Roughly one-third of the Cybersecurity and Infrastructure Security Agency's workforce will stay on the job if the federal government shuts down on Wednesday, according to newly published guidance. "CISA estimates 889 employees as the total number excepted and estimated to be retained during a lapse in appropriations," the Department of Homeland Security said in its shutdown plan document, which it published over the weekend. READ MORE...
Japanese brewing giant Asahi Group Holdings on Monday announced that its operations in the country have been disrupted by a cyberattack. The incident, the company said, resulted in system failures that affected orders and shipments at all its subsidiaries in the country, as well as call center operations, customer service desks included. Reuters reported that production at some of Asahi's 30 domestic factories has been suspended due to the cyberattack. READ MORE...
Authorities arrested 260 cybercrime suspects during a two-week operation spanning 14 African countries, Interpol announced Friday. The globally coordinated summertime crackdown dubbed "Operation Contender 3.0" targeted criminal networks that facilitated romance scams and sextortion, officials said. Interpol said total losses attributed to the scam syndicates amounted to about $2.8 million, involving almost 1,500 victims. READ MORE...
As vishing becomes more frequently used amongst threat actors, researchers have discovered that AI-generated voice clones from as little as five minutes of recorded audio are well on the rise. NCC Group's research team has explored how voice impersonation using AI allows for classic social engineering attacks to become even more refined, blurring the lines of what is real and what is simulated. READ MORE...
Apple has released important security updates to address a critical vulnerability in FontParser-the part of MacOS/iOS/iPadOS that processes fonts. Identified as CVE-2025-43400, the flaw was discovered internally by Apple and allows an attacker to craft a malicious font that can cause apps to crash or corrupt process memory, potentially leading to arbitrary code execution. While Apple hasn't said it's being actively exploited, similar bugs have been used in attacks in the past. READ MORE...
Broadcom on Monday announced patches for six vulnerabilities affecting VMware Aria Operations, NSX, vCenter, and VMware Tools products, including four high-severity flaws. Both Aria Operations and VMware Tools are impacted by a high-severity local privilege escalation bug tracked as CVE-2025-41244. Patches have also been rolled out for a medium-severity issue in VMware Aria Operations that could allow attackers to disclose the credentials of other users. READ MORE...
The Metropolitan Police has secured a conviction in what is believed to be the world's largest cryptocurrency seizure, valued at more than £5.5 billion ($7.3 billion). Zhimin Qian, 47, also known as Yadi Zhang, pleaded guilty today at Southwark Crown Court to acquiring and possessing criminal property under the Proceeds of Crime Act. Police said she conducted a multibillion-pound fraudulent Bitcoin scheme that defrauded more than 128,000 victims in China between 2014 and 2017. READ MORE...
Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, describing it as "an inclusion of functionality from untrusted control sphere." CISA has given federal agencies until October 20 to apply the official mitigations. READ MORE...