US politicians ponder Wimwig cyber intel sharing law
A long-awaited update to the US’s Cybersecurity Information Sharing Act (CISA) of 2015 – which lapses at the end of September amid gathering concerns over…
Month: September 2025
Marriott checks out AI agents amid technology transformation
Marriott International is executing a multiyear digital and technology transformation plan that aims to retool the company, replace systems and develop a cloud-native innovation fabric…
Financial services firm Wealthsimple discloses data breach
Wealthsimple, a leading Canadian online investment management service, has disclosed a data breach after attackers stole the personal data of an undisclosed number of customers…
New Malware Leverages Windows Character Map to Bypass Windows Defender and Mine Cryptocurrency for The Attackers
A recently discovered strain of cryptomining malware has captured the attention of security teams worldwide by abusing the built-in Windows Character Map application as an…
Hollywood’s Battle Against Digital Threats
The adage “content is king” holds particularly true for the entertainment industry. Millions of people across the globe pursue film, video streaming and musical content, making…
Critical SAP S/4HANA Vulnerability Actively Exploited, Allowing Full System Takeover
A critical security flaw in SAP S/4HANA, tracked as CVE-2025-42957, is being actively exploited by attackers, according to research from SecurityBridge. The vulnerability, which carries…
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations
The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. “Available in both…
Jaguar Land Rover cyber attack keeps workers at home
Jaguar Land Rover (JLR) has told its car workers to stay away from the assembly lines until at least Tuesday, as a possible culprit for…
Microsoft gives US students a free year of Microsoft 365 Personal
Microsoft announced that starting this Thursday, all college students in the United States can get a free year of Microsoft 365 Personal. For everyone else,…
Hackers Use AI Platforms to Steal Microsoft 365 Credentials in Phishing Campaign
Cybercriminals are increasingly exploiting the trust organizations place in artificial intelligence platforms to conduct sophisticated phishing attacks, according to a new report from cybersecurity firm…
Threat Actors Exploit ScreenConnect Installers for Initial Access
A marked escalation in the abuse of ConnectWise ScreenConnect installers since March 2025, with U.S.-based businesses bearing the brunt of these incursions. Adversaries are now…
Critical SAP S/4HANA vulnerability now exploited in attacks
A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn. The flaw, tracked as CVE-2025-42957,…