Infosec News
In today's interconnected digital landscape, cyber security threats are no longer confined to national borders. Malware, phishing attacks, data breaches, and other forms of cyber crime can strike at any moment, anywhere in the world. To help you stay informed and prepared, our curated list aggregates the most important InfoSec news from around the globe. From major breach announcements to emerging trends in cyber security research, this roundup brings you the latest developments that impact your digital security and online privacy. Whether you're a security professional, IT administrator, or just tech-savvy individual, we've got you covered with the insights and intelligence you need to navigate our rapidly changing cyber environment.
LibreOffice Tries Its Hand At Markdown In Latest Update |
 Plain-text fanatics now have a reason to celebrate – LibreOffice has finally added native CommonMark import and export. This means users of the free and open-source productivity suite can enjoy seamless markdown functionality without the need for plugins or third-party extensions, making their writing lives just that little bit easier. The addition could breathe new life into markdown's popularity as more people discover its joys – a welcome development after two decades in the wilderness. |
Burnout and Brain Drain: The Hidden Dangers of Overmanaging IT Agents |
 As AI becomes increasingly prevalent in the workplace, staff often struggle to cope with the plethora of digital assistants tasked with managing various aspects of their work. This can lead to frustration and a sense of overwhelm, as individuals feel compelled to devote significant time and energy to monitoring and maintaining these agents. In some cases, this may even be detrimental to productivity and overall job satisfaction. |
Hewlett Packard Enterprise's Fine Print Fiasco: When Quoted Prices Aren't What You Pay |
 Big Green is having sleepless nights as storage costs continue to soar. With memory and storage accounting for more than half of a server's price tag, HPE has updated its terms to allow for price hikes post-quote, reflecting the volatile market for these essential components. This move aims to cushion profits as prices fluctuate wildly, ensuring Big Green can keep its margins intact despite rising costs. |
The Search Beyond the Stars: Is SETI's Quest for Alien Life a Narrow Endeavour? |
 Solar winds in the vicinity of potential alien habitats and our own might be dispersing signs of technosignatures. The SETI Institute has questioned its methodology, suggesting they may need to adjust their approach to the search for extraterrestrial intelligence. The institute currently analyses radio waves for anomalies that are unlikely to have natural causes, but it now believes this method might not be effective in detecting artificial signals from space. |
LaserDisc Flicks Revisited: A Budget Breakdown |
 Retro Tech Fan Spies LaserDisc Footage with £100 MicroscopeA hobbyist has shown off his unusual method for playing vintage video from laserdiscs by zooming in incredibly closely on the disc tracks using an affordable digital microscope. The geeky enthusiast, who wishes to remain anonymous, spent just £100 on a microscope capable of magnifying the microscopic grooves on the disc, which contain the encoded video information. |
Amazon disputes claims that its artificial intelligence algorithms are behind recent outages, arguing instead that human error and network congestion are to blame. |
 E-souk rejects report tying AI-assisted code changes to recent outagesAmazon's weekly operations meeting discussed high-impact incidents, but denies link to AI.In a statement issued today, E-souk has refuted claims that generative AI may have caused the company's recent service outages. Despite the fact that AI-assisted code changes were reportedly at the centre of attention in Amazon's weekly operations meeting, the retailer is downplaying any potential problems with its use of artificial intelligence. |
AIOps Tools Tackle Legacy Agent-Induced Chaos |
 Three leading tech companies - Cohesity, ServiceNow, and Datadog - have joined forces to launch an innovative recoverability suite aimed at mitigating AI-driven data disasters. This new service will proactively search for and rectify files and data compromised by malicious AI activity, restoring systems back to a safe state. The joint initiative acknowledges the growing need for robust solutions to counteract the increasing threat posed by artificial intelligence gone rogue. |
SaaS providers are getting a leg up on security with AI-powered coding tools |
 Cloud computing giant Oracle reckons it has weathered the storm and its half-a-trillion-dollar cloud orders on the books will allow it to coast through financial difficulties faced by other tech companies.The company cites improvements in AI-powered code generation tools as a key factor in its resilience, making it more efficient and competitive. This efficiency allows Oracle to avoid the looming 'SaaSpocalypse,' a predicted downturn in the software-as-a-service (SaaS) market due to economic uncertainty. Meanwhile, smaller SaaS companies are facing challenges due to increased competition and decreased spending on cloud services. |
The Government's Digital Identity Plans Delayed by Lack of Clear Vision |
