Researchers have shown Intel’s SGX can be bypassed on DDR4 systems, proving that even the toughest security can be cracked with the right tools and a little creativity. Dubbed WireTap, this attack is like the comedy duo of security breaches, working alongside the Battering RAM to expose vulnerabilities in SGX and SEV.

The US Air Force is in hot pursuit of a “privacy-related issue” after a Microsoft SharePoint breach. Rumor has it mission-critical data might be out of reach for service members. Officials are tight-lipped, and SharePoint might be grounded. Stay tuned as the skies clear on this digital mishap!

Meta’s moderation policies claim to allow abortion-related content, yet enforcement often contradicts this, resulting in wrongful content takedowns. To genuinely #StopCensoringAbortion, platforms must commit to transparency, fair enforcement, and effective appeals. It’s time for Meta to ensure their actions align with their promises and support vital discussions on reproductive rights.

Meta’s moderation policies claim to allow abortion-related content, yet enforcement often contradicts this, resulting in wrongful content takedowns. To genuinely #StopCensoringAbortion, platforms must commit to transparency, fair enforcement, and effective appeals. It’s time for Meta to ensure their actions align with their promises and support vital discussions on reproductive rights.

Online privacy isn’t dead; it’s just in a witness protection program. While tech giants work hard to optimize us into ad-consuming machines, we can fight back. With good digital hygiene and small tweaks, we can opt out of their prying eyes. Establish strong passwords and embrace two-factor authentication to boost your online privacy.

F-Droid warns it might close due to Google’s new identity verification for Android developers. While Google claims it’s a security measure, F-Droid believes it’s about tightening control over an open ecosystem. Could this be the beginning of the end for third-party app stores like F-Droid? Stay tuned for the next episode of “As the Apps…

Microsoft 365 companion apps are coming to Windows 11 taskbars near you, complete with Copilot’s AI assistance. The rollout is set for late October 2025. Expect People, Files, and Calendar to pop up, but don’t worry—they can be minimized faster than you can say “context switching!”

WestJet’s data breach was a mile-high disaster, impacting 1.2 million customers. While no credit card numbers were compromised, the hackers did get their hands on personal details, including some travel documents. On the bright side, WestJet is offering two years of free identity theft protection—because nothing says “We care” like free service after the fact!

MatrixPDF is the new villain on the cybercrime block, turning innocent PDFs into data-stealing supervillains. These seemingly harmless files can swipe your login details faster than a caffeine-fueled hacker at a coding marathon. It’s time to treat every PDF like a potential ninja star—handle with caution!

VMware NSX and vCenter updates tackle serious vulnerabilities, including an SMTP header injection bug with an 8.5 CVSS score. Attackers could modify email notifications without admin access. No workarounds exist, so it’s update o’clock. Meanwhile, NSX bugs let attackers play username bingo, making this a must-fix situation for Broadcom.

Executives beware: your “passport scans” might just be a one-way ticket to malwareville! This cunning campaign uses credential-themed ZIP archives packed with Windows shortcut files to download malicious payloads. These files masquerade as .ppt, but instead of boring slides, they deliver DLLs in disguise. Social engineering just got a stealthy upgrade!

Google Drive’s new AI-powered security feature pauses file syncing during ransomware attacks, safeguarding documents. This clever cyber bodyguard won’t block file encryption, but it ensures data stored in Google Drive remains safe and restorable. With ransomware detection toggled on by default, it’s a seamless shield for your digital files.

Allianz Life data breach impacts 1.5 million people, compromising names, addresses, birthdates, and SSNs. Allianz SE remains unaffected. Victims get a free two-year identity theft monitoring service by Kroll. The breach links to the ShinyHunters group via a Salesforce attack. Allianz Life urges vigilance and offers support for affected customers.

The OpenSSL Project has released new versions of its SSL/TLS toolkit, patching three vulnerabilities, including CVE-2025-9231. While two issues are ‘moderate severity,’ only the SM2 algorithm on 64-bit ARM is affected. Meanwhile, the third vulnerability could crash systems, but hey, at least it’s a ‘low severity’ crash!

Microsoft’s Windows 11 Media Creation Tool has thrown a tantrum on Arm64 CPUs. Users are greeted with a cryptic error message, leaving them to ponder life’s other mysteries, like why socks disappear in the laundry. For now, Microsoft suggests using an AMD64 PC for creating Windows bootable installation media.

If you’ve ever wanted to play spy with OneLogin’s Identity and Access Management solution, CVE-2025-59363 might have been your secret ticket. This high-severity flaw could have exposed sensitive OIDC client secrets faster than a magician revealing a rabbit from a hat. Luckily, it was patched before any real-world espionage could unfold.

Detour Dog is back, and this time, they’re not just barking—they’re biting. Infoblox Threat Intel’s research reveals this sneaky cybercrime group has been secretly infecting websites since 2020. Their latest trick? Using DNS hijacking to deliver Strela Stealer malware, making your internet browsing a potential comedy of errors. Stay safe out there!

A security flaw in Red Hat OpenShift AI allows attackers with low privileges to escalate to cluster admin, causing chaos like a toddler with an espresso. Rated 9.9 in severity, this vulnerability demands authenticated access but could lead to full infrastructure control. Time to tighten those permissions, folks!

Zhimin Qian, the mastermind behind China’s largest financial fraud, has pleaded guilty to laundering £5.5 billion in cryptocurrency. This historic case saw 61,000 Bitcoin seized in a dramatic London raid. The UK and China now battle over the billions, proving the UK isn’t a hiding spot for stolen wealth.

Allianz Life, WestJet, and Motility Software Solutions are the latest victims of data breaches, impacting 3.7 million people. Allianz confirmed a breach at a third-party CRM provider, exposing 1.4 million customers. WestJet’s cyberattack impacted 1.2 million, while Motility faced a ransomware attack affecting over 766,000 individuals. Identity protection is offered to all impacted.