WestJet, Canada's second-largest airline, is investigating a cyberattack that has disrupted access to some internal systems as it responds to the breach. [...]

<The Anubis ransomware-as-a-service (RaaS) operation has added to its file-encrypting malware a wiper module that destroys targeted files, making recovery impossible even if the ransom is paid. [...]

With Tehran’s military weakened, digital retaliation likely, experts tell The Reg The current Israel–Iran military conflict is taking place in the era of hybrid war, where cyberattacks amplify and assist missiles and troops, and is being waged between two countries with very capable destructive cyber weapons.... [...]

Video of the stubby squid ( Rossia pacifica ) from offshore Vancouver Island. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. [...]

Some trace back to an outfit under US export controls for alleged PLA links Both Apple's and Google's online stores offer free virtual private network (VPN) apps owned by Chinese companies, according to researchers at the Tech Transparency Project, and they don't make this fact readily known to people …

As the capabilities of quantum computing evolve, AWS is committed to helping our customers stay ahead of emerging threats to public-key cryptography. Today, we’re announcing the integration of FIPS 204: Module-Lattice-Based Digital Signature Standard (ML-DSA) into AWS Key Management Service (AWS KMS). Customers can now create and use …

At this year’s AWS Summit in Washington, DC, I had the privilege of moderating a fireside chat with Steve Schmidt, Amazon’s Chief Security Officer, and Lakshmi Raman, the CIA’s Chief Artificial Intelligence Officer. Our discussion explored how AI is transforming cybersecurity, threat response, and innovation across …

Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware. [...]

Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent Apple has updated its iOS/iPadOS 18.3.1 documentation, confirming it introduced fixes for the zero-click vulnerability used to infect journalists with Paragon's Graphite spyware.... [...]

June 13, 2025: This post was updated to fix an incorrect link. Greetings from the AWS Customer Incident Response Team (AWS CIRT). AWS CIRT is a 24/7, specialized global Amazon Web Services (AWS) team that provides support to customers during active security events on the customer side of …

Infosec employers demanding too much from early-career recruits, says ISC2 Cybersecurity hiring managers need a reality check when it comes to hiring junior staff, with job adverts littered with unfair expectations that are hampering recruitment efforts, says industry training and cert issuer ISC2.... [...]

Victoria's Secret has restored all critical systems impacted by a May 24 security incident that forced it to shut down corporate systems and the e-commerce website. [...]

Paragon is an Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of its product. Citizen Lab caught it spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025, a select group of iOS users …

Cloudflare has confirmed that the massive service outage yesterday was not caused by a security incident and no data has been lost. [...]

It was one of the offenders' final warning Four staffers at the UK's Financial Conduct Authority (FCA) were let off with warnings over separate cases involving the transmission of regulator data to their personal email accounts.... [...]

Good news: The vendor patched the flaw in January. Bad news: Not everyone got the memo Ransomware criminals infected a utility billing software providers' customers, and in some cases disrupted services, after exploiting unpatched versions of SimpleHelp’s remote monitoring and management (RMM) tool, according to a Thursday CISA …

Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark …

Apple this week provided a glimpse into a feature that solves one of the biggest drawbacks of passkeys, the industry-wide standard for website and app authentication that isn't susceptible to credential phishing and other attacks targeting passwords. The import/export feature, which Apple demonstrated at this week’s Worldwide …

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. [...]

Forensic investigation has confirmed the use of Paragon's Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. [...]

Today, Amazon Web Service (AWS) introduces the Security Champion Knowledge Path on AWS Skill Builder, featuring training and a digital badge. The Security Champion Knowledge path is a comprehensive educational framework designed to empower developers and software engineers with essential AWS cloud security knowledge and best practices. The structured …

Welcome to the first Cloud CISO Perspectives for June 2025. Today, Anton Chuvakin, security advisor for Google Cloud’s Office of the CISO, discusses a new Google report on securing AI agents, and the new security paradigm they demand. As with all Cloud CISO Perspectives, the contents of this …

This is news : A data broker owned by the country’s major airlines, including Delta, American Airlines, and United, collected U.S. travellers’ domestic flight records, sold access to them to Customs and Border Protection (CBP), and then as part of the contract told CBP to not reveal where …

Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. [...]

