Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI
For years, a Russian state-sponsored threat actor has been exploiting an old vulnerability in Cisco networking devices to collect configuration information, Cisco and the FBI warn. Patches for the flaw, tracked as CVE-2018-0171 (CVSS score of 9.8) and impacting the Smart Install (SMI) feature of Cisco's IOS and IOS XE products, were released in March 2018.Russian state-sponsored hackers tracked as Static Tundra continue to target Cisco devices affected by CVE-2018-0171. READ MORE...
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
A 20-year-old Florida man at the center of a prolific cybercrime group known as "Scattered Spider" was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of Palm Coast, Fla. pleaded guilty in April 2025 to charges of wire fraud and conspiracy. Florida prosecutors alleged Urban conspired with others to steal at least $800,000 from five victims via SIM-swapping attacks. READ MORE...
Orange Belgium mega-breach exposes 850K customers to serious fraud
A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks. The telecom company confirmed that data pertaining to 850,000 customer accounts was compromised during an intrusion at the end of July, with the attacker gaining access to sensitive information. The crooks accessed the full names and phone numbers of subscribers, Orange said on Wednesday. READ MORE...
Pharmaceutical firm Inotiv investigating ransomware attack that disrupted operations
The pharmaceutical and biotechnology company Inotiv Inc. is investigating a cyberattack that led to hackers encrypting the firm's data, it said in a filing on Monday with the U.S. Securities and Exchange Commission. The Aug. 8 attack disrupted access to certain data storage and business applications, according to Innotiv. The company said it is working to bring certain systems back online and has moved some operations to offline alternatives in order to maintain business continuity. READ MORE...
Side of Fries With That Bug? Hacker Finds Flaws in McDonald's Staff, Partner Hubs
An ethical hacker who was just trying to get free Chicken McNuggets from McDonald's inadvertently uncovered numerous flaws within the fast-food giant's partner and employee portals that exposed sensitive and confidential data. The hacker, who goes by the online name "BobdaHacker," found a server-side flaw in the McDonald's Feel-Good Design Hub when using the company's customer rewards system to cash in on loyalty points for food, according to a blog post published this week. READ MORE...
URL-based threats become a go-to tactic for cybercriminals
Cybercriminals are using advanced social engineering and AI-generated content to make malicious URLs difficult for users to identify, according to Proofpoint. Whether through email, text messages, or collaboration apps, URL-based threats now dominate the cyber threat landscape. Attackers are not just impersonating trusted brands, they are abusing legitimate services, tricking users with fake error prompts, and bypassing traditional security by embedding threats in QR codes and SMS messages. READ MORE...
Warlock ransomware: What you need to know
Warlock is a ransomware operation that emerged in 2025, combining the traditional "double extortion" tactics of encrypting victims' files so they cannot be accessed, and threatening to release data stolen from the company's network. The Warlock ransomware group seems to have stepped up its attacks in recent months, hitting a number of organisations including government agencies and departments. READ MORE...
'Rapper Bot' hit the Pentagon in at least 3 cyberattacks
The powerful "Rapper Bot" Distributed Denial of Service-for-hire botnet impacted the Department of Defense Information Network (DODIN) in at least three attacks between April and August - when U.S. government authorities gained control of the disruptive malware web, two officials told DefenseScoop. Federal prosecutors in Alaska charged 22-year-old Ethan Foltz on Tuesday for allegedly running the large-scale cyber operation since before or around 2021. READ MORE...
GPT-5 Has a Vulnerability: Its Router Can Send You to Older, Less Safe Models
The new GPT-5 is easy to jailbreak. Researchers have discovered the cause - an SSFR-like flaw in its internal routing mechanism. When you ask GPT-5 a question, the answer may not come from GPT-5. The model includes an initial router that parses the prompt and decides which of the various GPT models to query. It may be the GPT-5 Pro you expect, but it could equally be GPT 3.5, GPT-4o, GPT-5-mini, or GPT-5-nano. READ MORE...
Perplexity's Comet AI browser tricked into buying fake items online
A study looking into agentic AI browsers has found that these emerging tools are vulnerable to both new and old schemes that could make them interact with malicious pages and prompts. Agentic AI browsers can autonomously browse, shop, and manage various online tasks (like handling email, booking tickets, filing forms, or controlling accounts). Perplexity's Comet is currently the primary example of agentic AI browsers. READ MORE...
- ...in 1858, the first of the historical debates between Illinois Senate candidates Abraham Lincoln and Stephen Douglas is held in Ottawa, IL.
- ...in 1911, The Mona Lisa is stolen by an employee of the Louvre. It would not be recovered until two years later.
- ...in 1959, Hawaii becomes the 50th state.
- ...in 1966, The Beatles played at Crosley Field in Cincinnati, with a set list comprised of only 11 songs and lasting 35 minutes. Tickets were $5.
