Cisco issues urgent patch for actively exploited IOS and IOS XE zero-day Summary of the advisory Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is being actively exploited in the wild. Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco…
One Weak Password Ended a 158-Year-Old Logistics Firm The incident in brief KNP Logistics Group, a company with roots stretching back 158 years and formerly known as Knights of Old, has ceased operations after an incident tied to a single compromised or weak password. The business had built a substantial transport operation over its lifetime,…
BadIIS SEO-Poisoning Campaign Redirects Traffic and Installs Web Shells in Vietnam and Southeast Asia Summary of the discovery Cybersecurity researchers have identified an SEO poisoning campaign that uses malicious search-result manipulation to infect or redirect visitors and then deploy a malware family dubbed “BadIIS.” The activity, tracked by Palo Alto Networks Unit 42 as CL-UNK-1037…
Microsoft begins Windows 11 beta rollout of AI-powered Gaming Copilot Overview of the rollout Microsoft has started a staged beta rollout of Gaming Copilot to Windows 11 PCs. The company is making the beta available to users aged 18 or older, but the rollout explicitly excludes devices located in mainland China. Microsoft has begun rolling…
Microsoft Begins Beta Rollout of Gaming Copilot for Windows 11 PCs Overview of the rollout Microsoft has started a beta rollout of Gaming Copilot to Windows 11 systems. The initial deployment is limited to users who are 18 years or older and excludes availability in mainland China. Microsoft’s announcement positions the release as an expansion…
UNC1549 Campaign Compromises 34 Devices at 11 European Telecom Firms Using LinkedIn Job Lures and MINIBIKE Malware Summary Security researchers have attributed a recent espionage campaign targeting European telecommunications companies to the cluster known as UNC1549. According to reporting by thehackernews.com and tracking by Swiss cybersecurity firm PRODAFT, the actor (tracked by PRODAFT as “Subtle…
Automating Alert Triage with AI Agents and Confluence SOPs Using Tines Summary of the workflow The workflow highlighted by Tines automates security alert triage by using AI-driven agents to identify the correct Standard Operating Procedures (SOPs) documented in Confluence, and then executing the appropriate response steps through the platform. The underlying Tines library — maintained…
OpenAI adds user control over GPT‑5 “thinking” depth for Plus and Pro subscribers What OpenAI announced OpenAI has begun rolling out a new toggle that lets users select how “hard” the GPT‑5‑thinking model should work on a given prompt. The feature is being made available to ChatGPT Plus and Pro subscribers, enabling users to adjust…
SonicWall Urges Password Resets After Cloud Backup Files Accessed in MySonicWall Breach Incident summary SonicWall has notified customers that it detected suspicious activity targeting its cloud backup service for firewalls and that unknown threat actors accessed firewall configuration backup files stored in the cloud for less than 5% of MySonicWall accounts. The vendor has urged…
CountLoader: New Multi‑Version Loader Fuels Russian Ransomware Operations Overview of the discovery Security researchers have identified a new malware loader, tracked as “CountLoader,” that is being used by Russian-affiliated threat actors to deliver post‑exploitation tools and remote access malware. According to published reporting, CountLoader has been observed distributing Cobalt Strike, AdaptixC2, and a remote access…