A recent analysis from a team at Georgia Institute of Technology and Ruhr University Bochum has unveiled two significant side-channel attacks specifically targeting Apple silicon chips, notably affecting popular web browsers such as Safari and Google Chrome. The attacks have been aptly codenamed Data Speculation Attacks via Load Address Prediction…
Recent reports from the U.S. Treasury Department have identified the North Korea-affiliated Lazarus Group, also referred to as Hidden Cobra, as the entity responsible for the $540 million theft from the Ronin Network, which is associated with the popular video game Axie Infinity. This incident, occurring last month, underscores the…
Agentic AI, Artificial Intelligence & Machine Learning, Governance & Risk Management Identity Security Vendor Enhances AI Governance Tools, Launching MCP Server Defense Michael Novinson (MichaelNovinson) • October 2, 2025 Rishi Bhargava, Co-Founder of Descope (Image: Descope) Descope, an identity security startup, has successfully raised $35 million to enhance its offerings…
Flagstar Bank Faces Class Action Over Data Breaches A proposed class action targeting Flagstar Bank has emerged, alleging that the financial institution failed to adequately safeguard customer and employee data during two significant data breaches. On October 2, 2025, a federal judge in Michigan was approached to grant initial approval…
Recent developments in the cybersecurity landscape have revealed that a new variant of the Mirai botnet, known as Aquabot, is actively targeting a medium-severity vulnerability associated with Mitel IP phones. This vulnerability, identified as CVE-2024-41710, has a CVSS score of 6.8 and involves command injection during the phone’s boot process,…
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an urgent alert regarding a recent surge in social engineering tactics used to propagate IcedID malware and exploit vulnerabilities in the Zimbra email platform. This wave of attacks is primarily focused on extracting sensitive information from targeted users. CERT-UA has…
Cybercrime, Fraud Management & Cybercrime Asahi’s Japan Operations Disrupted by Cyberattack, Production Halted Anviksha More (AnvikshaMore) • October 2, 2025 Image: Shutterstock/ISMG This week, the cybersecurity landscape features significant incidents, notably the FTC’s lawsuit against Sendit for unlawful children’s data collection, another breach involving Harrods, an incident affecting Allianz, and…
Data Compromise Alert from Renault UK Following Cyberattack on Third-Party Provider Renault UK has announced a potential compromise of customer personal data due to a recent cyberattack targeting one of its third-party service providers. In an official communication sent to affected customers, Renault clarified that their own systems remain intact;…
Georgia Tech to Settle Lawsuit Over Cybersecurity Allegations for $875,000 Georgia Tech’s research division has agreed to pay $875,000 to the federal government to resolve a lawsuit alleging violations of cybersecurity regulations related to its contract work for the U.S. Department of Defense. This settlement, announced by the Justice Department,…
