How Gray-Zone Hosting Companies Protect Data the US Wants Erased
New TP-Link zero-day surfaces as CISA warns other flaws are exploited
Argo CD Patches Critical CVSS 10 Vulnerability Exposing Repository Credentials (CVE-2025-55190)
No we didn’t warn all Gmail users about imminent digital doom, says Google
Texas sues PowerSchool over breach exposing 62M students, 880k Texans
Bridgestone Americas Confirms Cyberattack
https://www.darkreading.com/cyberattacks-data-breaches/bridgestone-americas-cyberattack
CVE-2025-53187: Critical RCE in ABB ASPECT BMS with CVSS 9.8, No Prior Authentication
Give your PC a fresh start: New free tools to boost your PC’s speed, security, and peace of mind
ISC2 Aims to Bridge DFIR Skill Gap with New Certificate
Sitecore Zero-Day Sparks New Round of ViewState Threats
https://www.darkreading.com/vulnerabilities-threats/sitecore-zero-day-viewstate-threats
Chess.com discloses recent data breach via file transfer app
Popular Android VPN apps found to have security flaws and China links
Hackers exploited Sitecore zero-day flaw to deploy backdoors
r/netsec monthly discussion & tool thread
https://www.reddit.com/r/netsec/comments/1n5oqio/rnetsec_monthly_discussion_tool_thread/
CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso with Exploit Attempts Seen in the Wild
How They Got In — DaVita’s Data Breach
https://www.reddit.com/r/netsec/comments/1n7efek/how_they_got_in_davitas_data_breach/
Why Threat Hunting Should Be Part of Every Security Program
https://www.darkreading.com/threat-intelligence/threat-hunting-part-every-security-program
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1n33j71/cache_me_if_you_can_sitecore_experience_platform/
From CastleLoader to CastleRAT: TAG-150 Advances Operations with Multi-Tiered Infrastructure
https://www.recordedfuture.com/research/from-castleloader-to-castlerat-tag-150-advances-operations
Microsoft says recent Windows updates cause app install issues
Generative AI as a Cybercrime Assistant
https://www.schneier.com/blog/archives/2025/09/generative-ai-as-a-cybercrime-assistant.html
Envoy Project Patches Two Flaws: DoS (CVE-2025-54588) and Session Hijacking (CVE-2025-55162) Risks
Tax refund scam targets Californians
https://www.malwarebytes.com/blog/news/2025/09/tax-refund-scam-targets-californians
Interpol Arrests Over 1K Cybercriminals in 'Operation Serengeti 2.0'
https://www.darkreading.com/cyberattacks-data-breaches/interpol-operation-serengeti-2-0
Microsoft says recent Windows update didn't kill your SSD
TamperedChef infostealer delivered through fraudulent PDF Editor
BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch
https://securityonline.info/badsuccessor-cve-2025-53779-technique-persists-despite-microsoft-patch/
We Are Still Unable to Secure LLMs from Malicious Inputs
Poor Password Choices
https://www.schneier.com/blog/archives/2025/08/poor-password-choices.html
ECScape - Blog Series (Black Hat & fwd:cloudsec)
https://www.reddit.com/r/netsec/comments/1mvc0km/ecscape_blog_series_black_hat_fwdcloudsec/
Auchan retailer data breach impacts hundreds of thousands of customers
How a scam hunter got scammed (Lock and Code S06E17)
https://www.malwarebytes.com/blog/podcast/2025/08/how-a-scam-hunter-got-scammed-lock-and-code-s06e17
RSAC 2025 Expo Recap: Goats, Puppies, and Threat Intelligence
Threats to the 2025 NATO Summit: Cyber, Influence, and Hybrid Risks
https://www.recordedfuture.com/research/threats-2025-nato-summit
GrayAlpha Unmasked: New FIN7-Linked Infrastructure, PowerNet Loader, and Fake Update Attacks
All Apple users should update after company patches zero-day vulnerability in all platforms
APT36 hackers abuse Linux .desktop files to install malware in new attacks
Windows 11 Update Causing SSD Failures: Microsoft Investigates Critical Storage Bug
Europol says Telegram post about 50,000 Qilin ransomware award is fake
US Extremists in 2025: Shift Toward Targeted Physical Threats | Recorded Future