Discord confirms a security incident involving a third-party breach. Personal data of users who recently contacted customer support, such as names and email addresses, were exposed. Despite the unsettling data theft, Discord assured users that full credit card numbers and passwords remain secure. Stay alert for potential phishing attempts following this Discord data breach.

CISA adds a mix of high-tech potholes to its Known Exploited Vulnerabilities catalog, including Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws. It’s like a cybersecurity scavenger hunt, but the only prize is not getting hacked. Agencies have until October 23, 2025, to patch the digital potholes.

Brace yourselves, IT folks! A surge in suspicious scans is rattling Palo Alto Networks login portals. Cybersecurity firm GreyNoise reports a whopping 500% rise in IP addresses homing in on GlobalProtect and PAN-OS profiles. If your system were a cat, it would definitely be hissing by now! Keep those firewalls purring.

OpenAI is rolling out ChatGPT Go, a wallet-friendly option for developing countries. Priced at $4, it includes features from the $20 Plus plan, minus some advanced perks. Now available in Indonesia, Malaysia, Philippines, Thailand, and Vietnam, ChatGPT Go is expanding its comedic reach like a stand-up tour across Asia.

CometJacking is the latest attack targeting Perplexity’s agentic AI browser, Comet, using sneaky links to hijack data. Think of it as a digital pickpocket that turns your browser from a trusty co-pilot into a cunning insider threat. It’s a reminder that AI-native tools can be as trustworthy as a cat guarding a fish market.

Free mobile VPN apps might promise privacy, but new research by Zimperium zLabs reveals they often serve up data risks instead. Their flaws range from outdated software to excessive permissions and lack of transparency, making them more akin to digital peeping Toms than privacy protectors. So much for free security—it’s like hiring a fox to…

Hackers have breached a third-party Discord customer service provider, swiping payment info and personal data from some users. This ransomware attack left users exposed, with sensitive details like real names, emails, and even ID photos compromised. Discord quickly isolated the provider, but the hackers demanded a ransom for not leaking the stolen information.

GreyNoise detected a whopping 500% increase in IP addresses scanning Palo Alto Networks login portals! With 93% labeled suspicious and 7% malicious, the scanners are having a field day. GreyNoise noted this Palo Alto surge shares characteristics with recent Cisco ASA scanning. Make sure your software is up to date, folks!

ICEBlock, an app designed to anonymously report immigration enforcement sightings, has been removed from the Apple App Store under DOJ pressure. Apple claims the app violated policies on objectionable content. Legal experts argue ICEBlock is protected free speech. The app’s removal follows a broader trend of government influence over tech platforms.

ShinyHunters and their chaotic crew have dropped a bombshell—a data leak site on the TOR network. This digital pandemonium targets 39 companies, exploiting Salesforce vulnerabilities. From Google to Qantas, no one’s safe from the “Trinity of Chaos.” They’ve got the goods, but thankfully, no passwords. Just a whole lot of PII.

ProSpy and ToSpy are the latest cyber villains impersonating Signal and ToTok apps to pilfer data from unsuspecting users in the UAE. These sneaky malware campaigns lure users via fake websites, proving once again that downloading apps from unofficial sources is like inviting a vampire into your digital home.

Algorithmic management is turning workplaces into spy movies, but without the cool gadgets. Enter the EU’s Platform Work Directive, giving workers a shot at fair treatment. But rights on paper aren’t enough! Unions need to embrace tech-savvy tactics, like “counter apps,” because even in the digital age, the real fight starts offline.

Tile Bluetooth trackers have a security flaw that turns them into the perfect sidekick for stalkers. While Apple, Google, and Samsung encrypt and rotate MAC addresses like they’re in a dance-off, Tile misses a beat. Instead of just finding lost keys, these trackers could help you find something you weren’t looking for—trouble.

Detour Dog is turning the cyber world into its own personal dog park, fetching malware like Strela Stealer through DNS channels. Infoblox has been tracking this pup’s tricks since 2023, noting its shift from scam artist to malware mogul. Now, it’s using WordPress sites like chew toys, spreading chaos like kibble at a puppy party.

Salesforce, beware! The Scattered Lapsus$ Hunters claim to have breached your defenses, with nearly a billion records on the line. As the October 2025 deadline looms, they’re inviting law firms to join the party. Is it a ransom demand or just a creative way to ask for a chat? Stay tuned for more plot twists!

Signal has introduced the Sparse Post-Quantum Ratchet (SPQR) to tackle quantum threats. This innovative cryptographic component ups the ante by continuously updating encryption keys, ensuring your messages remain more secure than a top-secret cookie recipe. With SPQR, Signal’s already strong encryption goes from double to triple ratchet, providing hybrid security.

Rhadamanthys has gone from cybercrime forum post to a full-blown malware-as-a-service business. Now it’s not just stealing data but also fingerprints and cryptocurrency wallet seed phrases. For $299 a month, you too can own a piece of this sneaky software pie. Just remember, with great malware comes great responsibility—or at least a hefty price tag.

Bitsight has sounded the alarm on the unforgivable exposure of ICS/OT systems, as their vulnerability skyrockets. With exposed devices jumping by 12% in 2024, the real-world risk is palpable. From stalling pumps to flickering lights, the report warns: this isn’t just theory. Time to patch up before the lights go out!

The Stop Censoring Abortion campaign reveals social media platforms are unintentionally turning into digital mime artists—silencing content on abortion with baffling consistency. As users share factual information, platforms like Meta and TikTok respond with the subtlety of a bull in a china shop, misclassifying content and causing chaos in the reproductive rights arena.

Renault and Dacia customers in the UK have had sensitive data exposed in a third-party data breach. While your VIN might now be famous, the good news is your bank account info is still as secretive as the Colonel’s chicken recipe. Stay vigilant; cybercriminals love a phishing trip more than a summer cruise.