Hungarian police arrest suspect in cyberattacks on independent media
Authorities said they raided the Budapest residence of a man believed to be "Hano," the suspect in a series of cyberattacks on independent media outlets.
Microsoft Sharepoint ToolShell attacks linked to Chinese hackers
Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain.
"Encryption Backdoors and the Fourth Amendment" - Schneier on Security
Law journal article that looks at the Dual_EC_PRNG backdoor from a US constitutional perspective: Abstract: The National Security Agency (NSA) reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article examines whether any of three theories removed the Fourth Amendment’s requirement that this be reasonable. The first is that a challenge to the encryption backdoor might fail for want of a search or seizure. The Article rejects this both because the Amendment reaches some vulnerabilities apart from the searches and seizures they enable and because the creation of this vulnerability was itself a search or seizure. The second is that the role of the technology companies might have brought this backdoor within the private-search doctrine. The Article criticizes the doctrine particularly its origins in Burdeau v. McDowelland argues that if it ever should apply, it should not here. The last is that the customers might have waived their Fourth Amendment rights under the third-party doctrine. The Article rejects this both because the customers were not on notice of the backdoor and because historical understandings of the Amendment would not have tolerated it. The Article concludes that none of these theories removed the Amendment’s reasonableness requirement...
Votre CapCut est-il un faux ? Les hackers sont à l’affut
Avis aux créateurs de contenus : de faux logiciels CapCut circulent pour vous piéger. Des cybercriminels ont créé de fausses versions du célèbre logiciel de montage, promettant de nouvelles fonctionnalités d’IA. Leur but ? Vous pousser à télécharger un fichier malveillant capable de prendre le contrôle total de vos
AI Adoption is Driving SOC Role Reallocation Without Cutting Headcount
Abnormal AI found that 96% of security leaders have no plans to reduce the headcount in SOC teams as a result of AI adoption, instead focusing on reallocating roles
Microsoft: Windows Server KB5062557 causes cluster, VM issues
Microsoft is asking businesses to reach out for support to mitigate a known issue causing Cluster service and VM restart issues after installing this month's Windows Server 2019 security updates.
ToolShell: Details of CVEs Affecting SharePoint Servers
Cisco Talos is aware of the ongoing exploitation of CVE-2025-53770 and CVE-2025-53771 in the wild. These are path traversal vulnerabilities affecting SharePoint Server Subscription Edition, SharePoint Server 2016, and SharePoint Server 2019.
After website hack, Arizona election officials unload on Trump’s CISA | CyberScoop
As the state responded to a pro-Iranian attack, officials tell CyberScoop that it avoided reaching out to the federal agency, partly because it has been “politicized and weakened” under the president.