Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October. […]
New SantaStealer malware steals data from browsers, crypto wallets
A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection. […]
PornHub extorted after hackers steal Premium member activity data
Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach. […]
Ongoing SoundCloud issue blocks VPN users with 403 server error
Users accessing the SoundCloud audio streaming platform through a virtual private network (VPN) connection are denied access to the service and see a 403 ‘forbidden’ error. […]
Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
A Google Chrome extension with a “Featured” badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence (AI)-powered chatbots like OpenAI ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSeek, Google Gemini, xAI Grok, Meta AI, and Perplexity.
The extension in question is Urban VPN Proxy, which has a 4.7 rating on the Google Chrome
The extension in question is Urban VPN Proxy, which has a 4.7 rating on the Google Chrome
Militant Groups Are Experimenting With AI, and the Risks Are Expected to Grow
AI can be used by extremist groups to pump out propaganda or deepfakes at scale, widening their reach and expanding their influence.
The post Militant Groups Are Experimenting With AI, and the Risks Are Expected to Grow appeared first on SecurityWeek.
700Credit data breach impacts 5.8 million vehicle dealership customers
700Credit, a U.S.-based financial services and fintech company, will start notifying more than 5.8 million people that their personal information has been exposed in a data breach incident. […]
2025’s Top Phishing Trends and What They Mean for Your Security Strategy
Phishing attacks in 2025 increasingly moved beyond email, with attackers using social platforms, search ads, and browser-based techniques to bypass MFA and steal sessions. Push Security outlines key phishing trends and what security teams must know as identity-based attacks continue to evolve in 2026. […]
Microsoft: Recent Windows updates break VPN access for WSL users
Microsoft says that recent Windows 11 security updates are causing VPN networking failures for enterprise users running Windows Subsystem for Linux. […]
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations.
The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below –
The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below –
CVE-2025-61675 (CVSS score: 8.6) – Numerous