September 2025

Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug

Outside experts say the vulnerability has probably already been exploited Budding ransomware crooks have another shot at exploiting Fortra's GoAnywhere MFT product now that a new 10/10 severity vulnerability needs patching.…

Scattered Spider teen cuffed after buying games and meals with extortion bitcoin

Bad opsec Thalha Jubair, one of the two UK teens arrested on Tuesday and accused of being members of the notorious Scattered Spider cybercrime gang, allegedly played a role in bilking more than 100 organizations out of at least $115 million in ransom payments. The cops nabbed him…

One token to pwn them all: Entra ID bug could have granted access to every tenant

Until Microsoft lobbed it into a virtual volcano A security researcher claims to have found a flaw that could have handed him the keys to almost every Entra ID tenant worldwide.…

OpenAI plugs ShadowLeak bug in ChatGPT that let miscreants raid inboxes

Radware says flaw enabled hidden email prompts to trick Deep Research agent into exfiltrating sensitive data ChatGPT's research assistant sprung a leak – since patched – that let attackers steal Gmail secrets with just a single carefully crafted email.…

Crims bust through SonicWall to grab sensitive config data

Vendor pulls plug on cloud backup feature, urges admins to reset passwords and re-secure devices SonicWall is telling some customers to reset passwords after attackers broke into its cloud backup service and accessed firewall configuration data.…

Cybercriminals pwn 850k+ Americans’ healthcare data

Three US medical centers fess up to serious breaches Cybercriminals broke in and stole nearly a million Americans' data in the space of a week, in the course of three digital burglaries at healthcare providers.…

Two ‘Scattered Spider’ teens charged over attack on London’s transport network

Decisive action comes nearly a year after the attack and first arrest took place Two teenagers are set to appear in court today after being charged with offences related to the cyberattack on Transport for London (TfL) in August 2024.…

Cloudflare DDoSed itself with React useEffect hook blunder

Dashboard loop caused API outage that was hard to troubleshoot Cloudflare has confessed to a coding error using a React useEffect hook, notorious for being problematic if not handled carefully, that caused an outage for the platform's dashboard and many of its APIs.…

Insight Partners confirms ransomware hit, more than 12,000 caught in data dragnet

VC giant rebuilt boxes, patched holes, and says it’s beefed up security – but won’t say who did it Venture capital giant Insight Partners has confirmed that a January ransomware attack compromised the personal data of more than 12,000 people, including employees, former staff, and the firm's usually-secretive…

Axiom Space aims for orbit with its Orbital Data Center Node

But will the International Space Station still be there to host its node? Axiom Space and Spacebilt have announced plans to add optically interconnected Orbital Data Center (ODC) infrastructure to the International Space Station (ISS).…

Copyright © 2026 Lugapel