Prosper, one of the oldest U.S. peer‑to‑peer lending platforms, is investigating a significant data breach after detecting unauthorized database queries on September 2, 2025. The company has confirmed exposure of customer data including Social Security numbers (SSNs), while Have I Been Pwned (HIBP) reports a dataset containing 17.6 million unique email addresses, intensifying concerns over … Read more

Microsoft has changed how the File Explorer preview pane behaves in Windows, closing a low‑interaction path to NTLM credential exposure. Beginning with updates released on October 14, 2025, preview rendering is automatically disabled for files that originate from the Internet or reside in locations treated as untrusted network zones, reducing the chance of NTLM hash … Read more

A widespread incident in AWS’s US-EAST-1 region triggered cascading service disruptions and exposed systemic weaknesses in cloud-dependent consumer IoT. Among the affected products were Eight Sleep smart beds—premium devices whose key features temporarily failed when cloud services became unreachable. AWS US-EAST-1 outage: impact on smart beds and critical functions Regional outages in US-EAST-1 often propagate … Read more

Microsoft has shipped fixes for a critical vulnerability in the Kestrel web server used by ASP.NET Core, tracked as CVE-2025-55315 and rated CVSS 9.9. The flaw enables HTTP request smuggling under specific conditions, allowing an attacker to slip a hidden request past a frontend proxy or load balancer. Successful exploitation can result in credential theft, … Read more

A US federal court in the Northern District of California has issued a permanent injunction against Israeli spyware developer NSO Group in the WhatsApp case brought by Meta. The order requires NSO to halt any targeting of WhatsApp users, cease attempts to compromise devices or intercept messages, and delete data previously obtained through such activities. … Read more

European law enforcement has dismantled a large-scale SIM-farm ecosystem in an operation codenamed SIMCARTEL, disrupting a global pipeline for phishing, investment fraud, extortion, marketplace scams, and mass creation of fake accounts. According to Europol, the criminal infrastructure comprised roughly 1,200 SIM-boxes and 40,000 SIM cards, enabling industrialized telecom abuse across multiple regions. Scale of the … Read more

Koi Security has documented a significant software supply chain attack in the Visual Studio Code ecosystem. A self-propagating malware dubbed GlassWorm was inserted into multiple extensions hosted on OpenVSX and the official Visual Studio Code Marketplace, leading to at least 35,800 installs. The campaign leveraged stolen developer credentials to ship trojanized updates, highlighting systemic risks … Read more

Security researchers at Kaspersky identified a malicious npm package, https-proxy-utils, masquerading as a proxy utility and abusing npm lifecycle scripts to deploy AdaptixC2 across Windows, macOS, and Linux. Although the package has been removed from npm, the incident highlights persistent weaknesses in open-source software supply chains and the growing abuse of post‑install hooks to gain … Read more

Security researchers at Edera have disclosed a critical logic flaw in the abandoned Rust library async‑tar and multiple forks, including the widely used tokio‑tar. Tracked as CVE‑2025‑62518 and dubbed TARmageddon, the vulnerability allows an unauthenticated attacker to inject arbitrary records into a TAR archive stream during extraction, which can lead to remote code execution (RCE) … Read more

A newly observed campaign by the PassiveNeuron threat actor underscores a strategic pivot toward server-side targets. According to Kaspersky’s Global Research & Analysis Team, the activity ran from December 2024 through August 2025, striking government, financial, and industrial organizations across Asia, Africa, and Latin America. The distinguishing feature: a sustained focus on Windows Server and … Read more