Can LLMs understand scientists? | Computer Weekly
The use of large language models (LLMs) as an alternative to search engines and recommendation algorithms is increasing, but early research suggests there is still…
Month: September 2025
In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias
SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories…
Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet
Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT’s License Servlet that can be exploited in command injection attacks. GoAnywhere…
Beware of Weaponized ScreenConnect App That Delivers AsyncRAT and PowerShell RAT
The emergence of a new campaign weaponizing legitimate remote monitoring and management software has alarmed security teams worldwide. Attackers are distributing trojanized installers for ConnectWise…
New iOS Video Injection Tool Bypasses Biometric Locks on Jailbroken iPhones
A newly discovered video injection tool for iOS devices that have been jailbroken poses a serious threat to modern digital identity verification. Developed to run…
BreachLock Named Sample Vendor for PTaaS and AEV in Two New 2025 Gartner® Reports
New York, New York, September 19th, 2025, CyberNewsWire BreachLock, the global leader in offensive security, has been recognized as a Sample Vendor for Penetration Testing…
17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge
The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. “Phishing-as-a-Service…
Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions
Two Russian state-sponsored threat actors have been working together in recent cyberattacks against Ukrainian targets, evidence collected by ESET suggests. Specifically, the company found that,…
Intigriti Bug Bytes #228 – September 2025
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: A common (yet unknown) SSRF attack vector in Next.js Middleware Exploiting…
OpenAI’s $4 GPT Go plan may expand to more regions
OpenAI released $4 GPT Go in August, but it was limited to just India. Now, OpenAI is expanding GPT Go to include new regions. OpenAI…
ChatGPT Tricked Into Bypassing CAPTCHA Security and Enterprise Defenses
ChatGPT agents can be manipulated into bypassing their own safety protocols to solve CAPTCHA, raising significant concerns about the robustness of both AI guardrails and…
Deceptive Tactics to Bypass Security Systems
Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake captcha pages that lead to…