Globetrotting cybersecurity agencies have united to offer new asset inventory guidance for OT organizations, helping them keep track of their systems like a hawk with a clipboard. From asset inventories to SBOMs, these documents aim to ensure organizations can manage risks and outsmart those pesky ransomware groups with a touch of humor and a lot…

John Flynn’s journey to becoming DeepMind’s VP of Security reads like an action-packed thriller. From hacking games as a kid to dodging tear gas in schoolyards, Flynn’s background in cybersecurity is as colorful as it is impressive. His obsession with computers and a knack for problem-solving have made him a key player in navigating the…

California Governor Gavin Newsom signed a groundbreaking AI regulation law to prevent dangerous uses like creating bioweapons. While federal action lags, California leads the charge in AI oversight, balancing innovation with safety. The law requires AI firms to disclose safety protocols and report critical incidents, reinforcing California as a tech regulation trailblazer.

Google wants you to start using passkeys, aiming for a passwordless future. While Google Password Manager can store and sync them, setting up and managing passkeys can feel like trying to assemble IKEA furniture blindfolded. For a smoother experience, consider a third-party password manager. After all, who doesn’t love a little digital freedom?

Broadcom announced patches for six vulnerabilities in VMware products, including high-severity local privilege escalation bugs impacting VMware Tools and Aria Operations. Users should update to the latest versions to avoid potential unauthorized access, because nobody wants their VM to become a Very Messy affair!

Apple’s latest iOS and macOS security updates tackle a bug that could turn your device into a drama queen, crashing apps with a malicious font. Dubbed CVE-2025-43400, this flaw isn’t starring in any wild exploits yet, but updating to iOS 26.0.1 can keep your tech tantrum-free.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog. These vulnerabilities, from deserialization issues to command injections, are the cyber equivalent of leaving your front door wide open with a “Welcome Hackers” sign.

Asahi, the Japanese brewing titan, faced a cyberattack causing system failures that disrupted orders, shipments, and call centers. While production at some factories halted, personal data remains secure. The company is investigating but hasn’t set a recovery timeline. Asahi’s market share makes this disruption particularly costly.

Asahi faces a frothy challenge as a cyber-attack halts operations in Japan, prompting a major financial hangover. While Asahi’s beer flows may be on pause, their sense of humor isn’t: “We’re actively investigating, but no timeline for recovery.” Meanwhile, customers are advised to keep an eye out for any unexpected data spills. Cheers to cybersecurity!

Datzbro, a newly discovered Android banking trojan, targets the elderly by exploiting their interest in social activities. Disguised as a community app, it conducts device takeover attacks and commits financial fraud. With its ability to capture credentials and hide malicious activity, Datzbro proves that even the friendliest Facebook group could have a sinister side.

Japan’s brewing giant, Asahi, has hit a frothy snag, suspending operations after a cyberattack foamed over its ordering, shipping, and customer service. While there are no confirmed data leaks, thirsty fans may need to find another brew to sip on for now. Cheers to cybersecurity hiccups!

Cybercriminals are now wielding AI like a supervillain’s tool, crafting phishing scams that even Sherlock Holmes might miss. Microsoft detected and foiled a credential phishing campaign using Large Language Models. As attackers increasingly rely on AI, security teams must adapt and innovate to keep one step ahead in this digital duel.

Smile! UK cops are rolling out live facial recognition technology, making it easier than ever to spot a criminal—or misidentify someone as one. While the tech has led to arrests, experts warn it’s not foolproof, especially for people of color. It’s like a dystopian sci-fi movie, but with more paperwork.

Cybersecurity budgets in the UK are hitting the brakes while job prospects rev up. A new CIISec poll shows only 5% think budgets match threats, yet a whopping 78% feel their job outlook is rosy. With people being the main hurdle, it seems the real security threat is running out of coffee in meetings!

Zhimin Qian’s Bitcoin blunder busted by London’s Metropolitan Police! After a lengthy game of hide-and-seek spanning continents, Qian was nabbed for a record-breaking Bitcoin seizure and a landmark conviction. Her partner-in-crime, Jian Wen, had already checked into the slammer, ensuring this crypto caper had a less-than-profitable conclusion.

A Chinese national, Zhimin Qian, was convicted in the U.K. for a cryptocurrency scam, leading to a record £5.5 billion Bitcoin seizure. Fleeing China with fake IDs, she tried laundering proceeds through real estate. Meanwhile, INTERPOL’s Contender 3.0 nabbed 260 suspects in Africa for romance scams and sextortion. Cryptocurrency scheme chaos!

Scattered Spider and pals are back, shattering any dreams of early retirement! Resecurity reports their global cybercrime wave is causing chaos in industries from aviation to retail. Keep your firewall strong and your passwords stronger, because the Trinity of Chaos might be closer than you think!

CISA warns the Sudo vulnerability CVE-2025-32463 is now the hottest ticket in town for hackers. This bug lets any user play admin without a backstage pass! Linux and macOS admins, patch up before your systems become the next viral sensation—unwanted fame guaranteed.

The European Union’s Cyber Resilience Act had open source developers sweating like a penguin in the Sahara. But Linux’s Greg Kroah-Hartman assures us, it’s more friend than foe. Think of it as a helpful nudge, not a legal wedgie. The CRA now encourages transparency in software supply chains without making developers need a law degree.

CISA has added the Sudo command-line utility flaw, CVE-2025-32463, to its Known Exploited Vulnerabilities catalog. This Linux and Unix vulnerability lets local attackers run commands as root, even if they’re not listed in the sudoers file. It’s unclear how it’s being exploited, but agencies are urged to secure their networks by October 20, 2025.