Newsletters

A mysterious threat actor is abusing the legacy Internet Explorer mode in Microsoft Edge to run malicious code in a user's browser and take over their device.

The attacks have been going on since at least August, according to the Microsoft Edge security team.

The Internet Explorer legacy mode, or IE Mode, is a separate website execution environment in Edge. It works by reloading a web page but running its code inside the old Internet Explorer engines.

The European Union has scrapped next week's vote on Chat Control, proposed legislation that would have mandated tech companies to break their encryption to scan content for child abuse materials.

The project was supposed to be put to a vote on Tuesday, October 14, during a meeting of interior ministers of EU member states.

Denmark, which currently holds the EU presidency and was backing the legislation, scrapped the vote, according to reports on Austrian and German media.

The Clop ransomware gang is once again in the news after a mass exploitation campaign targeting users of Oracle's E-business Suite. This month Clop emailed executives at victim companies threatening to leak stolen files if it does not receive payment. 

Stealing data to extort companies is not good, but it is a hell of a lot better than systems getting locked up with encrypting ransomware, leading to weeks of factory shutdowns. Right now, from a government perspective, it would be a win if every campaign looked like Clop's.  

The group has been active since 2019, making it one of the longer-lasting ransomware gangs. It initially deployed standard encrypting ransomware, but in 2020 it was one of the first groups to experiment with 'double extortion'. 

The Redis database project released a security update last week to patch a critical vulnerability that can allow remote attackers to run malicious code and take over systems.

The vulnerability is as bad as it gets and impacts all Redis versions released over the past 13 years.

The vulnerability is tracked as CVE-2025-49844, but the Google Wiz team that discovered it calls it RediShell.

Microsoft and the Steam gaming platform have reacted over the weekend to a new security flaw discovered in Unity, one of today's most widely used game engines.

The vulnerability was discovered by RyotaK, a researcher for GMA Flatt Security, who has quite a few of these high-impact bugs to his name.

The bug is tracked as CVE-2025-59489, and it allows malicious apps on the same device to add command-line arguments to Unity-based games that load malicious code together with a game.

China has sentenced 11 individuals to death for their role in running cyber scam compounds in Myanmar.

Five other individuals received suspended death sentences for two years, 11 others received life sentences, and 12 more got prison terms ranging from five to 24 years.

The suspects were members of the infamous Ming crime family. They were arrested in November of 2023, when the Chinese government first started seriously cracking down on scam compounds targeting its citizens.

Foreign intelligence services are experimenting with new ways of using domestic proxies to facilitate overseas operations. 

In the Netherlands, two teenagers have been arrested after reportedly being recruited by pro-Russian hackers on Telegram to assist with cyber espionage operations. Dutch authorities allege that the pair were tasked with Wi-Fi collection along a route in The Hague that went past Europol, Eurojust and the Canadian embassy.  

A mysterious threat actor is abusing Milesight industrial cellular routers to send SMS spam, also known as smishing, to users in several European countries.

According to French security firm Sekoia, the campaign has been silently going on without detection since at least February 2022.

The attackers are targeting a feature of Milesight routers that lets admins configure to receive SMS alerts. Such a feature is common in industrial routers that connect remote equipment to a larger network via a cellular modem, with admins receiving alerts when the equipment connection goes offline and may not be in a state where it can be managed.

The UK government has agreed to underwrite a £1.5 billion loan to Jaguar Land Rover to help the carmaker deal with the increasingly costly aftermath of a recent cyberattack that has crippled its production and shut down factories for almost a month.

The underwrite was approved on Sunday after a visit from UK Business Secretary Peter Kyle to the headquarters of JLR and its main supply chain firm Webasto this week.

JLR fell victim to a ransomware attack—supposedly from the HellCat group—on August 31. Production lines at all JLE factories have been shut down ever since, and are expected to last into October.

Most European users will receive Windows 10 Extended Security Updates (ESU) for free.

These are security updates that Microsoft will provide to users after the Windows 10 operating system reaches end-of-life on October 14, less than three weeks away.

Normally, ESUs are available to enterprise customers, but last year, Microsoft took the novel step of providing the first-ever ESUs to home consumers. For $30, half the sum a company would pay, Windows 10 home users could have received security updates for an extra year.