Stellantis has confirmed a data breach affecting North American customers, courtesy of a third-party service provider. The culprits, ShinyHunters, claim to have pilfered over 18 million records. Thankfully, no financial data was stolen. Stellantis advises caution against phishing attempts. Remember, folks, if it looks fishy, don’t clicky!

Stellantis is investigating a data breach after unauthorized access to a third-party provider’s platform potentially exposed customer data. While financial details remain safe, customers are advised to dodge phishing attempts and suspicious links. It’s a breach of trust, not your bank account!

EDR-Freeze is the new Houdini of hacks, making EDR tools vanish without a trace by exploiting Windows Error Reporting. It swaps out the need for vulnerable drivers with a stealthy user mode trick, leaving security agents in a snooze fest. Who knew evading antivirus could be as easy as a Windows crash dump?

Microsoft has lifted the compatibility hold on devices with integrated cameras due to a face detection bug in Windows 11 24H2. After giving the bug an eviction notice, affected devices can now enjoy face-freezing-free upgrades. Just remember, it might take up to 48 hours for your device to catch on, but a restart might speed…

ComicForm, a previously undocumented hacking group, is targeting organizations in Belarus, Kazakhstan, and Russia with a phishing campaign. They send emails with subject lines like “Waiting for the signed document,” urging users to open a seemingly innocent attachment. Ironically, the malware includes harmless superhero GIFs, earning the group its whimsical name.

Considering how to buy cryptocurrency? Well, once deemed a punchline, crypto now waltzes through Wall Street. Harvard’s endowment is diving in, even cozying up to Bitcoin. Meanwhile, the U.S. might let you sprinkle crypto into your 401(k). With regulations tightening, crypto’s wild ride might just be getting started. Buckle up!

Mozilla introduces an extension rollback feature for Firefox, allowing developers to quickly revert to previous versions to tackle bugs. Users with automatic updates enabled will be reverted within 24 hours. This option is available for any extension with at least two approved versions, distributed via addons.mozilla.org or self-distributed.

LastPass warns macOS users about malware masquerading as popular software via fake GitHub repositories, using SEO to spread the Atomic info-stealing malware. The ClickFix attack tricks users into installing malware by pasting commands into Terminal. Avoid these by sticking to official vendor sites and ignoring mysterious commands.

A cyberattack on Collins Aerospace wreaked havoc across major European airports, turning check-in into a nostalgic manual affair. Heathrow, Brussels, and Berlin saw flight chaos, with over 600 flights disrupted at Heathrow alone. It’s a not-so-gentle reminder that when one vendor trips, the whole airport stumbles.

Russian ransomware gangs are leveling up their game with CountLoader, a malware loader that acts as a digital butler, rolling out the red carpet for more harmful programs. Silent Push’s research shows that these cybercriminals are even impersonating Ukrainian police to trick victims. CountLoader is making cybercrime a disturbingly efficient enterprise.

As drones take privacy invasion to new heights, Flock Safety is leading the charge with flying ALPRs. These airborne police cameras are making it easier than ever for law enforcement to track your every move. Communities must act now to ground this runaway surveillance technology before it’s too late.

Microsoft has confirmed an issue that stops some apps from playing DRM protected video content on Windows 11 24H2 systems. After a recent update, users face freezes and black screens. But don’t worry, Microsoft promises a fix in future updates because who doesn’t love a little suspense with their streaming?

The FBI is warning that cybercriminals are spoofing the IC3 website to steal personal data. These sneaky sites mimic the real deal with subtle spelling tweaks, tricking users into sharing sensitive info. Remember, folks, type www.ic3.gov directly into your browser and double-check those URLs. Stay vigilant, stay safe, and don’t fall for the cyber-fakes!

Ransomware strikes, and Europe’s airports transform into chaotic hubs of manual check-ins! With Collins Aerospace at the heart of this digital drama, airports like Heathrow and Brussels navigate delays and cancellations. Meanwhile, passengers are urged to embrace online check-ins. Just another day in the life of high-flying cyber chaos!

Toronto’s Mycroft just raised $3.5 million to turn security from a burden into a superpower, thanks to AI agents acting as your personal IT bodyguards. With over 50 customers in just six months, they’re making enterprise-grade security as accessible as a donut shop on every corner.

Microsoft’s decision to ditch the MITRE ATT&CK evaluations is as surprising as finding a cat in a dog costume. They once flaunted Microsoft Defender XDR’s results like a peacock at a pigeon party. Now, they’re claiming innovation, but experts suspect these tests might be more about marketing than actual cyber wizardry.

Academic researchers have proven that the L1TF vulnerability, thought to be a relic of the past, is back for an encore performance in public clouds. By combining it with half-Spectre, they’ve managed to leak sensitive data faster than a cat meme can go viral. Google Cloud even rewarded them with a hefty $151,515!

The cybersecurity incident at Collins Aerospace led to airport chaos and a mass return to manual check-ins. The ransomware attack left boarding systems grounded and travelers scrambling. While law enforcement investigates, passengers might want to practice their handwriting for luggage tags. Collins Aerospace’s cybersecurity defenses were caught with their wings clipped!

The security landscape now moves at a pace no patch cycle can match. Attackers exploit newly disclosed vulnerabilities within hours, transforming a missed patch into a critical point of failure. This week’s recap explores how threat actors reuse tactics, how emerging technologies widen the attack surface, and what defenders can learn.

Stellantis admits a data leak after attackers targeted a third-party partner, exposing customer names and emails. No financial data was affected, but the automaker is warning customers about phishing risks. Meanwhile, Jaguar Land Rover faces its own cyber woes, stalling production and leaving the auto industry nervously checking its digital rearview mirror.