Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Governance & Risk Management Unpatched Devices Since October 2023 Exhibit Vulnerabilities Prajeet Nair (@prajeetspeaks) • November 3, 2025 Image: Anucha Cheechang/Shutterstock The Australian Cyber Security Centre (ACSC) has issued a warning regarding ongoing attacks on unpatched Cisco IOS XE enterprise devices. Cybercriminals…
Toys “R” Us Canada Data Breach Exposes Customer Data on Dark Web A recent security incident has come to light involving Toys “R” Us Canada, where unauthorized access to sensitive customer information has been exposed on the dark web. This breach raises significant concerns about data privacy and security protocols…
VMware has announced important software updates targeting a critical security vulnerability in vCenter Server that previously had patches issued but was determined to remain partially unaddressed. This vulnerability, identified as CVE-2024-38812 with a CVSS score of 9.8, involves a heap-overflow issue within the DCE/RPC protocol implementation. According to Broadcom, which…
On Wednesday, threat intelligence researchers from Google provided an update on four active zero-day vulnerabilities affecting Chrome, Safari, and Internet Explorer, all of which have been exploited by threat actors in various campaigns this year. This report highlights a concerning trend where three of the vulnerabilities were developed by commercial…
In a significant cybersecurity case, a former Amazon employee has been convicted for her involvement in the theft of sensitive personal information from over 100 million individuals during the 2019 Capital One breach. This case underscores the potential vulnerabilities associated with large cloud service providers and the risks businesses face…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Acquisition Enhances AI Protective Measures Against Red-Teaming and Compliance Monitoring Michael Novinson (MichaelNovinson) • November 3, 2025 Adam Geller, Chief Product Officer at Zscaler (Image: Zscaler) Zscaler has recently acquired SPLX, an artificial intelligence security startup, enhancing its capabilities in…
The Office of the Australian Information Commissioner (OAIC) has unveiled its most recent Notifiable Data Breaches (NDB) report and dashboard for January to June 2025. This report reveals that the frequency of reported data breaches is persistently high across both public and private sectors in Australia. The updated dashboard highlights…
Cybersecurity Alert: Malicious npm Packages Target Ethereum Private Keys Recent findings by cybersecurity researchers have revealed a concerning wave of suspicious packages circulating in the npm registry, explicitly crafted to exfiltrate Ethereum private keys and enable unauthorized remote access to victims’ systems using the secure shell (SSH) protocol. This alarming…
Recent investigations have unveiled a robust cyber campaign that initially targeted Myanmar but has since expanded its reach to include numerous organizations in the Philippines. This heightened activity was reported by Russian cybersecurity firm Kaspersky, which first detected these infections back in October 2020. Kaspersky associates this malicious activity with…
