ReVault Flaw Exposed Millions of Dell Laptops to Malicious Domination darkreadingBecky Bracken
August 22, 2025

A bug in the control board that connects peripheral devices in commonly used Dell laptops allowed malicious access all the way down to the firmware running on the device chip, …


Apple Intelligence Is Picking Up More User Data Than Expected, Researcher Finds darkreadingBecky Bracken
August 22, 2025

Music tastes, location information, even encrypted messages — Apple's servers are gathering a "surprising" amount of personal data through Apple Intelligence, Lumia Security's Yoav Magid warns in his new analysis. Music …


Interpol Arrests Over 1K Cybercriminals in ‘Operation Serengeti 2.0’ darkreadingKristina Beek
August 22, 2025

The operation disrupted countless scams, and authorities seized a significant amount of evidence and recovered nearly $100 million in lost funds. The operation disrupted countless scams, and authorities seized a significant …


Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection The Hacker [email protected] (The Hacker News)
August 22, 2025

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam …


Apple Patches Zero-Day Flaw Used in ‘Sophisticated’ Attack darkreadingRob Wright
August 22, 2025

CVE-2025-43300 is the latest zero-day bug used in cyberattacks against "targeted individuals," which could signify spyware or nation-state hacking. CVE-2025-43300 is the latest zero-day bug used in cyberattacks against "targeted individuals," …


The Growing Challenge of AI Agent and NHI Management darkreadingMichael Morgenstern
August 22, 2025

The growing ecosystem of agents, chatbots, and machine credentials that outnumber human users by an order of magnitude is creating a poorly understood but potentially major security issue. The growing ecosystem …


Insurers May Limit Payments in Cases of Unpatched CVEs darkreadingRobert Lemos, Contributing Writer
August 22, 2025

Some insurers look to limit payouts to companies that don't remediate serious vulnerabilities in a timely manner. Unsurprisingly, most companies don't like those restrictions. Some insurers look to limit payouts to …


Do Claude Code Security Reviews Pass the Vibe Check? darkreadingEricka Chickowski, Contributing Writer
August 22, 2025

AI-assisted security reviews from Anthropic and others could help level up enterprise application security in the era of vibe coding. AI-assisted security reviews from Anthropic and others could help level up …


CISA Requests Public Comment for Updated Guidance on Software Bill of Materials AlertsCISA
August 22, 2025

CISA released updated guidance for the Minimum Elements for a Software Bill of Materials (SBOM) for public comment—comment period begins today and concludes on October 3, 2025. These updates build …


Personal Liability, Security Becomes Bigger Issues for CISOs darkreadingRobert Lemos, Contributing Writer
August 22, 2025

While the furor from CISO prosecutions has died down, worries continue over a lack of liability protections and potential targeting by cybercriminals and hackers for their privileged roles. While the furor …