BU-CERT – Bournemouth University Computer Emergency Response Team

Flights cancelled after cyber attack hits European airports as Heathrow warns of delays

Posted on 20 September 2025

From: independent.co.uk

Flights have been delayed and cancelled at several European airports after a cyber attack targeting a service provider for check-in and boarding systems.

The attack has rendered automated systems inoperable, allowing only manual check-in and boarding procedures, according to Brussels Airport.

London Heathrow and Berlin airport also said the attack was disrupting its flights, with passengers advised to confirm their travel with airlines before heading to the airport on Saturday.

New LunaLock ransomware group emerges with unique extortion tactic

Posted on 4 September 2025

From cyberdaily.au

Hacker targets art commissioning site Artists&Clients and threatens to share artworks in AI training datasets: “[….]Additionally, we will submit all artwork to AI companies to be added to training datasets,” LunaLock said.

First known AI-powered ransomware uncovered by ESET Research

Posted on 28 August 2025

From welivesecurity.com

ESET researchers have discovered what they called “the first known AI-powered ransomware”. The malware, which ESET has named PromptLock, has the ability to exfiltrate, encrypt and possibly even destroy data, though this last functionality appears not to have been implemented in the malware yet.

While PromptLock was not spotted in actual attacks and is instead thought to be a proof-of-concept (PoC) or a work in progress, ESET’s discovery shows how malicious use of publicly-available AI tools could supercharge ransomware and other pervasive cyberthreats.

FBI seized multiple piracy sites distributing pirated video games

Posted on 16 July 2025

From securityaffairs.com

FBI seizes multiple piracy sites for Nintendo Switch and PlayStation 4 games, dismantling their infrastructure.

The FBI, with the help of the Dutch FIOD, seized multiple piracy sites distributing pirated video games, including nsw2u.com, ps4pkg.com, and mgnetu.com, dismantling their infrastructure. These sites, active for over four years, offered early access to popular game titles and logged 3.2 million downloads between February and May 2025, causing an estimated $170 million in losses.

13-year-old hacks Microsoft Teams, rewrites rules for global security program

Posted on 6 July 2025

From interestingengineering.com

Dylan has filed over 20 vulnerabilities, earned a top-three finish at Zero Day Quest, and changed Microsoft’s security policy.

Bug bounty programs attract some of the most skilled engineers in cybersecurity. These are professionals who find their way through enterprise-level software in search of vulnerabilities for recognition, impact, or high payouts.

But Dylan, a high school junior, entered that world at just 13. His first major find, a critical Microsoft Teams vulnerability, didn’t just earn him accolades. It led Microsoft to rewrite the rules of its bug bounty program to allow teenage researchers.

chwoot: Critical Linux vulnerability makes users root on most systems

Posted on 3 July 2025

From heise.de

An example exploit is available online and works on many standard systems. Admins should quickly install the available updates.

There is a critical security flaw in the Linux tool “sudo” and makes unprivileged users “root”, the system administrator, in no time at all. The reason for the malaise: a bug in the chroot function of sudo. This function is actually intended to “lock” users in their home directory, but allows them to break out of it and extend their rights. An update is available; admins of multi-user systems should act quickly.

The vulnerability exploits a bug in the chroot implementation. Between two function calls, this calls the “Name Service Switch” (NSS), which in turn loads the file /etc/nsswitch.conf. The attacker can now cause this function to load a file he has prepared with C code (a dynamic .so library) and execute it with root rights.

Notepad++ Vulnerability Let Attacker Gain Complete System Control – PoC Released

Posted on 25 June 2025

From cybersecuritynews.com

A severe privilege escalation vulnerability has been discovered in Notepad++ version 8.8.1, potentially exposing millions of users worldwide to complete system compromise.

The flaw, designated CVE-2025-49144, allows attackers to gain SYSTEM-level privileges through a technique known as binary planting, with a proof-of-concept demonstration now publicly available.

The vulnerability affects the Notepad++ v8.8.1 installer released on May 5, 2025, exploiting an uncontrolled executable search path that enables local privilege escalation attacks.