The Israeli intelligence unit, the Israeli equivalent of the US National Security Agency (NSA), has been stripped of access to some Microsoft Azure cloud services by the Redmond-based company. Unit 8200 had previously been accused of spying on Palestinians in Israeli-controlled territories using Microsoft technology. Microsoft has blocked the Israeli Ministry of Defense from accessing some of its Azure cloud services after media reports emerged that they were being used for mass surveillance of West Bank and Gaza residents, The Register reports. Microsoft Chairman Brad Smith issued a public statement following the publication of an article in the British newspaper The Guardian,

Hackers have breached Cisco networking equipment belonging to several US government agencies , Bloomberg reports. The cyber threat, which occurred on September 26, 2025, targeted US federal agencies, including Russian ministries. According to Chris Butera , acting deputy executive assistant to the director of cybersecurity at the U.S. Cybersecurity and Information Technology Infrastructure Agency (CISA) , the cyberattack affected a critical U.S. federal cyber infrastructure, but he did not specify which one. “The cyber threat is pervasive,” the official noted. On September 25, CISA issued a directive requiring civilian government employees to identify devices affected by the cyberattack, collect data, and assess

A new Google report highlights how artificial intelligence is now an integral part of the daily work of technology professionals. The study, conducted by its DORA (DevOps Research and Assessment) research division and based on 5,000 interviews with industry experts worldwide, reveals that 90% of respondents use AI tools. This represents a 14% increase compared to 2024. The survey comes at a time when the evolution of AI is fueling both excitement and fear, especially regarding its impact on employment. In May, Anthropic CEO Dario Amodei predicted a potential increase in unemployment linked to the technology’s spread, though other analysts have downplayed

At Haihui Port in Xiaoting, along the Yangtze River, a large red steel structure provided the backdrop for the delivery of a massive order of submarine cables from Yichang Qifan. Using a specialized system, the cables were transported from the workshop to the top of the structure and then neatly wrapped in a storage cage, in an operation worth hundreds of millions of yuan. According to Yu Jun, director of production, the company has already exceeded 500 million yuan in submarine cable shipments this year, with orders scheduled until the end of the year. Customers include strategic projects on the islands of

Microsoft has agreed to address the demands of European human rights activists and extend Windows 10 support to users in the European Economic Area (EEA) without further conditions. Extended Security Updates (ESU) will now be available free of charge, although the formal end of support for the system is still scheduled for October 14, 2025. In October last year, the company announced that Windows 10 owners could receive a year of security updates after the system “died,” but only for a one-time fee of $30 (or the equivalent based on local rates). In June, a “free” alternative was introduced: protection could be

F6 has reported a new wave of malicious emails associated with the Hive0117 group. Hive0117 has been active since February 2022 and uses the DarkWatchman RAT Trojan . The group disguises its campaigns as messages from legitimate organizations, records email infrastructure and control domains, and sometimes repurposes them . According to F6, DarkWatchman activity was detected on September 24, after several months of silence. The attacks were carried out under the guise of the Federal Bailiff Service from the address mail@fssp[.]buzz. Similar mailings were observed in June and July. Analysis revealed the domains 4ad74aab[.]cfd and 4ad74aab[.]xyz. The attacks targeted companies in Russia

Have you ever been told that if you find a USB flash drive on the ground, you shouldn’t plug it into your computer? Today, we’ll explain why you shouldn’t do that through a proof of concept (PoC). In this post, we’ll show you how to create a malicious USB that can infect a computer in seconds. A few lines of history. In 2010, the media reported a virus that had successfully infected a nuclear power plant in Iran. This malware, called Stuxnet, slowed down the centrifuges that enriched uranium, increasing the pressure to critical points. The plant had sensors that allowed it

Microsoft Threat Intelligence specialists have identified an attack in which attackers used artificial intelligence for the first time to disguise phishing code. The goal was to steal credentials from companies in the United States. The malicious SVG file hid its true functionality behind a layer of pseudo-corporate terminology and a simulated analytics dashboard , allowing it to bypass simple checks. Analysis revealed that the code’s structure was uncharacteristic of handwriting and was likely generated by a generative model. The emails came from a hacked corporate account , with the sender’s address matching the recipient’s, and the actual addresses BCCed. The attachment mimicked

On September 19, a major cyber incident occurred in Europe, affecting Collins Aerospace, one of the world’s largest aerospace technology suppliers . The attack disrupted airline operations and affected flights at major European hubs. The impact was particularly noticeable at London Heathrow Airport, where passengers faced flight delays and cancellations throughout the weekend. According to law enforcement, the attack targeted Collins Aerospace systems that support and coordinate a series of technological processes related to aviation safety and flight operations. The disruption of these services rapidly impacted the supply chain and operational processes, causing disruptions to air transport in several EU countries. On

Developers learned to trust the tools that help their AI assistants handle routine tasks, from sending emails to using databases. But this trust proved vulnerable: the postmark-mcp package, downloaded over 1,500 times a week since version 1.0.16, silently forwarded copies of all emails to an external server owned by its author . Internal company correspondence, invoices, passwords, and confidential documents were at risk. The incident demonstrated for the first time that MCP servers can be used as a full-fledged conduit for supply chain attacks . Researchers at Koi Security identified the issue when their system detected a sudden change in packet behavior.