September 2025

Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign

Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the globe between June 2024 and July 2025, exploiting buggy internet-facing appliances to deploy…

Alibaba unveils $53B global AI plan – but it will need GPUs to back it up

Chinese giant maps out datacenters across Europe and beyond, yet US chip curbs cast a long shadow Analysis  Alibaba this week opened an AI war chest containing tens of billions of dollars, a revamped LLM lineup, and plans for AI datacenters in Europe. But it also prompted a…

Cyber threat-sharing law set to shut down, along with US government

Act passed in 2015 is due to lapse unless a continuing resolution passes - and that's unlikely Barring a last-minute deal, the US federal government would shut down on Wednesday, October 1, and the 2015 Cybersecurity Information Sharing Act would lapse at the same time, threatening what many…

Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects

Upgraded nasty slips into Xcode builds, steals crypto, and disables macOS defenses The long-running XCSSET malware strain has evolved again, with Microsoft warning of a new macOS variant that expands its bag of tricks while continuing to target developers.…

Salesforce facing multiple lawsuits after Salesloft breach

CRM giant denies security shortcomings as claims allege stolen data used for ID theft Salesforce is facing a wave of lawsuits in the wake of a cyberattack that exposed customer data.…

‘An attacker’s playground:’ Crims exploit GoAnywhere perfect-10 bug

Researchers say tens of thousands of instances remain publicly reachable Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra's GoAnywhere managed file transfer (MFT), and chastised the vendor for a lack of transparency.…

LockBit’s new variant is ‘most dangerous yet,’ hitting Windows, Linux and VMware ESXi

Operation Cronos didn’t kill LockBit – it just came back meaner Trend Micro has sounded the alarm over the new LockBit 5.0 ransomware strain, which it warns is "significantly more dangerous" than past versions due to its newfound ability to simultaneously target Windows, Linux, and VMware ESXi environments. …

Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales

More fun with AI agents and their security holes A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers who published a proof-of-concept attack on Thursday. They were aided by an expired trusted domain that…

Callous crims break into preschool network, publish toddlers’ data

Images of toddlers and home addresses leaked in reprehensible landmark attack A cyber criminal crew has targeted Kido International, a preschool and daycare organization, leaking sensitive details about its pupils and their parents.…

Zero-day deja vu as another Cisco IOS bug comes under attack

The latest in a run of serious networking bugs gives attackers root if they have SNMP access Cisco has confirmed a new IOS and IOS XE zero-day, the latest in a string of flaws that attackers have been quick to weaponize.…

Copyright © 2026 Lugapel