In late September 2025, the call-recording app Neon shot to the top of the Apple App Store—reaching the No. 2 spot in the United States—by offering to pay users for recorded calls and reselling those recordings and transcripts to AI companies. Days after the surge, a critical access-control flaw discovered during media testing allowed authenticated … Read more

Two separate fires in one week at data centers in Daejeon, South Korea, triggered a nationwide disruption of public services in late September and early October 2025. With 647 government systems simultaneously unavailable—including e-government, tax, and postal platforms—officials described the incident as a “digital paralysis,” underscoring structural weaknesses in architecture, backups, and operational risk controls. … Read more

A critical security flaw in the popular Model Context Protocol (MCP) server for Figma, figma-developer-mcp, has been patched after researchers demonstrated a path to remote code execution (RCE). Tracked as CVE-2025-53967 with a CVSS 7.5 score, the vulnerability stemmed from a fallback mechanism that constructed shell commands using untrusted input when Figma API requests failed. … Read more

Anthropic, the UK AI Safety Institute, The Alan Turing Institute, and academic collaborators report that around 250 carefully crafted documents are sufficient to poison the training of large language models (LLMs) so that they produce nonsensical output when a specific trigger appears in a prompt. The effect—a deliberate training-time backdoor that induces denial-of-service (DoS) behavior—was … Read more

Renault and its subsidiary Dacia have notified UK customers about a data breach stemming from a cyberattack on a third‑party supplier. The carmaker said its own IT systems were not compromised and emphasized that banking and payment information was not affected. The incident underscores growing risks from supply chain attacks and the importance of vendor … Read more

The cyber extortion landscape continues to consolidate as criminal crews specialize and collaborate. Scattered Lapsus$ Hunters has claimed responsibility for an extortion campaign targeting Red Hat, publishing alleged samples of stolen materials and threatening a full release if negotiations fail, according to BleepingComputer. Red Hat has acknowledged a compromise of one of its GitLab instances … Read more

Researchers at Trend Micro have identified RondoDox, a rapidly growing IoT botnet that systematically compromises internet-exposed devices using a broad arsenal of known vulnerabilities (n-days) and exploits inspired by Pwn2Own demonstrations. The operators reportedly field 56 vulnerabilities across more than 30 vendors and device classes, spanning DVR/NVR systems, IP cameras, SOHO routers, and web servers. … Read more

Redis has released security updates to address CVE-2025-49844, a CVSS 10.0 vulnerability that has lingered in the codebase for roughly 13 years. The flaw stems from a use-after-free condition reachable through Lua scripting, which is enabled by default in Redis. Successful exploitation allows a sandbox escape and full remote code execution (RCE) on the host … Read more

A critical zero-day vulnerability tracked as CVE-2025-61882 in Oracle E‑Business Suite (EBS) has moved into active exploitation. Industry researchers report the Clop extortion group has been abusing the flaw for data theft and ransom since at least August 2025. Oracle has released an out‑of‑band fix, and administrators are urged to accelerate patch deployment and reduce … Read more

Threat actors are repurposing a legitimate incident response tool to accelerate ransomware operations. According to Cisco Talos, adversaries are deploying an outdated build of the open-source DFIR platform Velociraptor—created by Mike Cohen and maintained by Rapid7—to escalate privileges and orchestrate encryption across Windows and VMware ESXi estates. The campaign blends living-off-the-land tradecraft with abuse of … Read more