 Digital Identity System Costs Remain Unclear Despite ConsultationDespite launching a public consultation for its digital identity system, the British Government still refuses to give an estimated price tag. The consultation was launched recently but officials insist that the final costs will only become clear once they make decisions after the feedback is received.This lack of transparency on costs has raised concerns among privacy advocates and critics who question why the government can't provide a rough estimate for such a significant project. The digital identity system, which aims to secure people's online transactions by creating a national ID, is expected to affect millions in the UK. |
Fender's Modest Headphone Offering Falls Short |
 Fender's innovation is set to revolutionise the world of music by introducing a new line of headphones that can be customised and repaired, reducing electronic waste and saving consumers money. These eco-friendly devices boast interchangeable components, making it possible for users to replace damaged or worn-out parts rather than discarding the entire product. This approach not only lessens environmental impact but also offers cost-effectiveness, allowing individuals to upgrade their headphones as they see fit without having to purchase a new pair altogether. |
2026-03-08 Read more on Wired (www.wired.com) |
Artificial Intelligence: The Silent Assassin of Venture Capitalism? |
 Venture capital firms have invested billions into AI startups, but few have taken steps to protect themselves from potential disruptions caused by these same technologies.VCs bet big on tech trends, often with little thought for their own vulnerabilities. As AI advances, they may find themselves on the wrong side of innovation. Investors who fail to adapt risk being displaced by more efficient, automated rivals.A wake-up call for VCs: be careful what you wish for - your future success depends on it. |
2026-03-09 Read more on Wired (www.wired.com) |
Fakes and Fictions: The Perils of Artificially Augmented Reporting on Conflict in Persia |
 In an astonishing turn of events, social media giant X has been caught red-handed for allegedly failing to properly authenticate videos from the Iran conflict. This blunder has resulted in the dissemination of dubious and potentially misleading information to users. Furthermore, X's reliance on AI-generated images to illustrate its content has sparked concerns about the accuracy and reliability of these visuals. |
2026-03-10 Read more on Wired (www.wired.com) |
The Therapeutic Thunderbolt: A Hands-On Exploration of the Rally Orbital Massager |
 This is an intriguing review of a massage device that highlights its unique circular design amidst a plethora of percussive models. While acknowledging some minor shortcomings, the reviewer draws attention to the product's standout feature: its distinctiveness from more conventional percussion-based massagers.Here's my version:A lone circular beacon in a sea of percussive rivals, this massager stands out with its refreshing change from traditional pounding heads. |
2026-03-11 Read more on Wired (www.wired.com) |
Oracle's E-Business Suite Exposed: Critical Flaw Paves Way for Remote Code Hijacking |
 Oracle's E-Business Suite has suffered a serious blow with the discovery of a critical vulnerability that enables remote code execution. This potentially far-reaching flaw in Oracle's comprehensive business application suite allows attackers to execute malicious code within affected components, granting them the power to install programs, tamper with data, delete files or even create new accounts with administrator privileges. |
2025-10-16 Read more on Center for Internet Security (www.cisecurity.org) |
Android Flaw Exposed: Potential for Distant Code Run |
 Google Android OS plagued by multiple vulnerabilities, including one that poses a significant threat to mobile users' security. The flaw in question allows for remote code execution, putting user data at risk of being accessed, modified or deleted. With proper exploitation, attackers could install new apps, create superuser accounts and wreak havoc on devices. Google has yet to comment on the issue but urges immediate patching for affected Android versions. |
2025-11-10 Read more on Center for Internet Security (www.cisecurity.org) |
Adobe Fiasco: Critical Flaws Found in Software Suite |
 Multiple severe vulnerabilities discovered in Adobe productsAdobe has uncovered multiple flaws in its software suite, including InDesign, InCopy, Photoshop, Illustrator, Illustrator mobile, Pass, Substance 3D and Format Plugins. The most critical vulnerability allows for arbitrary code execution when exploited, giving attackers elevated privileges to install programs, view, modify or delete data or create new user accounts with administrator rights if the exploit is successful. |
2025-11-11 Read more on Center for Internet Security (www.cisecurity.org) |
Buggy Business: Mozilla's Software Riddled with Flaws, Hackers on High Alert |
 Several vulnerabilities found in Mozilla products, including Firefox and Firefox ESR, pose a threat of arbitrary code execution. The most severe vulnerability allows attackers to execute malicious code, install programs, modify data, delete files, or create new accounts with administrator privileges if exploited successfully. Users with limited system permissions might be less affected than those running with administrative rights. |
2025-12-09 Read more on Center for Internet Security (www.cisecurity.org) |
Vulnerabilities in Google Chrome Leave Users Exposed to Potentially Devastating Exploit Attacks |
