Hacktivists have repeatedly breached Canada’s critical infrastructure, and the Canadian Centre for Cyber Security urges stronger security for internet-exposed Industrial Control Systems (ICS). Recent incidents involved tampering at key facilities, causing disruptions and potential dangers. Authorities emphasize that while these attacks weren’t sophisticated, they highlight the risk of poorly protected ICS components.

Automated attacks on PHP servers are spiking, thanks to botnets like Mirai, Gafgyt, and Mozi exploiting CVE vulnerabilities. These botnets are now the digital Swiss Army knives of cybercrime, targeting everything from IoT devices to cloud gateways. Keep your systems updated and your debug tools at bay, or risk becoming another botnet minion.

Microsoft’s Azure virtual networks are getting a security makeover, shifting default settings from public to private subnets. This change, now delayed until March 2026, aims to align with zero-trust principles and prevent unintended internet access. Companies should prepare or risk their cloud apps throwing tantrums like toddlers in a candy store.

Stay updated with EFF’s EFFector newsletter, where we serve digital privacy and free expression with a side of humor. Learn about our lawsuit against the U.S. government’s ideological social media surveillance program, and enjoy our audio companion featuring EFF Staff Attorney Lisa Femia. Join us in the fight for a brighter digital future!

Transform high-risk employees into protective stewards by recognizing the importance of personalized training. Effective end-user security awareness training should be dynamic, tailored to job roles and abilities, and regularly updated with the latest threats. Don’t let your security training be a one-trick pony—personalization is everything.

Good news for Windows tinkerers! The Windows 11 Media Creation Tool is back in action after a brief hiatus, thanks to the KB5067036 update. No more mysterious tool vanishing acts or cryptic error messages. Now you can create bootable media without resorting to ancient rituals or switching to an AMD64 system.

Peter Williams, a former L3 Harris Trenchant exec, pleaded guilty to selling trade secrets worth $1.3M to Russia. The zero-day vulnerabilities sale earned him a house arrest, electronic monitoring, and a potential 9-year prison sentence. Williams reportedly signed deals with a Russian buyer using the alias John Taylor.

PhantomRaven is wreaking havoc on developers with sneaky npm packages that swipe authentication tokens and CI/CD secrets. With 126 packages and 86,000 downloads, this campaign exploits AI’s “slopsquatting” errors. Researchers warn that these threats can introduce malicious changes into projects, making developers the unwitting stars of a cybersecurity comedy of errors.

Microsoft is investigating a DNS outage affecting global customers, disrupting access to Microsoft Azure and Microsoft 365 services. Users report issues with logging into networks, portals, and platforms, causing widespread inconvenience. Microsoft is working to address these service access problems, but for now, the cloud is more like a fog.

Neo Security discovered EY’s 4TB SQL backup exposed online, like a vault’s master blueprint left with a “free to a good home” sign. This oversight, a classic cloud bucket misconfiguration, revealed API keys and passwords. It’s a reminder that one wrong click can turn data security into an unintentional comedy of errors.

Chrome is tightening its security belt, aiming to make HTTPS connections the norm. Starting in October 2026, Chrome 154 will auto-enable the Always Use Secure Connections feature. This means Chrome will prefer HTTPS and ask for confirmation before visiting any non-secure public site. It’s Google’s way of saying, “No HTTPS? No entry!”

Botnets are flexing their digital muscles, targeting PHP servers, IoT devices, and cloud gateways with automated campaigns. Qualys reveals these notorious botnets—such as Mirai, Gafgyt, and Mozi—are exploiting vulnerabilities and cloud misconfigurations, turning networks into their personal playgrounds. It’s time to update, secure, and stop playing hide-and-seek with botnet activity.

Russian hackers, likely linked to Sandworm, used living-off-the-land tactics and dual-use tools to infiltrate Ukrainian targets. They slipped past defenses using legitimate applications, proving once again that sometimes the best way to hack a system is to act like you belong there, with a clipboard and a suspiciously confident stride.

Cybercriminals are exploiting a critical security flaw in XWiki servers for cryptomining. This two-step attack uses a search bar vulnerability, allowing remote code execution without a password. Companies with unpatched installations are at risk. Patch now to avoid your server becoming a coin-mining farm for hackers.

Cybersecurity researchers have discovered a new security issue in agentic web browsers like OpenAI ChatGPT Atlas exposing AI models to context poisoning attacks. Known as AI-targeted cloaking, this technique manipulates AI crawlers with deceptive content, potentially turning them into misinformation weapons and undermining trust in AI tools.

As crypto gaming grows, operators are pushing boundaries, offering speedy payouts and bonuses, changing how winnings circulate. 99Bitcoins top Tether casinos exemplify this by using stable assets for fast, reliable cross-border transactions. But with this comes a need for robust identity verification and wallet analytics to tackle security and regulatory challenges.

Check Point’s AI Cloud Protect, developed with NVIDIA, offers robust end-to-end protection for AI infrastructure. As AI adoption grows, security gaps widen—one in 80 GenAI prompts leaks sensitive data. This new solution secures AI from data center to cloud, ensuring enterprises can innovate without risking security. Who knew AI protection could be this seamless?

Microsoft has fixed the notorious 0x800F081F error on Windows 11 24H2 systems. The culprit? Missing language packs and payloads. Patch up with the October 2025 update or try an In-Place Upgrade—because who doesn’t love a little Windows drama to spice up their day?

PhantomRaven malware is stealing npm tokens and GitHub credentials using Remote Dynamic Dependencies. This clever technique fetches malicious code at install time, evading npm’s security scans. With 126 infected packages, the campaign’s infrastructure may be sloppy, but its delivery is top-notch!

MITRE’s ATT&CK framework hits version 18 with a bang! Expect upgrades in defensive content and new detection objects. Techniques for modern infrastructure, ransomware prep, and cyber threat intelligence are now on board. Plus, the Mobile section is back with a twist. ATT&CK Advisory Council joins the party too!