OpenAI is finally rolling out a toggle that allows you to decide how hard the GPT-5-thinking model can think. This feature is rolling out to Plus and Pro subscribers. […]
UK arrests ‘Scattered Spider’ teens linked to Transport for London hack
Two teenagers, believed to be linked to the August 2024 cyberattack on Transport for London, have been arrested in the United Kingdom. […]
SystemBC malware turns infected VPS systems into proxy highway
The operators of the SystemBC proxy botnet are hunting for vulnerable commercial virtual private servers (VPS) and maintain an average of 1,500 bots every day that provide a highway for malicious traffic. […]
ChatGPT Deep Research Targeted in Server-Side Data Theft Attack
OpenAI has fixed this zero-click attack method called by researchers ShadowLeak.
The post ChatGPT Deep Research Targeted in Server-Side Data Theft Attack appeared first on SecurityWeek.
SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers
SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts.
The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat actors accessed backup firewall preference files stored in the cloud for less than 5% of its
The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat actors accessed backup firewall preference files stored in the cloud for less than 5% of its
Target-rich environment: Why Microsoft 365 has become the biggest risk
Microsoft 365’s dominance and tight integration makes it a massive target in today’s cyber landscape. Its tight integration expands the attack surface and amplifies risk. Learn from Acronis TRU why backup blind spots & lateral movement risks demand stronger defenses. […]
Notepad gets free AI features on Copilot+ PCs with Windows 11
Microsoft is adding free AI-powered text writing capabilities to Notepad for customers with Copilot+ PCs running Windows 11. […]
PyPI invalidates tokens stolen in GhostAction supply chain attack
The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early September, confirming that the threat actors didn’t abuse them to publish malware. […]
CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader
Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known as PureHVNC RAT.
“CountLoader is being used either as part of an Initial Access Broker’s (IAB) toolset or by a ransomware affiliate with ties to the LockBit,
“CountLoader is being used either as part of an Initial Access Broker’s (IAB) toolset or by a ransomware affiliate with ties to the LockBit,
Watch Now: Attack Surface Management Summit – All Sessions Available
Videos from SecurityWeek’s Attack Surface Management Virtual Summit are now available to watch on demand.
The post Watch Now: Attack Surface Management Summit – All Sessions Available appeared first on SecurityWeek.