Jaguar Land Rover says the September 2025 cyberattack halted production, led to data theft, and cost £196M in the quarter. Jaguar Land Rover reported that a September 2025 cyberattack, claimed by Scattered Lapsus$ Hunters, cost the company £196 million in the quarter. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted […]
HiddenLayer reveals the EchoGram vulnerability, which bypasses safety guardrails on GPT-5.1 and other major LLMs, giving security teams just a 3-month head start.
North Korean Contagious Interview actors now host malware on JSON storage sites to deliver trojanized code projects, NVISO reports. North Korea-linked actors behind the Contagious Interview campaign have updated their tactics, using JSON storage services (e.g. JSON Keeper, JSONsilo, and npoint.io) to host and deliver malware through trojanized code projects, according to a new NVISO report. “NVISO […]
AIPAC reports data breach after external system access, hundreds affected, investigation ongoing with added security steps.
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution U.S. CISA adds Fortinet FortiWeb flaw to […]
Tesla driverless is infamous for being so blind it tries to enter train tracks. For some reason the operator didn’t prevent it this time, and it crashed head-on into a tram. A Tesla crashed into an approaching tram in Uithoorn early Saturday, cau…
Food delivery giant DoorDash confirms a data breach on Oct 25, 2025, where an employee fell for a social engineering scam. User names, emails, and home addresses were stolen.
The naval branch of Iran’s Islamic Revolution Guard Corps (IRGC) reported that its units detained the tanker Talara after determining that the vessel was transporting cargo without proper authorization, an action taken to safeguard Iran’s national ass…
Plus: State-sponsored AI hacking is here, Google hosts a CBP face recognition app, and more of the week’s top security news.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-64446 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a relative path traversal issue in Fortinet FortiWeb 8.0.0 […]