Mischief-makers can guess chat topics with a ChatGPT side-channel attack, says Microsoft. By analyzing packet size and timing, attackers can infer sensitive subjects like money laundering. While Microsoft and OpenAI have fixed this, some providers remain unfazed, leaving users vulnerable to snoops with a knack for sniffing secrets.

GlassWorm, a stealthy malware targeting VS Code extensions, is still wriggling despite claims it was contained. Like a bad sequel, it uses sneaky Unicode and Solana blockchain tricks, leaving 35,800 developer machines compromised worldwide. Koi Security warns it’s not just an extension problem now—it’s a global credential-snatching spree!

Firefox 145 is strapping on its privacy cape, taking a superhero leap against digital fingerprinting. Initially debuting in Private Browsing Mode and ETP Strict mode, these new protections will soon become the default setting. So, grab your popcorn as Firefox battles the sneaky fingerprinting villains, aiming to protect 80% of its users from being tracked!

Quantum Route Redirect is the new phishing automation platform that’s got threat actors doing the happy dance. With 1,000 domains at its disposal, it targets Microsoft 365 users with the efficiency of a well-oiled scam machine. KnowBe4 warns that this crafty kit can make even the least tech-savvy fraudsters look like cyber masterminds.

Konni, the North Korea-backed cyber gang, is now using Google’s Find Hub to remotely reset Android devices, wiping personal data. Impersonating human rights activists, they distribute malware as stress-relief programs, demonstrating a bizarre blend of espionage and tech support gone rogue. Remember, not all stress-relief apps clear your mind—and your phone!

Attention all Triofox users: your software might be up to some mischief! Google’s Mandiant Threat Defense discovered CVE-2025-12480, a vulnerability that lets attackers bypass authentication like they’re skipping a line at the club. Update your software or risk unwelcome guests crashing your system party!

GlassWorm malware is back from its brief vacation, now infecting VS Code extensions via Open VSX and GitHub. Just when developers thought it was safe, this sneaky malware returns, using AI-generated commits and invisible Unicode to hide its tracks. It’s like the malware version of a bad penny, always turning up!

The Cybersecurity Maturity Model Certification program is here to turn defense contractors’ dreams of compliance into reality—or nightmares if they’re unprepared. With Level 1 self-certification starting now and Level 2 requiring third-party assessments by 2026, companies better buckle up for this market-driven enforcement. It’s not just paperwork; it’s table stakes for doing business with the…

CISA has ordered U.S. federal agencies to patch a critical Samsung vulnerability exploited to deploy LandFall spyware via WhatsApp. This flaw, CVE-2025-21042, allows attackers to access sensitive data. Agencies have until December 1 to secure their devices, while CISA urges everyone to patch up—because nobody wants their secrets exposed in a WhatsApp group chat!

Aleksey Volkov, a Russian national, pleads guilty to being an initial access broker for Yanluowang ransomware attacks on U.S. companies. Using aliases “chubaka.kor” and “nets,” he breached networks, sold access, and pocketed a slice of the ransom pie. Now, he faces up to 53 years in prison.

The US Senate advances a short-term funding bill, hoping to end the longest government shutdown in history. Included are extensions for key cybersecurity measures that lapsed, risking sensitive info. But with a deal built on shaky foundations, the federal government might just lather, rinse, and repeat this drama by January.

The Senate bill ends the longest government shutdown and revives the 2015 Cybersecurity Information Sharing Act, extending it until January 30, 2026. This law is crucial for sharing cyber threat data with the government. Without it, cyber adversaries gain the upper hand, as companies hesitate to share sensitive information.

A critical vulnerability in the expr-eval JavaScript library allows remote code execution via malicious input. Discovered by Jangwoo Choe, this flaw scores a chilling 9.8 on the severity scale. Users are advised to migrate to expr-eval-fork v3.0.0 swiftly—because who wouldn’t want their software to stop acting like it’s possessed?

Phishing emails from the legitimate facebookmail.com domain are making waves, fooling businesses into thinking they’re real. With 40,000 emails sent, some companies received over 4,200 alone! It’s a phishing expedition with a twist, as cybercriminals weaponize legitimate services to make these scams look like the real deal. Stay alert, folks!

Intel, amidst massive job cuts, sues former engineer Jinfeng Luo for allegedly swiping 18,000 files, some marked “Intel Top Secret.” After a failed initial attempt, Luo vanished into thin air, leaving Intel in a data drama. The company is now chasing over $250,000 in damages.

A shocking revelation: 65% of leading AI companies have leaked sensitive info on GitHub, thanks to questionable security practices. Even firms with minimal public repositories weren’t spared. As AI innovation speeds ahead, basic cybersecurity seems to be left in the dust, proving that even tech giants can fumble the security ball.

Wiz, the cloud security giant, uncovered a treasure trove of leaked secrets from top AI companies on GitHub. Their deep dives revealed that 65% of these tech titans had a case of “oopsies” with exposed API keys, tokens, and more. With $400B at stake, it turns out even AI wizards can have a security slip!

Security researchers have uncovered LANDFALL, a commercial-grade spyware targeting Samsung Galaxy smartphones. Exploiting a zero-day flaw in Samsung’s image library, attackers used cleverly disguised image files on apps like WhatsApp to sneak spyware onto devices without user action. Samsung fixed the issue in April 2025, but keep an eye on suspicious selfies!

In a twist on “catfishing,” China-aligned hackers have taken spear phishing to the next level. Meet UTA0388, the group using “rapport-building phishing” and AI-generated emails to dupe targets across continents. Their GOVERSHELL malware, evolving quicker than a gym selfie, is causing headaches for organizations worldwide.

Denmark and Norway are investigating a security flaw in Yutong buses, amplifying European fears about dependence on Chinese technology. The vulnerability highlights potential risks of remote interference, deepening concerns over geopolitical tensions with Beijing. Scandinavian providers scramble to ensure their buses don’t become Beijing’s next remote-control toy.