Neon Cyber Emerges from Stealth, Shining a Light into the Browser
Neon Cyber’s purpose is to move the focus of current cybersecurity from the infrastructure to the workforce. The company emerged from stealth, September 16, after…
Month: September 2025
New Persistence Technique Allows Attackers to Hide Malware Within AWS Cloud Environment
Attackers are increasingly leveraging sophisticated techniques to maintain long-term access in cloud environments, and a newly surfaced tool named AWSDoor is emerging as a major…
WordPress Plugin Vulnerability Let Attackers Bypass Authentication via Social Login
A critical vulnerability in the Case Theme User plugin for WordPress allows unauthenticated attackers to hijack any account on vulnerable sites, including administrative accounts, by…
“A dare, a challenge, a bit of fun:” Children are hacking their own schools’ systems, says study
As if ransomware wasn’t enough of a security problem for the sector, educational institutions also need to worry about their own students, a recent study…
Startup Carbon3.ai sets sights on building UK-wide sovereign ‘national grid for AI’
Startup Carbon3.ai is on a mission to help the UK government achieve its goal of building a sustainable and sovereign artificial intelligence (AI) compute resource…
ChatGPT’s New Calendar Integration Can Be Abused to Steal Emails
A new ChatGPT calendar integration can be abused to execute an attacker’s commands, and researchers at AI security firm EdisonWatch have demonstrated the potential impact…
AISURU Botnet With 300,000 Hijacked Routers Behind The Recent Massive 11.5 Tbps DDoS Attack
Since early 2025, the cybersecurity community has witnessed an unprecedented surge in distributed denial-of-service (DDoS) bandwidth, culminating in a record-shattering 11.5 Tbps assault attributed to…
Threat Actors Exploit MCP Servers to Steal Sensitive Data
Unvetted Model Context Protocol (MCP) servers introduce a stealthy supply chain attack vector, enabling adversaries to harvest credentials, configuration files, and other secrets without deploying…
Gucci, Balenciaga and Alexander McQueen Breach Linked to ShinyHunters
ShinyHunters reportedly hacked Kering, exposing Gucci, Balenciaga and Alexander McQueen customer data, raising risks of scams and spear phishing. The private information of customers from…
Watch out for the “We are hiring” remote online evaluator message scam
Looking at our team’s recent text messages, you’d think that remote online evaluators are in high demand right now. Several members of our team have…
Fraud Prevention Company SEON Raises $80 Million in Series C Funding
Fraud prevention and AML compliance firm SEON today announced raising $80 million in Series C funding, which brings the total raised by the company to…
Spring Framework Security Flaws Enable Authorization Bypass and Annotation Detection Issues
Two critical vulnerabilities, CVE-2025-41248 and CVE-2025-41249, have emerged in Spring Security and Spring Framework that could allow attackers to bypass authorization controls in enterprise applications. …