SonicWall investigation shows hackers gained wide access to customer backup files
SonicWall on Wednesday said it completed an investigation that showed hackers were able to gain access to firewall configuration backup files for all customers that used the company's MySonicWall cloud backup service. The probe was completed with Mandiant, the cybersecurity incident response arm of Google Cloud. The files contained encrypted credentials and configuration data, according to the company, which noted that while encryption remains, there is a heightened risk of targeted attacks. READ MORE...
SimonMed Imaging Data Breach Impacts 1.2 Million
SimonMed Imaging has revealed that a data breach resulting from a ransomware attack has impacted more than 1.2 million individuals. According to its website, SimonMed Imaging is one of the largest medical imaging providers and physician radiology practices in the US, with more than 170 facilities across 10 states. The Arizona-based healthcare organization learned in late January 2025 that one of its vendors had been breached and an investigation showed that its own network had also been hacked. READ MORE...
BreachForums seized, but hackers say they will still leak Salesforce data
Law enforcement agencies in the United States and France have seized control of domains linked to the notorious BreachForums hacking forum, commonly used for the leaking of stolen data, and the sale of hacked credentials. However, observers are warning the takedown - although worthy and laudable - may be more symbolic than final, as a version of BreachForums on the dark web remains active. READ MORE...
AI-generated images have a problem of credibility, not creativity
GenAI simplifies image creation, yet it creates hard problems around intellectual property, authenticity, and accountability. Researchers at Queen's University in Canada examined watermarking as a way to tag AI images so origin and integrity can be checked. A watermarking system operates as a complete security process with several essential parts: embedding, verification, attack channels, and detection. It starts when a coded message is placed inside an image either during or after generation. READ MORE...
Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data
Oracle over the weekend announced the availability of a patch for another severe E-Business Suite (EBS) vulnerability that can be exploited to gain access to sensitive data. The newly patched flaw is tracked as CVE-2025-61884 and it has been assigned a 'high severity' rating. According to Oracle's advisory, it impacts the Runtime UI component of Oracle Configurator and it can be exploited remotely without authentication and without requiring user interaction. READ MORE...
Brian Krebs: DDoS Botnet Aisuru Blankets US ISPs in Record DDoS
The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised IoT devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating efforts to limit collateral damage from the botnet's attacks, which shattered previous records this week with a brief traffic flood that clocked in at nearly 30 trillion bits of data per second. READ MORE...
Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
Afast-spreading Android spyware is mushrooming across Russia, camouflaging itself as popular apps like TikTok or YouTube, researchers at Zimperium have revealed in a blog post. The company told CyberScoop they expect the campaign is likely to expand beyond Russian borders, too. In three months, Zimperium zLabs researchers observed more than 600 samples, the company wrote in a blog post Thursday. READ MORE...
RondoDox Botnet: an 'Exploit Shotgun' for Edge Vulns
A new botnet is exploiting dozens of known vulnerabilities in hard-to-patch edge devices. "RondoDox" is characteristically unlike most botnets, researchers from Trend Micro said in a report on Thursday. Where others are specially crafted to pick apart select vulnerabilities like a surgeon, RondoDox blasts onto infected devices like Rambo, trying exploit after exploit to see which one sticks. READ MORE...
Bruce Schneier: AI and the Future of American Politics
Two years ago, Americans anxious about the forthcoming 2024 presidential election were considering the malevolent force of an election influencer: artificial intelligence. Over the past several years, we have seen plenty of warning signs from elections worldwide demonstrating how AI can be used to propagate misinformation and alter the political landscape. AI is poised to play a more volatile role than ever before in America's next federal election in 2026. READ MORE...
Your passwords don't need so many fiddly characters, NIST says
It's once again time to change your passwords, but if one government agency has its way, this might be the very last time you do it. After nearly four years of work to update and modernize its guidance for how companies, organizations, and businesses should protect their systems and their employees, the US National Institute of Standards and Technology has released its latest guidelines for password creation, and it comes with some serious changes. READ MORE...
Hackers exploiting zero-day in Gladinet file sharing software
Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. At least three companies have been targeted so far. Although a patch is not yet available, customers can apply mitigations. CentreStack and Triofox are Gladinet's business solutions for file sharing and remote access that allow using a company's own storage as a cloud. READ MORE...
- ...in 1775, The Continental Congress authorizes construction of two warships, thus instituting an American naval force.
- ...in 1941, singer-songwriter Paul Simon ("50 Ways to Leave Your Lover", "Bridge Over Troubled Water") is born in Newark, NJ.
- ...in 1958, Michael Bond's children's book "A Bear Called Paddington" is first published, introducing the classic title character.
- ...in 2010, all 33 Chilean miners trapped by a cave-in are rescued, after spending more than 69 days underground.
