Scammers Are Using Grok to Spread Malicious Links on X
Scammers Are Using Grok to Spread Malicious Links on X Summary Bad actors on X are exploiting Grok, X’s native AI assistant, to publicise malicious links at scale. They hide…
Embracing the Next Generation of Cybersecurity Talent
Embracing the Next Generation of Cybersecurity Talent Summary Programmes like student‑run Security Operations Centres (SOCs) can help close the cybersecurity skills gap by giving students real‑world, hands‑on experience while providing…
Anyone Using Agentic AI Needs to Understand Toxic Flows
Anyone Using Agentic AI Needs to Understand Toxic Flows Summary The article warns that “toxic flows” are an emerging and serious class of risk in agentic AI deployments. Toxic flows…
Secretive MaaS Group ‘TAG-150’ Develops Novel ‘CastleRAT’
Secretive MaaS Group ‘TAG-150’ Develops Novel ‘CastleRAT’ Summary Researchers have mapped an emerging malware-as-a-service (MaaS) cluster tied to a loader called CastleLoader and an ecosystem labelled CastleBot. The group behind…
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now Summary A critical code-injection flaw in SAP S/4HANA (CVE-2025-42957) disclosed in August 2025 is being exploited in the wild. The vulnerability carries…
Cyberattack forces Jaguar Land Rover to tell staff to stay at home
Cyberattack forces Jaguar Land Rover to tell staff to stay at home Summary Jaguar Land Rover (JLR) suffered a cyberattack that severely disrupted its global IT systems and forced factory…
‘SEO fraud-as-a-service’ scheme hijacks Windows servers to promote gambling websites
Summary Security researchers at ESET have identified a previously unknown hacker group, dubbed GhostRedirector, that has been active since at least August 2024 and has compromised at least 65 Windows…
Qantas penalizes executives for July cyberattack
Qantas penalises executives for July cyberattack Summary Qantas has reduced short-term bonuses for its CEO and executive management by 15 percentage points after a July cyberattack that exposed information belonging…
CISA orders federal agencies to patch Sitecore zero-day following hacking reports
CISA orders federal agencies to patch Sitecore zero-day following hacking reports Summary Federal civilian agencies have until 25 September to patch CVE-2025-53690, a Sitecore vulnerability tied to a reused sample…
Knock-on effects of software dev break-in hit schools trust
Knock-on effects of software dev break-in hit schools trust Summary Affinity Learning Partnership, which runs seven schools and employs over 650 staff, has warned employees that their personal information may…