Bleeping Computer.

Today is Microsoft's September 2025 Patch Tuesday, which includes security updates for 81 flaws, including two publicly disclosed zero-day vulnerabilities. [...]

Microsoft has released Windows 11 KB5065426 and KB5065431 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]

Kosovo national Liridon Masurica has pleaded guilty to running BlackDB.cc, a cybercrime marketplace that has been active since 2018. [...]

The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations. [...]

Adobe is warning of a critical vulnerability (CVE-2025-54236) in its Commerce and Magento Open Source platforms that researchers call SessionReaper and describe as one of " the most severe" flaws in the history of the product. [...]

Shadow assets don't care about your perimeter. EASM finds every internet-facing asset, surfaces unknowns, and prioritizes real risks—so you can fix exposures before attackers do. See how Outpost24 makes it easy. [...]

​Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams users from opening URLs and quarantine some of their emails. [...]

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. [...]

Microsoft is testing new File Explorer AI-powered features that will enable Windows 11 users to work with images and documents without needing to open the files. [...]

Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases. [...]

Large network scans have been  targeting Cisco ASA devices, prompting warnings from cybersecurity researchers that it could indicate an upcoming flaw in the products. [...]

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. [...]

Signal has introduced a new opt-in feature that helps users create end-to-end encrypted backups of their chats, allowing them to restore messages even if their phones are damaged or lost. [...]

American furniture brand Lovesac is warning that it suffered a data breach impacting an undisclosed number of individuals, stating their personal data was exposed in a cybersecurity incident. [...]

​Calcio, a large piracy sports streaming platform with more than 120 million visits in the past year, was shut down following a collaborative effort by the Alliance for Creativity and Entertainment (ACE) and DAZN. [...]

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. [...]

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in widespread Salesforce data theft attacks in August. [...]

With WSUS deprecated, it's time to move from an outdated legacy patching system to a modern one. Learn from Action1 how its modern patching platform offers cloud-native speed, 3rd-party coverage, real-time compliance, and zero infrastructure. Try it free now! [...]

Google plans to make it easier for users to access AI mode by allowing them to set it as the default, replacing the traditional blue links. [...]

ChatGPT's Projects feature is now feature and second new feature allows you to create new conversations from existing conversations. [...]