Microsoft Threat Intelligence researchers have uncovered a new XCSSET macOS malware variant. This sneaky parasite steals Firefox data, hijacks clipboards, and even runs secret AppleScripts, all while evading detection. It’s like a digital cat burglar with a penchant for encrypted mischief. Stay vigilant, folks—your Mac’s clipboard may be plotting against you!

Heritage Foundation’s claim that “50% of major school shootings involve transgender ideology” appears to crumble under scrutiny. With data showing less than 0.087% of mass shootings tied to transgender individuals, this narrative might need a new pair of glasses—and perhaps a GPS to find reality. As the saying goes, when in doubt, check the data!

Microsoft’s new AI-powered Auto-Categorization in Microsoft Photos is like a personal assistant for your photo chaos. It’s limited to sorting screenshots, receipts, identity documents, and notes, but hey, baby steps! Now, instead of scrolling through a sea of selfies, you can instantly find those receipts you meant to expense three months ago.

The Stop Censoring Abortion campaign highlights issues of abortion-related content being removed or suppressed on social media. Meta’s inconsistent enforcement of Community Standards has led to the removal of posts from the Miscarriage and Abortion Hotline, sparking criticism over how reproductive health information is scrutinized.

Jimmy Kimmel’s hilarious Cameo antics with George Santos landed him in a courtroom showdown. Santos’s lawsuit against Kimmel for copyright infringement and breaching Cameo’s terms of service was tossed out, twice. It’s a comedic masterclass in fair use and the surprising power of fine print. Looks like laughter is still the best legal defense!

Microsoft is on a mission to solve a puzzling Outlook bug that leaves users locked out of encrypted emails from other organizations. The best workaround so far? Trust issues—literally! Enable cross-tenant access and trust multifactor authentication from other Microsoft Entra tenants. It’s a temporary fix, but hey, it’s better than nothing!

President Donald Trump has signed an executive order for TikTok restructuring to address national security concerns. With over 170 million U.S. users, TikTok will now be run by a U.S.-based joint venture, separating it from ByteDance. Oracle takes a leading role, ensuring the platform’s algorithms are retrained using only U.S.-approved data.

In a new twist on phishing, attackers impersonate Ukrainian government agencies, using malicious SVG files to drop CountLoader. This leads to the deployment of Amatera Stealer and PureMiner, proving even hackers appreciate a good fileless execution. Welcome to the digital age, where even your graphics can be out to get you.

The 2015 Cybersecurity Information Sharing Act might lapse if Congress doesn’t renew it. This could stall crucial cyber threat data exchanges between the private sector and government. As the deadline looms, legal eagles are sharpening their talons, ready to swoop in. Congress, please, no more drama—just extend the darn thing!

TradingView Premium isn’t free, but scammers sure want you to believe it is! They’ve expanded their malicious ad campaign from Facebook to Google Ads and YouTube, tricking users into downloading spyware. Remember, if it sounds too good to be true, it probably wants your passwords!

Microsoft is rolling out a new Edge security feature that detects and revokes malicious sideloaded extensions. While sideloading extensions can be as tempting as a box of free donuts, this update ensures any third-party malware is swiftly shown the exit. Expect this security boost in November, just in time for the holiday browsing season.

SecurityWeek’s cybersecurity news roundup is your weekly ticket to the under-the-radar world of cyber drama. From the Department of War’s new cybersecurity framework to a hack impacting 3 million Lotte Card customers, these stories are as crucial as your morning coffee for navigating the cybersecurity landscape.

Hackers made an early debut exploiting the Fortra GoAnywhere flaw CVE-2025-10035, striking a week before anyone sounded the alarm. With 20,000 internet-facing instances, including Fortune 500 companies, this deserialization vulnerability was a ticking time bomb, and the hackers didn’t wait for an invitation.

Salesforce is facing a legal storm after a cyberattack revealed customer data. Allegations claim the CRM giant’s security was more porous than a sponge in a rainstorm. While Salesforce insists its platform wasn’t breached, customers are worried their info is now as exposed as an umbrella in a tornado.

XCSSET malware is back with a vengeance, targeting macOS developers by sneaking into Xcode projects. Microsoft’s warning: this variant is sneakier, with a penchant for crypto theft and disabling macOS updates. Developers, beware—your next build might have more tricks than a magician with a squirrel in his hat.

Keeper Security and Google Security Operations have joined forces, streaming privileged access activities into Google SecOps. This dynamic duo offers real-time insights and speeds up incident responses, ensuring cyber threats are caught faster than a toddler running with scissors. Say goodbye to security blind spots and hello to smarter, faster protection!

Security researchers have confirmed threat actors exploited a severe vulnerability in Fortra’s GoAnywhere MFT, criticizing the company’s lack of transparency. Dubbed an “attacker’s playground,” this flaw has been actively exploited, and experts urge Fortra to clarify the situation to help organizations make informed decisions regarding CVE-2025-10035.

Interpol’s recent cybercrime crackdown across 14 African countries resulted in 260 arrests linked to online romance and extortion scams. The operation targeted scams involving fake romantic relationships and blackmail, affecting over 1,400 victims who lost nearly $2.8 million. Cybercrime units report a surge in digital-enabled crimes like sextortion and romance scams.

AI adoption is like adopting a pet tiger: thrilling but potentially dangerous. Organizations are sprinting ahead, integrating AI faster than a cat video goes viral, yet forgetting one tiny detail—security. Without proper safeguards, AI deployments could give cybercriminals a field day. Remember, AI without security is like a piñata filled with bees.

Trend Micro has raised the alarm on LockBit 5.0, a ransomware strain now targeting Windows, Linux, and VMware ESXi environments. This new iteration boasts enhanced evasion and cross-platform capabilities, making it a formidable threat. With just one attack, it can paralyze entire enterprise networks, proving that no system is safe from modern ransomware.