Getting salty with LLMs: SophosAI unveils new defense against jailbreaking at CAMLIS 2025
On October 22-24, SophosAI will present research on ‘LLM salting’ (a novel countermeasure against jailbreaks) and command line classification at CAMLIS 2025
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased “operations tempo” from the threat actor. The findings come from Google Threat Intelligence Group (GTIG), which said the state-sponsored hacking crew has rapidly refined and retooled its malware arsenal merely five days…
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access. Salt Typhoon, also…
ColdRiver Drops Fresh Malware on Targets
The Russia-backed threat actor’s latest cyber spying campaign is a classic example of how quickly sophisticated hacking groups can pivot when exposed.
International Sting Takes Down SIM Box Criminal Network
The operation took down a massive SIM card fraud network that provided fake phone numbers from more than 80 countries to criminals.
Is Your Car a BYOD Risk? Researchers Demonstrate How
If an employee’s phone connects to their car and then their corporate network, an attack against the car can reach the company.
Five New Exploited Bugs Land in CISA’s Catalog — Oracle and Microsoft Among Targets
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite (EBS) has been weaponized in real-world attacks. The security defect in question is CVE-2025-61884 (CVSS score: 7.5), which has been described as a
Flawed Vendor Guidance Exposes Enterprises to Avoidable Risk
Oracle E-Business Suite customers received conflicting deployment guidance, leaving enterprises exposed a recent zero-day flaw, Andrew argues.
Sophos Intelix for Microsoft Copilot now brings threat intelligence directly into Copilot
World-class threat intelligence available directly where analysts work.
New Microchip Tech Protects Vehicles from Laser Attacks
“FD-SOI” makes hardware attacks on silicon chips more difficult. And, researchers argue, it’ll help OEMs with regulatory compliance.