A fake Leonardo DiCaprio movie torrent is spreading Agent Tesla malware through trusted Windows tools The post Fake ‘Leonardo DiCaprio’ Torrent Spreads Agent Tesla Malware appeared first on TechRepublic. This article has been indexed from Security Archives – TechRepublic Read…
US taps private firms in cyber offensive, Microsoft updates cause queuing failures, phishing campaign delivers Phantom Stealer
US turns to private firms in cyber offensive Microsoft updates cause queuing failures Phishing campaign delivers Phantom stealer Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by…
IT Security News Hourly Summary 2025-12-16 09h : 7 posts
7 posts were published in the last hour 8:2 : Amazon Accidentally Shows Film With ‘Strong Sex’ To Child 8:2 : Critical FortiGate Devices SSO Vulnerabilities Actively Exploited in the Wild 7:32 : Chrome Extension with 6M+ Users Found Collecting…
Amazon Accidentally Shows Film With ‘Strong Sex’ To Child
Amazon found in breach of Ofcom’s rules after showing 15-rated film to children instead of Diary of a Wimpy Kid This article has been indexed from Silicon UK Read the original article: Amazon Accidentally Shows Film With ‘Strong Sex’ To…
Critical FortiGate Devices SSO Vulnerabilities Actively Exploited in the Wild
An active intrusion is targeting critical authentication bypass vulnerabilities in Fortinet’s FortiGate appliances and related products. Threat actors are exploiting CVE-2025-59718 and CVE-2025-59719 to perform unauthenticated single sign-on (SSO) logins via malicious SAML messages, granting attackers administrative access. Fortinet disclosed…
Chrome Extension with 6M+ Users Found Collecting AI Chatbot Inputs
A popular browser extension promoted as a free and secure VPN has been discovered secretly capturing user conversations across multiple AI chatbot platforms including ChatGPT, Claude, Gemini, and Microsoft Copilot raising fresh concerns over privacy and data exploitation in the…
Jaguar Land Rover Confirms August Cyberattack Led to Employee Data Theft
Jaguar Land Rover (JLR) has officially confirmed that a major cyberattack in August resulted in the theft of sensitive personal data belonging to current and former employees. This disclosure marks the luxury automaker’s first public admission regarding the full scope…
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw affects JumpCloud Remote Assist for Windows versions prior to 0.317.0 and…
SantaStealer Malware Steals Sensitive Files, Credentials, and Crypto Wallet Data
Cybersecurity researchers at Rapid7 Labs have uncovered a sophisticated new threat: SantaStealer, a malware-as-a-service information stealer actively promoted on Telegram channels and underground hacker forums. The malware, which recently rebranded from “BluelineStealer,” is scheduled for release before the end of…
Why We’ll Never Patch Everything, and That’s Okay
Why fixing every vulnerability is impossible—and unnecessary. Learn how risk-based vulnerability management prioritizes what to patch, what to defer, and why context matters more than CVSS. The post Why We’ll Never Patch Everything, and That’s Okay appeared first on Security Boulevard. This article has been…
French Interior Minister says hackers breached its email servers
The French interior minister confirmed that a cyberattack breached the Interior Ministry, compromising its email servers. The French Interior Minister Laurent Nunez announced on Friday that threat actors compromised email servers at the Ministry of the Interior. The attack was…
PornHub Breached by ShinyHunters Group and Premium Members’ Data Stolen
The notorious hacking collective ShinyHunters has claimed responsibility for a major data breach at Mixpanel, a popular analytics provider, exposing limited user data tied to Pornhub Premium accounts. The incident, which has only affected select Premium subscribers, has raised concerns…
The messy data trails of telehealth are becoming a security nightmare
In this Help Net Security interview, Scott Bachand, CIO/CISO at Ro, discusses how telehealth reshapes the flow of patient data and what that means for security. He explains why organizations must strengthen data classification and visibility as systems and vendors…
Google to Shut Down Dark Web Monitoring Tool in February 2026
Google has announced that it’s discontinuing its dark web report tool in February 2026, less than two years after it was launched as a way for users to monitor if their personal information is found on the dark web. To…
How to Sign a Windows App with Electron Builder?
You’ve spent weeks, maybe months, crafting your dream Electron app. The UI looks clean, the features work flawlessly, and you finally hit that Build button. Excited, you send the installer to your friend for testing. You’re expecting a “Wow, this…
AI might be the answer for better phishing resilience
Phishing is still a go-to tactic for attackers, which is why even small gains in user training are worth noticing. A recent research project from the University of Bari looked at whether LLMs can produce training that helps people spot…
PwC on using AI to turn cybersecurity risk into competitive advantage
PwC supports clients across the full cyber lifecycle Sponsored Post Managing cybersecurity risk has never been simple, but in today’s threat landscape it can also become a source of strength. PwC believes that AI is now central to that transformation,…
Passwordless is finally happening, and users barely notice
Security teams know the strain that comes from tightening authentication controls while keeping users productive. A new report from Okta suggests this strain is easing. Stronger authentication methods are gaining traction, and many of them let users move through sign…
Product showcase: GlassWire mobile firewall for Android
GlassWire is a free network monitoring and security application for Windows and Android. It lets you see how your system communicates over the internet and local network. The Windows version also offers a Premium tier with advanced features, while the…
No, SoundCloud hasn’t started tuning out VPNs. It’s mopping up after a cyberattack
Bum note for 20 percent of users whose data leaked Music hosting and streaming service SoundCloud has admitted it suffered a cyberattack.… This article has been indexed from The Register – Security Read the original article: No, SoundCloud hasn’t started…
IT Security News Hourly Summary 2025-12-16 06h : 1 posts
1 posts were published in the last hour 5:2 : Cybersecurity jobs available right now: December 16, 2025
Cybersecurity jobs available right now: December 16, 2025
Cybersecurity Senior Manager Grant Thornton | USA | On-site – View job details As a Cybersecurity Senior Manager, you will lead and perform cybersecurity assessments, including capability, threat and risk, architecture, compliance, and configuration reviews. You will oversee technical security…
AI-powered threat detection for MCP data manipulation attempts
Explore how AI-driven threat detection can secure Model Context Protocol (MCP) deployments from data manipulation attempts, with a focus on post-quantum security. The post AI-powered threat detection for MCP data manipulation attempts appeared first on Security Boulevard. This article has…
IT Security News Hourly Summary 2025-12-16 03h : 1 posts
1 posts were published in the last hour 2:2 : ISC Stormcast For Tuesday, December 16th, 2025 https://isc.sans.edu/podcastdetail/9740, (Tue, Dec 16th)