Microsoft Outlook stops displaying inline SVG images used in attacks

Microsoft says Outlook for Web and the new Outlook for Windows will no longer display risky inline SVG images that are being used in attacks. [...]

https://www.bleepingcomputer.com/news/security/microsoft-outlook-stops-displaying-inline-svg-images-used-in-attacks/

 Gmail business users can now send encrypted emails to anyone

Google says that Gmail enterprise users can now send end-to-end encrypted emails to people who use any email service or platform. [...]

https://www.bleepingcomputer.com/news/google/gmail-business-users-can-now-send-encrypted-emails-to-anyone/

 Oracle links Clop extortion attacks to July 2025 vulnerabilities

Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. [...]

https://www.bleepingcomputer.com/news/security/oracle-links-clop-extortion-attacks-to-july-security-flaws/

 Presenting AI to the Board as a CISO? Here’s a Template.

Boards want answers on AI: Where is it used? What risks does it create? How is it governed? Keep Aware released a free template to help CISOs present GenAI adoption, risk, exposure & controls clearly to leadership. [...]

https://www.bleepingcomputer.com/news/security/presenting-ai-to-the-board-as-a-ciso-heres-a-template/

 CommetJacking attack tricks Comet browser into stealing emails

A new attack called 'CometJacking' exploits URL parameters to pass to Perplexity's Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar. [...]

https://www.bleepingcomputer.com/news/security/commetjacking-attack-tricks-comet-browser-into-stealing-emails/

 ShinyHunters launches Salesforce data leak site to extort 39 victims

An extortion group has launched a new data leak site to publicly extort dozens of companies impacted by a wave of Salesforce breaches, leaking samples of data stolen in the attacks. [...]

https://www.bleepingcomputer.com/news/security/shinyhunters-starts-leaking-data-stolen-in-salesforce-attacks/

 Japanese beer giant Asahi confirms ransomware attack

Japanese beer-making giant Asahi has disclosed today that a ransomware attack caused the IT disruptions that forced it to shut down factories this week. [...]

https://www.bleepingcomputer.com/news/security/japanese-beer-giant-asahi-confirms-ransomware-attack/

 Renault and Dacia UK warn of data breach impacting customers

Customers of Renault and Dacia in the United Kingdom have been notified that sensitive information they shared with the car maker was compromised following a data breach at a third-party provider. [...]

https://www.bleepingcomputer.com/news/security/renault-and-dacia-uk-warn-of-data-breach-impacting-customers/

 Signal adds new cryptographic defense against quantum attacks

Signal announced the introduction of Sparse Post-Quantum Ratchet (SPQR), a new cryptographic component designed to withstand quantum computing threats. [...]

https://www.bleepingcomputer.com/news/security/signal-adds-new-cryptographic-defense-against-quantum-attacks/

 Opera wants you to pay $19.90 per month for its new AI browser

Opera Neon is a new browser that puts AI in control of your tabs and browsing activities, but it'll cost $19.90 per month. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/opera-wants-you-to-pay-1990-per-month-for-its-new-ai-browser/

 Hackers steal identifiable Discord user data in third-party breach

Hackers stole partial payment information and personally identifying data associated with some Discord users after compromising a third-party customer service provider. [...]

https://www.bleepingcomputer.com/news/security/hackers-steal-identifiable-discord-user-data-in-third-party-breach/

 Massive surge in scans targeting Palo Alto Networks login portals

A spike in suspicious scans targeting Palo Alto Networks login portals indicates clear reconnaissance efforts from suspicious IP addresses, researchers warn.  [...]

https://www.bleepingcomputer.com/news/security/massive-surge-in-scans-targeting-palo-alto-networks-login-portals/

 OpenAI prepares $4 ChatGPT Go for several new countries

OpenAI has been testing a new, cheaper ChatGPT plan called "Go," and it's now rolling out to more regions.  [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/openai-prepares-4-chatgpt-go-for-several-new-countries/

 OpenAI wants ChatGPT to be your emotional support

GPT-5 isn't as good as GPT-4o when it comes to emotional support, but that changes today. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/openai-wants-chatgpt-to-be-your-emotional-support/

 OpenAI rolls out GPT Codex Alpha with early access to new models

OpenAI's Codex is already making waves in the vibe coding vertical, and it's now set to get even better. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/openai-rolls-out-gpt-codex-alpha-with-early-access-to-new-models/

 ChatGPT social could be a thing, as leak shows direct messages support

OpenAI doesn't want ChatGPT to remain just a chatbot for interacting with a large language model. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/chatgpt-social-could-be-a-thing-as-leak-shows-direct-messages-support/

 Leaked Apple iPad Pro M5 benchmark shows it's faster than some laptop CPUs

A new leaked benchmark shows Apple's alleged M5 chip on an iPad, and it's almost as fast as a desktop CPU. [...]

https://www.bleepingcomputer.com/news/technology/leaked-apple-ipad-pro-m5-benchmark-shows-its-faster-than-some-laptop-cpus/

 ParkMobile pays... $1 each for 2021 data breach that hit 22 million

ParkMobile has finally wrapped up a class action lawsuit over the platform's 2021 data breach that hit 22 million users. But there's a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. [...]

https://www.bleepingcomputer.com/news/security/parkmobile-pays-1-each-for-2021-data-breach-that-hit-22-million/

 Hackers exploited Zimbra flaw as zero-day using iCalendar files

Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in zero-day attacks at the beginning of the year. [...]

https://www.bleepingcomputer.com/news/security/hackers-exploited-zimbra-flaw-as-zero-day-using-icalendar-files/

 Oracle patches EBS zero-day exploited in Clop data theft attacks

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. [...]

https://www.bleepingcomputer.com/news/security/oracle-patches-ebs-zero-day-exploited-in-clop-data-theft-attacks/

 XWorm malware resurfaces with ransomware module, over 35 plugins

New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project last year. [...]

https://www.bleepingcomputer.com/news/security/xworm-malware-resurfaces-with-ransomware-module-over-35-plugins/