Tag: News

‘Gentlemen’ Ransomware Abuses Vulnerable Driver to Kill Security Gear Summary The Gentlemen ransomware gang is weaponising a vulnerable, signed kernel driver (ThrottleStop.sys) — renamed in attacks as ThrottleBlood.sys — to disable antivirus and EDR products. Trend Micro analysis shows the group uses a bring-your-own-vulnerable-driver (BYOVD) technique together with AV‑killer binaries (All.exe and customised Allpatch2.exe) and […]

Apple CarPlay RCE Exploit Left Unaddressed in Most Cars Summary Researchers disclosed a buffer‑overflow vulnerability in Apple CarPlay (CVE-2025-24132) that can lead to root remote code execution (RCE) via the AirPlay SDK. Although Apple released a patch months ago, most carmakers and many vendors have not rolled the fix out to vehicles. The flaw can […]

Chinese Hackers Allegedly Pose as US Lawmaker Summary US lawmakers say China-backed threat actors impersonated Representative John Moolenaar in spear-phishing emails aimed at trusted targets involved in high-level US–China trade engagements. The House Select Committee on China published a notice on 8 September describing an ongoing, highly targeted cyberespionage campaign that used impersonation and abused […]

Students Pose Inside Threat to Education Sector Summary K-12 schools face not only external attacks from ransomware gangs but also a steady stream of insider incidents originating from students. Many pupils, raised with devices and easy access to information, experiment with hacking — from changing grades to probing school systems — often out of curiosity […]

AI-Enhanced Malware Sports Super-Stealthy Tactics Summary Security researchers have identified a fast-moving campaign tracked as “EvilAI” that hides malware inside seemingly legitimate AI- and productivity-style apps. The operation has infected hundreds of organisations across multiple sectors and countries by using professionally built interfaces, genuine-feeling features and digitally signed binaries from newly created companies to evade […]

Cyberattack on Kazakhstan’s Largest Oil Company Was ‘Simulation’ Summary Researchers first reported what looked like a Russian APT campaign targeting Kazakhstan’s biggest oil company, KazMunayGas (KMG), and dubbed the actor “Noisy Bear.” Seqrite Labs described a convincing phishing chain: a compromised finance email, a ZIP containing a decoy and a malicious .LNK file, a PowerShell […]

The Quiet Revolution in Kubernetes Security Summary This commentary examines how traditional host operating systems undermine Kubernetes security and highlights Talos Linux as a purpose-built alternative. The article argues that using full-featured, mutable Linux distributions (Ubuntu, CentOS, RHEL) for Kubernetes hosts preserves legacy assumptions — shells, SSH, mutable filesystems — that inflate attack surface and […]

Vidar Infostealer Back With a Vengeance Summary Researchers at Aryaka have uncovered a fresh Vidar campaign showing that the long‑running Vidar infostealer has evolved with stronger stealth and persistence. First seen in 2018, Vidar remains an infostealer-as-a-service used to harvest credentials, cookies, tokens and financial data. The latest strain adds encrypted C2, Living‑off‑the‑Land binaries (LOLBins), […]

‘K2 Think’ AI Model Jailbroken Mere Hours After Release Summary K2 Think, a new 32-billion-parameter reasoning model developed by MBZUAI and G42, was released publicly on 9 September 2025. Within hours a researcher from Adversa AI, Alex Polyakov, demonstrated a jailbreak by exploiting a vulnerability dubbed “Partial Prompt Leaking.” The model purposely exposes rich, plaintext […]

Microsoft’s exec addresses protests over ties to Israeli military Summary Microsoft President Brad Smith defended the company’s decision to fire employees who occupied his office during Gaza-related protests, saying trespass and property barricading are unacceptable conduct for staff. He told employees that those who broke into and occupied offices could not remain employed at Microsoft. […]