Patch Tuesday – September 2025

Microsoft is addressing 176 vulnerabilities today, which seems like a lot, and it is. Curiously, Microsoft’s own Security Update Guide (SUG) for September 2025 Patch Tuesday only lists 86 vulns, and that’s because the SUG doesn’t include a large number Read More …

All Plex users should reset passwords in wake of data breach

Popular media server and streaming platform, Plex, warned its users about losing their sensitive data in a cyberattack, and urged them to update their passwords as a result. In a forum post published on September 8, Plex said it recently Read More …

Notes of cyber inspector: three clusters of threat in cyberspace

Hacktivism and geopolitically motivated APT groups have become a significant threat to many regions of the world in recent years, damaging infrastructure and important functions of government, business, and society. In late 2022 Kaspersky predicted that the involvement of hacktivist Read More …

Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed

In August 2025, Trend Micro investigated a new ransomware campaign orchestrated by The Gentlemen, an emerging and previously undocumented threat group. This threat actor quickly established itself within the threat landscape by demonstrating advanced capabilities through their systematic compromise of Read More …

UK: Jeremy Clarkson’s Cotswolds pub targeted in cyber attack

Jeremy Clarkson’s pub has become the latest victim of cyber-criminals who managed to steal £27,000 from the establishment. The Farmer’s Dog fell prey to hackers who employed sophisticated methods to infiltrate the accounts of the Cotswolds venue during a recent Read More …

Columbia University data breach hits 870,000 people

Columbia University recently confirmed a major cyberattack that compromised personal, financial, and health-related information tied to students, applicants, and employees. The victims include current and former students, employees, and applicants. Notifications to affected individuals began on August 7 and are Read More …

CMS Sitecore patches critical zero-day flaw

Popular CMS platform Sitecore has patched a critical zero-day vulnerability found to be being abused in cyberattacks. Security researchers from Mandiant observed threat actors exploiting a zero-day flaw to deploy malware, as well as other legitimate software. The flaw stemmed Read More …

Range Rover and Jaguar drivers face lengthy repair delays after cyber attack crippled garages

More than a million Range Rover and Jaguar drivers could face huge delays in getting their motors repaired after a devastating cyber-attack crippled Jaguar Land Rover. Bosses at Jaguar Land Rover (JLR) were forced to scramble on Sunday, hastily shutting Read More …

Palo Alto Networks becomes the latest to confirm it was hit by Salesloft Drift attack

The Salesloft Drift incident is quickly turning into the next MOVEit MFT fiasco, as yet another company confirms losing sensitive data in the third-party attack. This time around, it is the American multinational cybersecurity company Palo Alto Networks that confirmed Read More …

Google warns Gmail users to change passwords after data breach

Google is warning about 2.5 billion Gmail users to change their passwords or install a passkey following a data breach that has led to a surge in “phishing” email attacks. The data breach that prompted the warning reportedly happened at Read More …