Cyberattack ate up profits for first half of year, retailer M&S says
Cyberattack ate up profits for first half of year, retailer M&S says Summary Marks & Spencer reported H1 2025 pre-tax profits of just £3.4 million, down from £391.1 million in…
New malware uses AI to adapt during attacks, report finds
New malware uses AI to adapt during attacks, report finds Summary Researchers have observed a new wave of malware that uses large language models (LLMs) during execution to dynamically change…
Europe police bust global fraud ring that used German payment firms to launder millions
Europe police bust global fraud ring that used German payment firms to launder millions Summary European law enforcement, led by Europol and national partners, dismantled a sprawling credit-card fraud and…
Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes
Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes Summary Google’s Threat Intelligence Group reports that nation-state and criminal actors are increasingly experimenting…
AMD red-faced over random-number bug that kills cryptographic security
AMD red-faced over random-number bug that kills cryptographic security Summary AMD has confirmed a high-severity flaw (CVE-2025-62626, score 7.2) in Zen 5 processors that can undermine cryptographic randomness. The bug…
Russia-linked ‘Curly COMrades’ turn to malicious virtual machines for digital spy campaigns
Russia-linked ‘Curly COMrades’ turn to malicious virtual machines for digital spy campaigns Summary Researchers have uncovered a covert cyber-espionage campaign that hides lightweight malicious tooling inside virtual machines (VMs) running…
Inside the Playbook of Ransomware’s Most Profitable Players
Inside the Playbook of Ransomware’s Most Profitable Players Summary Research into the top ransomware-as-a-service (RaaS) operations shows three common pillars of success: automation (often AI-assisted), platform customisation and advanced tooling.…
Closing the AI Execution Gap in Cybersecurity — A CISO Framework
Closing the AI Execution Gap in Cybersecurity — A CISO Framework Summary The article explains that AI is now pervasive across IT and security, but many organisations — and CISOs…
Risk ‘Comparable’ to SolarWinds Incident Lurks in Popular Software Update Tool
Risk ‘Comparable’ to SolarWinds Incident Lurks in Popular Software Update Tool Summary Researchers at Cyderes have identified a supply‑chain risk in Advanced Installer’s updater that could allow attackers to distribute…
Critical Site Takeover Flaw Affects 400K WordPress Sites
Critical Site Takeover Flaw Affects 400K WordPress Sites Summary A critical vulnerability (CVE-2025-11833, CVSS 9.8) in the Post SMTP WordPress plugin (all versions up to and including 3.6.0) allows unauthenticated…