The Australian government warns of cyberattacks using the BadCandy webshell on unpatched Cisco IOS XE devices. Exploiting vulnerability CVE-2023-20198, attackers create local admin users and wreak havoc. Despite Cisco’s patch, devices remain compromised. It’s like a game of whack-a-mole, but with routers—and the moles are hackers with a sweet tooth.

The UN Cybercrime Treaty sparks debate as the US and other nations fear its potential impact on human rights, while countries like China and Russia eagerly sign up. Critics argue it could criminalize journalists and whistleblowers, raising concerns over real-time surveillance and international law enforcement powers.

UNC6384, a China-linked threat actor, targets European diplomats with phishing emails to exploit a Windows shortcut vulnerability. Using sneaky LNK files, they deploy PlugX malware, offering remote access and spy capabilities. It’s like the James Bond of malware—minus the tuxedo, more DLL side-loading and less martinis. Stay alert, Europe!

Russian authorities nabbed three suspects in Moscow for allegedly masterminding the Meduza Stealer malware, a nefarious software that pilfers sensitive data. Irina Volk of the Ministry of Internal Affairs announced the bust on Telegram, revealing the culprits targeted an institution in Astrakhan, prompting a criminal case. Meduza Stealer’s creators face serious charges.

Tick, also known as Bronze Butler, is back in action! Exploiting the critical CVE-2025-61932 flaw in Motex Lanscope Endpoint Manager, they’re dropping backdoors like they’re hot. With a CVSS score of 9.3, this vulnerability allows remote attackers to execute arbitrary commands with SYSTEM privileges. Stay vigilant, because Tick is not just for tocking!

Blockchain company Garden hit a snag, losing $11 million in assets after hackers exploited one of its solvers. Despite the setback, Garden assures user funds are safe. The mysterious solver might be more of an inside job than an algorithm gone rogue, sparking controversy in the DeFi community.

AI is transforming the restaurant industry by streamlining operations, but security concerns loom large. As eateries automate, the question is: How safe is the data driving this innovation? Only the most security-conscious platforms will thrive in a world where compliance isn’t just a checkbox but a competitive advantage.

Omdia’s DSPM market report crowns BigID, IBM, OpenText, and Thales as the top market leaders. The competition is fierce, with Concentric AI, Rubrik, and others making waves as challengers. Meanwhile, Proofpoint and Skyhigh Security are promising prospects on the rise. Keep an eye on these vendors as they battle for DSPM supremacy!

Cybercriminals are exploiting a flaw in the Windows Server Update Service (WSUS) to plant Skuld Staler malware, according to Darktrace research. Despite Microsoft’s updates, attackers are targeting WSUS servers, high-value network assets. This highlights the urgency for companies to fortify defenses as criminals misuse trusted programs for infiltration.

The CISA is sounding the alarm on a Linux kernel flaw, CVE-2024-1086, now moonlighting in ransomware attacks. Despite its age, this decade-old vulnerability is causing fresh havoc. IT admins, consider blocking “nf_tables” or loading LKRG—just watch out for system hiccups! Patch up, or your system might stage a rebellion.

GlassWorm campaign targeting Visual Studio developers with malware-filled VS Code extensions has been contained, says Open VSX team. The extensions, downloaded nearly 36,000 times, were hidden with Unicode trickery. Fortunately, Open VSX flushed the worms out, revoking exposed tokens, and tightening security.

Researchers at Arctic Wolf Labs have uncovered a cyber espionage campaign targeting European diplomats, attributing it to UNC6384, linked to Mustang Panda. Using social engineering and the Windows shortcut vulnerability ZDI-CAN-25373, the campaign deploys PlugX malware. With a focus on diplomatic entities in Hungary and Belgium, the group demonstrates growing sophistication and geographic expansion.

Project Brainfog uncovers a staggering 800 vulnerabilities in building automation systems worldwide, revealing the real-world risks of dormant code and corporate mergers. Gjoko Krstic’s relentless research shows how forgotten lines of code have left modern cities vulnerable to remote takeovers, highlighting a cautionary tale of cybersecurity blind spots.

Google’s AI Mode is set to get personal, tapping into Gmail and Drive for a tailored search experience. Imagine your emails and docs transforming into your virtual assistant, summarizing flights and curating schedules. While the exact launch is TBD, personalized shopping and dining tips are already in the experimental phase.

Ernst & Young (EY) accidentally left a massive 4TB SQL Server backup publicly accessible on Microsoft Azure. Neo Security’s lead researcher discovered the unencrypted data dump while doing some light internet sleuthing. EY quickly fixed the issue, but not before everyone wondered how many digital nosy parkers had already taken a peek.

The AWS outage left websites floundering, proving that when one cloud sneezes, the internet catches a cold. Enterprises scrambled to patch vulnerabilities like a chef juggling flaming knives. Meanwhile, AI like Wild Moose helps untangle the chaos, but remember, even robots need a babysitter. Who watches the Watchmen? Apparently, us.

A China-linked hacking group is exploiting a Windows zero-day vulnerability to target European diplomats. The cyber-espionage campaign involves spearphishing emails, malicious LNK files, and the deployment of the PlugX remote access trojan. The attacks, attributed to UNC6384 (Mustang Panda), aim to monitor diplomatic communications and steal sensitive data.

The alleged Conti ransomware accomplice, Oleksii Lytvynenko, has been extradited to the US, proving once again that cybercrime doesn’t pay, unless you count the free flights to America. Facing charges in Tennessee, Lytvynenko is accused of helping spread the Conti ransomware, which hit over a thousand targets across the globe.

The OpenStack community isn’t just about sovereignty; it’s about resilience, said Thierry Carrez at the OpenInfra Summit. While dependence on US hyperscalers is scrutinized, OpenStack’s focus on infrastructure is timely. As the AI bubble looms, the community remains steadfast, proving resilient despite shifting strategies and geopolitical challenges.

Francisco Partners is buying Jamf for $2.2 billion, ensuring they’ll be busy managing Apple devices and cracking security codes. The all-cash deal boasts a 50% premium over Jamf’s average stock price, proving that securing Apple devices is really paying off. Jamf will go private in 2026, but their Apple wizardry continues!