Microsoft announced that a new Edge feature allowing employees to share passwords more securely in enterprise environments has reached general availability. [...]

Citizen Lab says it found ‘digital fingerprints’ of military-grade spyware that Italy has admitted using against activists The hacking mystery roiling the Italian prime minister Giorgia Meloni’s rightwing government is deepening after researchers said they had found new evidence that two more journalists were targeted using the same …

GitLab has released security updates to address multiple vulnerabilities in the company's DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in future pipelines. [...]

Incident responders suggested sweeping improvements following Active Directory database heist Exclusive Cybercriminals broke into systems belonging to the UK's NHS Professionals body in May 2024, stealing its Active Directory database, but the healthcare organization never publicly disclosed it, The Register can reveal.... [...]

Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca. [...]

'BrowserVenom' is pure poison Suspected cybercriminals have created a fake installer for Chinese AI model DeepSeek-R1 and loaded it with previously unknown malware called "BrowserVenom".... [...]

A new attack dubbed 'SmartAttack' uses smartwatches as a covert ultrasonic signal receiver to exfiltrate data from physically isolated (air-gapped) systems. [...]

Erie Insurance and Erie Indemnity Company have disclosed that a weekend cyberattack is behind the recent business disruptions and platform outages on its website. [...]

FIN6 moves from point-of-sale compromise to phishing recruiters In a scam that flips the script on fake IT worker schemes, cybercriminals posing as job seekers on LinkedIn and Indeed are targeting recruiters - a group hated only slightly less than digital crooks - with malware hosted on phony resume portfolio sites …

The 16 other flagged issues are on customers, says CRM giant Salesforce has assigned five CVE identifiers following a security report that uncovered more than 20 configuration weaknesses, some of which exposed customers to unauthorized access and session hijacking.... [...]

A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction. [...]

We’re excited to announce that our Europe (London) AWS Region has renewed its accreditation for United Kingdom (UK) Police-Assured Secure Facilities (PASF) for Official-Sensitive data. Since 2017, the Amazon Web Services (AWS) Europe (London) Region has been accredited under the PASF program. This demonstrates our continuous commitment to …

An APT hacking group known as 'Stealth Falcon' exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. [...]

Interpol coordinates operation, nabs 32 across Vietnam, Sri Lanka, and Nauru Thirty-two people across Asia have been arrested over their suspected involvement with infostealer malware in the latest international collaboration against global cybercrime.... [...]

Timing is everything in the war against ransomware thieves, says Prelude Security Partner content When a new security advisory drops or an alarming new ransomware campaign makes the news, the question from leadership inevitably follows: "Are we covered?"... [...]

A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. [...]

An international law enforcement action codenamed "Operation Secure" targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures, and server takedowns. [...]

On your marks, get set... bork! Microsoft has set a new record with June's security update for the time between release and an admission of borkage.... [...]

The botnet’s still alive and evolving Badbox 2.0, the botnet that infected millions of smart TV boxes and connected devices before private security researchers and law enforcement partially disrupted its infrastructure, is readying for a third round of fraud and digital attacks, according to one of the …

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. The …

Stealthy Falcon swoops on WebDAV and Redmond's even patching IE! Patch Tuesday It's Patch Tuesday time again, and Microsoft is warning that there are a bunch of critical fixes to sort out - and two actively exploited bugs.... [...]

Join us at AWS re:Inforce 2025 from June 16 to 18 as we dive deep into identity and access management, where we’ll explore how organizations are securing identities at scale. As the traditional security perimeter continues to dissolve in our hybrid and multi-cloud world, this year’s …

A vulnerability in the DanaBot malware operation introduced in June 2022 update led to the identification, indictment, and dismantling of their operations in a recent law enforcement action. [...]

ConnectWise is warning customers that it is rotating the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise RMM executables over security concerns. [...]

Security researchers have disclosed a new Secure Boot bypass tracked as CVE-2025-3052 that can be used to turn off security on PCs and servers and install bootkit malware. [...]

Researchers have unearthed two publicly available exploits that completely evade protections offered by Secure Boot, the industry-wide mechanism for ensuring devices load only secure operating system images during the boot-up process. Microsoft is taking action to block one exploit and allowing the other one to remain a viable threat …