Kirsten Doyle

The European General Court has backed the EU-U.S. Data Privacy Framework (DPF). The ruling clears legal uncertainty for organisations moving data across the Atlantic. It upholds the European Commission’s adequacy decision, and confirms that the framework protects personal data while still enabling cross-border digital activity. ITI and its members welcomed the decision. It provides clarity for entities of all sizes, from the largest multinationals to their SME counterparts. It also sees that personal data is protected under Europe’s strong privacy standards. “This ruling sends a clear signal: the Data Privacy Framework stands on solid legal and rights-based foundations,” said ITI…

WhatsApp has disclosed a zero-day flaw that was used in precision attacks against Apple users. The bug, tracked as CVE-2025-55177 with a CVSS score of 8.0, involved incomplete authorization of linked device sync messages. In practice, that meant an attacker could trick a device into processing content from arbitrary URLs. The issue affected WhatsApp for iOS before version 2.25.21.73, WhatsApp Business for iOS before 2.25.21.78, and WhatsApp for Mac before 2.25.21.78.  According to WhatsApp’s advisory, the flaw appears to have been paired with another Apple vulnerability, CVE-2025-43300, in a sophisticated campaign aimed at select targets. Apple patched CVE-2025-43300 on August…

Jaguar Land Rover (JLR) has fallen victim to a cyber-attack. In a statement JLR said: “JLR has been impacted by a cyber incident. We took immediate action to mitigate its impact by proactively shutting down our systems. We are now working at pace to restart our global applications in a controlled manner.” The company, owned by India’s Tata Motors, said at this time there is no evidence any customer data has been stolen but its retail and production activities have been severely disrupted.  It said it moved fast to contain the breach and is working to bring systems back online. …

The European Union said Monday that Russia was suspected of jamming the GPS system of a plane carrying European Commission President Ursula von der Leyen to Bulgaria on Sunday. “We can indeed confirm that there was GPS jamming, but the plane landed safely in Bulgaria,” a European Commission spokesperson told reporters. “We have received information from the Bulgarian authorities that they suspect that this was due to blatant interference by Russia.”  The spokesperson said Europe was used to such moves. “We are of course aware and used to the threats and intimidations that are a regular component of Russia’s hostile…

Zscaler has disclosed a security incident tied to Salesloft Drift, a marketing automation service used by many Salesforce customers. The company has confirmed that attackers stole OAuth tokens connected to Drift, which opened a door to certain Salesforce data. Zscaler was among the organizations affected.  Zsclaler stressed that its own products, services, and core infrastructure were not touched and that the breach was confined to Salesforce. What was exposed? Mostly business contact details: names, emails, job titles, phone numbers, and regional information. Some Salesforce-related content was also accessed, including licensing and commercial details, as well as plain text from certain…

Check Point Research has uncovered a new campaign tied to the Silver Fox APT group. The operation relies on signed but vulnerable Windows drivers to slip through security defenses and deliver ValleyRAT, a modular backdoor.  Two drivers are key to this operation, both built on the Zemana Anti-Malware SDK. One is old and already flagged and blocked on most systems, while the other is new, still trusted, and signed by Microsoft. That signature means it loads without question, even on fully updated Windows 10 and 11 machines. Both drivers share the same ability: they can terminate protected processes, the very…

A new malvertising wave is moving from desktops to phones. The platform: Meta’s ad network. The target: Android users. The prize: cryptocurrency. Bitdefender Labs says attackers have shifted gears after months of hitting Windows. Now the lure is a fake TradingView Premium app, pushed through Facebook ads. The download doesn’t deliver charting software. It drops a trojan, an evolved strain of Brokewell. This is no simple stealer. Once installed, it asks for deep device permissions. It hides behind update prompts, pushes for lock screen PINs, and overlays fake login screens. With those footholds, it can drain wallets, scrape 2FA codes,…

The Cybersecurity and Infrastructure Security Agency (CISA), together with the NSA, FBI, and more than a dozen international partners, has issued a joint advisory on Chinese state-sponsored cyber activity. The alert, AA25-239A, details the long-running operations of Advanced Persistent Threat (APT) actors tracked as Salt Typhoon, OPERATOR PANDA, RedMike, UNC5807, and GhostEmperor.  These actors have been compromising networks worldwide since at least 2021. They target telecoms, government, transportation, lodging, and military infrastructure. Their campaigns rely on exploiting network edge devices (routers and gateways) to gain persistent access, pivot into trusted networks, and monitor global communications. Unlike opportunistic ransomware attacks, these…

An attacker turned an AI chatbot into a full-scale criminal operation. The target: at least 17 companies across healthcare, government, and emergency services. The tool: Claude, Anthropic’s advanced AI. The result is a cybercrime campaign of staggering scope and sophistication. Anthropic revealed the operation in a report released this week. The bad actor leveraged Claude Code, a chatbot designed to write software from simple prompts, to identify vulnerable targets. Then, it created malware to steal sensitive files, organized the stolen data, analyzed financial documents, suggested ransom amounts in bitcoin, and even drafted the extortion emails themselves. “The actor used AI…

This week, TransUnion confirmed a major cyber incident that exposed personal data of more than 4.4 million people. The breach happened on 28 July, and was discovered two days later. Notification letters began reaching affected consumers on 26 August. “We are writing to make you aware of a cyber incident involving unauthorized access to some of your personal data that was stored on a third-party application. Importantly, no credit information was accessed,” TransUnion’s letter says. The compromised data reportedly includes names and other personal identifiers paired with unspecified sensitive information. Details on how the attackers gained access have not been…