September Patch Tuesday handles 81 CVEs
The last round of fixes before Win 10’s final shout touches 15 product families, including Xbox
Similar Posts
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Bys sThreat actors are actively exploiting a critical security flaw in “Alone – Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug. According to Wordfence, the shortcoming relates to an arbitrary…
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
Bys sASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a maximum of 10.0. “An improper authentication control vulnerability exists in certain ASUS router firmware series,”
Hamilton taxpayers on the hook for full $18.3M cyberattack repair bill after insurance claim denied
Bys sLaura Sebben reports: The City of Hamilton will be on the hook for the more than $18 million it has cost to recover from a ransomware attack after their insurance claim was denied. In an update presented to a city committee on Wednesday, staff said that its insurer denied the claim for reimbursement of costs…
$28 million in Texas’ cybersecurity funding for schools left unspent
Bys sHow often have we heard about cyberattacks affecting Texas school districts? And how often have we heard that k-12 districts are underfunded for cybersecurity and/or don’t have trained personnel? Yet when they are offered money, many districts have not availed themselves of the support. Why? Brian New, Lexi Salazar, Scott Fralicks, and Mike Lozano have a somewhat…
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
Bys sA 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled. Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected…
Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering
Bys sA Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee. According to a report published by blockchain analytics firm Elliptic, merchants on the marketplace have been found to peddle technology, personal data, and money…