Microsoft warns that the updated XCSSET macOS malware is now stealing your cryptocurrency by hijacking clipboard data. Just when you thought your digital wallet was safe, this pesky invader swoops in, replacing your Bitcoin destination with its own. It’s like a magician’s sleight of hand, but instead of applause, you get an empty wallet!

Cisco firewall vulnerabilities are under attack by an “advanced threat actor,” causing cybersecurity agencies to sound the alarm. The flaws allow attackers to implant malware and execute commands. CISA demands immediate patching, while Cisco faces scrutiny for its delayed response. Cybersecurity: where zero-day is the new normal.

Interpol’s Operation Contender 3.0 has rounded up 260 suspects in a 14-country crackdown on romance scams in Africa, proving that love isn’t just blind—it sometimes needs a GPS tracker and a police escort. With 1235 devices seized, the digital lovebirds are now grounded.

Noma Security spills the beans on ForcedLeak, a Salesforce Agentforce flaw so critical it could steal your data faster than you can say “cybersecurity breach.”

Digital ID is an enormous opportunity for the UK, says Prime Minister Keir Starmer, as the UK government plans to issue all legal residents a digital identity by 2029. Critics argue it could create a “checkpoint society,” while supporters highlight easier access to services. Just don’t forget your phone at home!

Jaguar Land Rover has hit the restart button after a cyber-attack stalled their production. They’re revving up their IT systems to clear payment backlogs and register vehicles faster. The company’s digital engines are back online, but they’re proceeding with caution, like a cat on a hot tin roof.

Watch out, Mac fans! The XCSSET malware is back with a vengeance, targeting browsers, hijacking clipboards, and now, even snooping on Firefox. It’s like the malware equivalent of a nosy neighbor who insists on borrowing your lawnmower and your cryptocurrency. Stay updated and vigilant!

Fortra GoAnywhere MFT users, brace yourselves! A cybersecurity thriller has kicked off with CVE-2025-10035, the deserialization vulnerability that’s been exploited in the wild since September 10, 2025. Hackers are having a field day, so patch that software faster than you can say “command injection”!

The Fortra GoAnywhere MFT vulnerability, CVE-2025-10035, was exploited a week before patches were issued, according to watchTowr. This deserialization flaw had hackers creating backdoor admin accounts faster than you can say “patch me up, Scotty!” Fortra’s delayed response left organizations exposed to potential attacks.

The UK’s data protection watchdog has fined two British businesses £550,000 for using illegal robo call technology to target vulnerable individuals. Andy Curry, head of investigations at the ICO, mentioned the use of avatar software, which makes distinguishing genuine calls from predatory ones challenging, urging the public to report these robo calls.

Trend Micro researchers have uncovered the new LockBit 5.0 ransomware, which boasts faster encryption, enhanced evasion, and a “Chat with Support” section for ransom negotiations. Released to mark the group’s sixth anniversary, it’s an “evolutionary development” in ransomware, not a rebrand. Lock your data treasures, folks—LockBit is back with a vengeance!

Google warns of a Brickstorm backdoor targeting U.S. legal and tech sectors, spying undetected for over a year. This China-linked malware steals data, exploits zero-days, and cleverly mimics legitimate processes. If Brickstorm were any stealthier, it would have its own ninja costume!

Cisco’s emergency patches for firewall vulnerabilities are here, addressing zero-days linked to the ArcaneDoor espionage campaign. Hackers skillfully exploited these bugs to execute arbitrary code and access restricted URLs without breaking a sweat. Cisco urges users to update devices posthaste and rotate passwords like they’re spinning a DJ deck.

Cisco firewalls are having a rough week as threat actors exploit security flaws to deliver malware like RayInitiator and LINE VIPER. These cyber ninjas bypass authentication, execute malicious code, and even disable logging to avoid detection. It’s like a digital game of hide-and-seek, but Cisco’s firewalls forgot to hide!

Microsoft Threat Intelligence warns of a revamped XCSSET macOS malware variant. This sneaky infostealer now boasts improved browser targeting, clipboard hijacking, and persistence mechanisms. It’s out to snatch your crypto and browser data by infecting Xcode projects. So, developers, keep your projects clean and inspect thoroughly before building. Your crypto wallet will thank you!

Beware of the postmark-mcp imposter on npm! A sneaky update was added, exfiltrating user emails to giftshop.club. With 1,500 downloads in a week, it’s a cautionary tale of code mimicry gone rogue. If you downloaded it, rotate credentials faster than a DJ spins records, and audit those MCP servers pronto!

CISA has added Cisco Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. It’s urging federal agencies to plug these security holes pronto. Because nothing says “national security” like forgetting to patch your firewall and finding out your network is now the digital equivalent of Swiss cheese.

North Korean IT worker scams are getting a malware makeover, with DeceptiveDevelopment stepping up their game using Lazarus Group-like tactics. By targeting software developers, they aim to infiltrate Western companies, using fake job interviews to spread malware and steal data. It’s job hunting with a sinister twist!

Vane Viper, a notorious threat actor, has been unmasked as a master of malicious adtech. Known for causing digital chaos, Vane Viper uses a web of shell companies to dodge accountability, while their ad-fraud antics keep cybersecurity experts on their toes. Remember, it’s not just a threat actor hiding behind adtech; it’s an adtech platform…

Cisco is urging users to patch two zero-day vulnerabilities in its Secure Firewall ASA and FTD software, which are being exploited in the wild. These flaws could allow attackers to bypass authentication and execute malicious code. It’s like leaving your front door open for hackers with a “Welcome” mat!