The GNOME project has banned developers from including AI-generated code in its shell extensions

AI and GNOME Shell Extensions – GNOME Shell Extensions

Why we have added a new rule to the EGO review guidelines. So the packages with unnecessary code that indicate they are AI-generated will be rejected.

Meta finds that the state government of the autonomous region of Gagauzia, in Moldova, has directly sponsored Kremlin propaganda in the country

Meta’s threat disruptions | Transparency Center

This list provides a deep dive into our work to detect and counter security threats on our platform, broken down by year. We will continue to updat...

Google is now tracking at least five Chinese cyber-espionage groups that are exploiting the React2Shell vulnerability for initial access. The groups are UNC6600, UNC6586, UNC6588, UNC6603, and UNC6603. This is up from two at the beginning. https://cloud.google.com/blog/topics/threat-intelligence/threat-actors-exploit-react2shell-cve-2025-55182/

A report on Weyhro C2, a new offensive toolkit advertised on underground forums. The toolkit appears to be the work of the individual behind the (now-failed) Weyhro ransomware from March this year. https://lumma-labs.com/weyhro-c2-because-ransomware-wasnt-paying-the-bills-anymore-b136fd7ef100

An activist was charged with destruction of evidence after resetting his phone to factory settings https://www.techspot.com/news/110560-man-arrested-allegedly-wiping-google-pixel-before-cbp.html

The Dutch NCSC on the Notepad++ update hijack attacks: "Currently, as far as is known, only organizations with interests in East Asia are victims of targeted attacks" cc: @npub17lgy...9uux

NCSC - Kwetsbaarheid Notepad ++

Arena Breakout is giving out 10-year bans for cheating

"Germany has accused Russia of a cyber-attack on air traffic control and attempted electoral interference, and summoned the Russian ambassador. "

Germany accuses Russia of 2024 cyber attack and election disinformation campaign

The Russian ambassador is summoned over a cyber-attack on air traffic control and attempted electoral interference.

-EU has a problem attracting and retaining cyber talent -Coupang CEO resigns following breach -NoName057 and CARR member charged in the US -Chrome and Gogs zero-days -UK sanctions Chinese hacking firms -Coupang hacker was a cyber employee -Petco takes down leaky Vetco site -UK fines LastPass over breach -Ransomware at HSE Ireland, again -Russia denies military registry hack -New PowerShell security feature Newsletter:

Risky.Biz

EU has a problem attracting and retaining cyber talent

In other news: Coupang CEO resigns following breach; NoName057 and CARR member charged in the US; Chrome and Gogs zero-days.

Podcast:

Risky Bulletin: EU has a problem attracting and retaining cyber talent - Risky Business Media

The EU has a problem attracting and retaining cyber talent, the CEO of Coupang resigns following the company’s security breach, Microsoft [Read ...

MITRE has published the list of Top 25 most common software vulnerabilities of 2025, also known as the CWE Top 25

CWE - 2025 CWE Top 25 Most Dangerous Software Weaknesses

Common Weakness Enumeration (CWE) is a list of software and hardware weaknesses.