In a few years, Ireland and the United States will be connected by an undersea communications cable designed to help Amazon improve its AWS services. Undersea cables are a vital part of the infrastructure connecting continents. According to media reports, there are currently approximately 570 cables laid across oceans and seas, with another 81 planned. Among these is the new Amazon Fastnet Cable, designed to connect the United States and Ireland in a few years and enhance the AWS network. As Amazon announced in a press release, the undersea cable will be laid between Maryland, USA, and County Cork, Ireland. While Amazon

Attackers are targeting WordPress websites by exploiting a critical vulnerability in the Post SMTP plugin, which has over 400,000 installations. Hackers are hijacking administrator accounts and gaining complete control over vulnerable resources. Post SMTP is one of the most popular plugins for sending emails from WordPress sites. Its developers propose it as an advanced alternative to the standard wp_mail() function, offering enhanced features and greater reliability. The vulnerability was discovered by a security researcher named netranger , who reported it to Wordfence on October 11. It has been assigned the identifier CVE-2025-11833 (CVSS score 9.8). The bug affects all versions of Post

Milan, November 4, 2025 – Cyberattacks that exploit publicly accessible applications, such as websites or corporate portals, to gain access to organizational systems are on the rise, and phishing attacks conducted through compromised corporate accounts are also on the rise . Ransomware attacks, however , are declining , although new, dangerous variants of this type of threat have been detected. These are the most significant data that emerged from the Cisco Talos Report – relating to the July, August and September quarters of 2025. Regarding cyberattacks exploiting publicly accessible applications , this method was used in more than six out of ten

The Apache OpenOffice project has come under scrutiny after the Akira ransomware group claimed to have carried out a cyberattack and stolen 23 gigabytes of internal data. However, the organization overseeing the development of the office suite disputes the veracity of these claims, citing a lack of evidence of a data leak and a discrepancy with the actual structure of the project. Information about the alleged attack appeared on the Akira leak website on October 30. The attackers claimed to have accessed internal reports, financial documents, and personal data, including addresses, phone numbers, driver’s licenses, Social Security numbers, and even banking information

Microsoft has issued an urgent warning to Windows operating system users regarding a potential issue that, starting with security updates distributed on October 14, 2025, could cause some devices to display the BitLocker recovery screen. The advisory emphasizes that server editions are not affected , limiting the scope to consumer and enterprise client environments . The issue affects three key client platforms: Windows 11 version 25H2 and 24H2, both linked to the source knowledge base article KB5066835, and Windows 10 version 22H2 in KB5066791. Microsoft is currently investigating specific client versions of Windows, primarily impacting Intel-based systems that feature Connected Standby. This

Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerability was discovered in system components of the operating system and described in the November 2025 Android Security Bulletin. The vulnerability, identified as CVE-2025-48593, is considered one of the most dangerous in recent years . It affects several versions of the Android Open Source Project (AOSP), from 13 to 16, and can be exploited for remote code execution (RCE) without requiring additional privileges or action from the device owner. Google estimates that attackers

Attackers are using an advanced technique involving sideloading DLLs via the Microsoft OneDrive application. This allows them to execute malicious code undetected by security mechanisms. The attack uses a modified DLL library as a tool to hijack legitimate Windows processes and ensure persistence on infected systems. This method is particularly effective because it avoids the persistent code changes that signature-based detection systems typically identify. According to the Kas-sec security advisory, the attackers placed a spoofed version.dll file in the same directory as OneDrive.exe, exploiting the application’s dependency search order. The technique specifically targets version.dll because many Windows applications, including OneDrive, rely on