- Update Chrome now: 20 security fixes just landed
October 31, 2025
Google has released an update for its Chrome browser that includes 20 security fixes, several of which are classed as high severity. Most of these flaws were found in Chrome’s V8 engine—the part of Chrome (and other Chromium-based browsers) that runs JavaScript. Chrome is by far the world’s most popular browser, used by an estimated 3.4 ...
- Canadian government claims hacktivists are attacking water and energy facilities
October 31, 2025
The Canadian government has issued a new security alert warning of so-called hacktivists targeting Industrial Control Systems (ICS). The report says the Cyber Centre and the Royal Canadian Mounted Police has received “multiple reports” of incidents involving internet-accessible ICS. Among the reports were an attack on a water facility, in which the miscreants tampered with water ...
- Government hackers breached telecom giant Ribbon for months before getting caught
October 31, 2025
U.S. telecommunications giant Ribbon has confirmed that government-backed hackers had access to its network for almost a year before getting caught, according to a public filing. The telco giant said in a 10-Q disclosure last week with the U.S. Securities and Exchange Commission that a suspected “nation-state actor had gained access to the company’s IT network” ...
- UK: Woman charged after around 100 patient records accessed in data breach
October 31, 2025
A woman has been charged after around 100 patients had their medical records accessed in a data breach at NHS Lothian. The health board has written letters to patients affected by the breach, which they say was caused by one individual at Edinburgh Royal Infirmary. A letter dated last month, seen by STV News, says the ...
- Ransomware gang claims Conduent breach: what you should watch for next [updated]
October 30, 2025
Updated – October 30, 2025: New information confirms that Conduent’s 2024 breach has impacted over 10.5 million people, based on notifications filed with multiple state attorneys general. The largest disclosure came from the Oregon government, which reported 10.5 million affected residents. Conduent provides technology services to several US state governments, including Medicaid, child support, and food ...
- Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack
October 29, 2025
Palo Alto Unit 42 researchers have discovered a new Windows-based malware family they’ve named Airstalk, which is available in both PowerShell and .NET variants. Unit 42 assess with medium confidence that a possible nation-state threat actor used this malware in a likely supply chain attack. The researchers have created the threat activity cluster CL-STA-1009 to identify ...
- EY exposes 4TB+ SQL database to open internet for who knows how long
October 29, 2025
A Dutch cybersecurity outfit says its lead researcher recently stumbled upon a 4TB+ SQL Server backup file belonging to EY exposed to the web, effectively leaking the accounting and consulting megacorp’s secrets. Among the BAK file’s data were API keys, cached authentication tokens, session tokens, service account passwords, and user credentials, Neo Security’s writeup explained. Read more… Source: ...
- CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware
October 28, 2025
On Monday, researchers at cybersecurity giant Kaspersky published a report identifying a new spyware called Dante that they say targeted Windows victims in Russia and neighboring Belarus. The researchers said the Dante spyware is made by Memento Labs, a Milan-based surveillance tech maker that was formed in 2019 after a new owner acquired and took over ...
- Clearview AI faces criminal heat for ignoring EU data fines
October 28, 2025
Privacy advocates at Noyb filed a criminal complaint against Clearview AI for scraping social media users’ faces without consent to train its AI algorithms. Austria-based Noyb (None of Your Business) is targeting the US company and its executives, arguing that if successful, individuals who authorized the data collection could face criminal penalties, including imprisonment. The complaint ...
- The end of ransomware? Report claims the number of firms paying up is plummeting
October 28, 2025
The number of companies paying ransomware attackers for decryption keys and delete stolen files has plummeted, and now represents just 23% of all victims, new research has claims. In its report, Coveware said ransom payment rates across all impact scenarios – encryption, data exfiltration, and other extortion – fell to a “historical low” of 23% in ...