Bleeping Computer.

Microsoft is testing a faster version of Quick Machine Recovery (QMR) and updated Smart App Control (SAC), allowing users to toggle it without requiring a Windows clean install. [...]

QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition. [...]

A threat actor exploited a zero-day vulnerability in Samsung's Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp. [...]

Cisco warned this week that two vulnerabilities, which have been exploited in zero-day attacks, are now being abused to force ASA and FTD firewalls into reboot loops. [...]

ID laws are forcing companies to store massive amounts of sensitive data, turning compliance into a security risk. Acronis explains how integrated backup and cybersecurity platforms help MSPs reduce complexity and close the gaps attackers exploit. [...]

Google is planning to ship two new models. One is Gemini 3, which is optimised for coding and regular use, and the second is Nano Banano 2 for generating realistic images. [...]

The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data. [...]

A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace. [...]

The State of Nevada has completed its recovery from a ransomware attack it suffered on August 24, 2025, which impacted 60 state agencies, disrupting critical services related to health and public safety. [...]

Red and blue teams often operate independently, but attackers don't. Picus Security shows how continuous purple teaming and BAS turn red-blue rivalry into real defense, validating controls and closing gaps in real time. [...]

ClickFix attacks have evolved to feature videos that guide victims through the self-infection process, a timer to pressure targets into taking risky actions, and automatic  detection of the operating system to provide the correct commands. [...]

Cisco has released security updates to patch a critical vulnerability in the Unified Contact Center Express (UCCX) software, which could enable attackers to execute commands with root privileges. [...]

Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine's education, government, and the grain sector, the country's main revenue source. [...]

The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware. [...]

Hyundai AutoEver America is notifying individuals that hackers breached the company's IT environment and gained access to personal information. [...]

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP). [...]

The Microsoft Store on the web now lets you create a multi-app install package on Windows 11 that installs multiple applications from a single installer. [...]

SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files concludes that state-sponsored hackers were behind the attack. [...]

Under a new partnership with the government aimed at combating fraud, Britain's largest mobile carriers have committed to upgrading their networks to eliminate scammers' ability to spoof phone numbers within a year. [...]

The University of Pennsylvania has confirmed that a hacker breached numerous internal systems related to the university's development and alumni activities and stole data in a cyberattack.  [...]