Microsoft today released updates to fix more than 100 security flaws in its Windows operating systems and other software. At least 13 of the bugs received Microsoft's most-dire "critical" rating, meaning they could be abused to gain remote access to a Windows system with little or no help from users. August's patch batch includes an update for a vulnerability that allows an attacker to pivot from a compromised Exchange Server directly into an organization's cloud environment READ MORE...
Manpower of Lansing, Michigan, has informed authorities that a data breach stemming from a ransomware attack affects roughly 140,000 individuals. The staffing and recruiting firm said in a data breach notice sent to impacted individuals that an investigation into an IT outage that caused disruptions on January 20, 2025, revealed that hackers had gained access to its systems. The cybercriminals had access to Manpower's network between December 29, 2024, and January 12, 2025. READ MORE...
The Interlock ransomware gang has flaunted a 43GB haul of files allegedly stolen from the city of Saint Paul, following a late-July cyberattack that forced the Minnesota capital to declare a state of national emergency. The listing on Interlock's dark web leak site, seen by The Register, was published on August 11. It includes samples of what the gang claims are more than 66,000 files stolen from the city of Saint Paul. READ MORE...
Hackers have released stolen data belonging to US insurance giant Allianz Life, exposing 2.8 million records with sensitive information on business partners and customers in ongoing Salesforce data theft attacks. Last month, Allianz Life disclosed that it suffered a data breach when the personal information for the "majority" of its 1.4 million customers was stolen from a third-party, cloud-based CRM system on July 16th. READ MORE...
August 2025 Patch Tuesday advisories have been published by several major companies offering industrial control system (ICS) and other operational technology (OT) solutions. Siemens has published 22 new advisories. One of them is for CVE-2025-40746, a critical Simatic RTLS Locating Manager issue that can be exploited by an authenticated attacker for code execution with System privileges. READ MORE...
Dozens of security advisories were published on Tuesday by Intel, AMD and Nvidia to inform customers about vulnerabilities found recently in their products. Intel has published 34 new advisories this Patch Tuesday. High-severity vulnerabilities have been addressed by the company in Xeon processors, Ethernet drivers for Linux, chipset firmware, processor stream cache, 800 Series Ethernet, PROSet/Wireless, and Connectivity Performance Suite products. READ MORE...
An emerging ransomware actor is using sophisticated techniques in the style of an advanced persistent threat group (APT) to target organizations with customized ransom demands, posing a significant risk to businesses. Charon is a new ransomware family (named for the ferryman from Greek mythology who carried souls across the River Styx to Hades), Trend Micro observed it being deployed in a targeted attack in the Middle East's public sector and aviation industry. READ MORE...
Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released. Tracked as CVE-2025-5777 and referred to as CitrixBleed 2, this out-of-bounds memory read vulnerability results from insufficient input validation, enabling unauthenticated attackers to access restricted memory regions remotely on devices configured as a Gateway or AAA virtual server. READ MORE...
When something goes wrong with an AI assistant, our instinct is to ask it directly: "What happened?" or "Why did you do that?" It's a natural impulse-after all, if a human makes a mistake, we ask them to explain. But with AI models, this approach rarely works, and the urge to ask reveals a fundamental misunderstanding of what these systems are and how they operate. A recent incident with Replit's AI coding assistant perfectly illustrates this problem. READ MORE...