Latest News

Due to a bug in the sandbox configuration logic, Codex CLI could treat a model-generated `cwd` as the sandbox’s writable root, including paths outside of the folder where the user started their session. This logic bypassed the intended workspace boundary and enables arbitrary file writes and command execution where the Codex process has permissions - this did not impact the network-disabled sandbox restriction. **Remediation** We released a patch in Codex CLI **0.39.0** that canonicalizes and validates that the boundary used for sandbox policy is based on where the user started the session, and not the one generated by the model. Users running 0.38.0 or earlier should update immediately via their package manager or by reinstalling the latest Codex CLI to ensure sandbox boundaries are enforced. If using the Codex IDE extension, users should immediately update to **0.4.12** for a fix of the sandbox issue.

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It's assessed to be affiliated with Iran's Islamic

New investigation exposes a China-based ring that sold over 6,500 fake United States and Canadian IDs using well-planned covert packaging. Learn how this operation threatens national security and enables financial crime.

A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. "REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a variety of open proxies it finds freely available online," the company said in a report shared with

Following a pandemic-era respite, financial fraud linked to synthetic identities is rising again, with firms potentially facing $3.3 billion in damages from new accounts.

New York, New York, 19th September 2025, CyberNewsWire

Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity. "A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged

The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "Phishing-as-a-Service (PhaaS) deployments have risen significantly recently," Netcraft said in a new report. "The PhaaS operators charge a monthly fee for phishing software with pre-installed templates impersonating, in some cases,

Frameworks may seem daunting to implement — especially for government IT teams that may not have an abundance of resources and expertise. But beginning implementation is better than never starting.

A Charming Kitten subgroup is performing some of the most bespoke cyberattacks ever witnessed in the wild, to down select high-value targets.