has been discovered in Apache Tika’s PDF parser module, potentially allowing attackers to access sensitive data and compromise…