National cybersecurity agencies from seven countries have jointly released new guidance to enhance the security of OT systems. The guidance is intended for cybersecurity practitioners working in organizations that deploy or operate OT systems.

Researchers have uncovered privacy and security bugs in Tile tracking tags. These flaws allow malicious actors to track users, bypass anti-stalking protections, and even impersonate Tile tags to falsely implicate individuals.

The Medusa ransomware group claimed responsibility for a data breach at Comcast Corporation, alleging the theft of 834.4 GB of data. The group is demanding a $1.2 million ransom for either deleting the data or selling it to interested buyers.

The 2015 Cybersecurity Information Sharing Act is poised to expire on September 30. The law has been instrumental in enabling private sector entities to share cyber threat intelligence with federal agencies under legal protections.

A malware campaign is leveraging Google Ads and hijacked YouTube channels to distribute a Trojan disguised as TradingView Premium. The campaign It now uses over 500 domains and thousands of malicious ads daily in English, Vietnamese, and Thai.

Flaws have been identified in GitLab Community Edition (CE) and Enterprise Edition (EE), affecting versions prior to 18.4.1, 18.3.3, and 18.2.7. GitLab has released a security advisory and corresponding patch updates to address these issues.

RedNovember, a Chinese state-sponsored cyberespionage group, has conducted a global campaign from July 2024 to July 2025, targeting US defense contractors and a wide range of organizations across government, aerospace, legal, and industrial sectors.

The report focuses on DOGE’s activities at the General Services Administration (GSA), Office of Personnel Management (OPM), and Social Security Administration (SSA), revealing multiple instances of potential cybersecurity violations.

On September 25, 2025, the CISA issued Emergency Directive ED 25-03, mandating all U.S. federal agencies to identify and mitigate potential compromises in all versions of Cisco Adaptive Security Appliances (ASA) and Cisco Firepower devices.

A major transnational cybercrime crackdown, Operation Contender 3.0, has led to the arrest of 260 individuals and the dismantling of 81 cybercrime infrastructures across 14 African countries.