 Multiple vulnerabilities discovered in Google Chrome's latest update, allowing malicious hackers to execute arbitrary code and wreak havoc on users' systems if exploited successfully. The most severe flaw grants attackers unfettered access to all data and functions of the logged-in user, including installing programs, modifying files, deleting data and creating new accounts with full admin rights. Users with less restrictive permissions are likely to be less affected than those who use administrator-level access. |
2025-12-12 Read more on Center for Internet Security (www.cisecurity.org) |
Google Chrome's Multiple Flaws: A Cybersecurity Nightmare Waiting to Unfold |
 Cyber Security Alert: Multiple Vulnerabilities Found in Google ChromeGoogle's flagship browser has been hit by a slew of security flaws, including one that could allow malicious code execution. The most severe vulnerability allows arbitrary code execution in the context of the logged-in user, potentially giving an attacker control over sensitive data and system functions. Those running with administrative privileges face the greatest risk. |
2026-01-14 Read more on Center for Internet Security (www.cisecurity.org) |
Microsoft Office Zero Day Exploit Uncovered: What You Need to Know |
 Microsoft Office Flaw Allows Security Feature BypassA critical vulnerability has been identified in Microsoft Office, potentially permitting malicious actors to bypass security features. This issue affects the popular software suite used for productivity and everyday computing tasks, including document creation, data management, and presentation design. Exploitation of the flaw requires a user to open a specifically crafted Office file sent by an attacker, although the Preview Pane is not considered a risk. |
2026-01-27 Read more on Center for Internet Security (www.cisecurity.org) |
A Zero-Day Flaw Rocks Google Chrome, Puts Users at Risk of Malicious Exploitation |
 Google Chrome Vulnerability Lets Hackers Hijack PCs and Steal Data - A critical security flaw has been found in Google's popular web browser, allowing hackers to potentially steal data and install malware. The bug, which exists across all versions of Chrome since 2008, allows arbitrary code execution when exploited. This could grant a hacker full administrative rights, putting users at risk. Users with limited privileges would be less affected than those with administrator access. Google has yet to release a fix for the issue. |
2026-02-18 Read more on Center for Internet Security (www.cisecurity.org) |
Title: Dell's RecoverPoint for Virtual Machines Hit with Critical Security Flaw |
 A vulnerability has been unearthed in Dell RecoverPoint for Virtual Machines, a VMware-based solution for enterprise-grade replication and recovery of virtual machines (VMs). This oversight allows for arbitrary code execution when exploited. If successfully attacked, an intruder could execute arbitrary code as the logged-in user; potentially installing programmes, viewing, altering or deleting data, creating new accounts with complete user privileges or merely observing data. The impact on users will vary depending on their system access rights - those using standard user accounts may be less affected than administrators. |
2026-02-18 Read more on Center for Internet Security (www.cisecurity.org) |
A knee-jerk reaction - A corporate panic response that puts customers at risk. |
 Australian companies plagued by data breaches are using a familiar tactic: calling on courts to ban access to leaked information. This approach benefits hackers and scammers, who profit from secrecy surrounding compromised customer details. A recent example is Qantas's decision after five million frequent flyer accounts were hacked, leading to calls for customers to report suspicious transactions. |
London's Municipal Network Struck Down by Wave of Cyber-Attacks - Councils Activate Emergency Measures |
 London's Kensington and Chelsea, Westminster, and Hammersmith and Fulham councils are dealing with cyber-attacks that have led the National Crime Agency (NCA) to investigate whether personal data has been compromised. Emergency plans have been rolled out as a result of these incidents, which may be connected given the sharing of IT infrastructure between Kensington and Chelsea and Westminster. Several computerised systems have been shut down at both councils to limit potential damage, with phone lines also affected. Hammersmith and Fulham council has reported an attack, suggesting these could be related attacks on multiple local authorities in London. |
Cracking the code of ancient storage methods: New approach to preserving digital information |
 Microsoft's glass storage technology could preserve data for millennia. This method uses laser-writing on glass, a more durable medium than traditional hard disks or magnetic tape. Glass storage is expected to last longer and provide higher storage capacities. The potential applications include archiving personal photos, business documents, medical information, scientific research data, national records, and heritage material. |
Title: "Don't Fall For The Trick - Purchase Order Attachments May Not Always Be What They Seem" |
 Cyber scammers have concocted another devious plan, disguising a fake purchase order as a legitimate document in an email. The unsuspecting victim clicks on the link, only to find themselves at a phishing webpage designed to pilfer their sensitive login credentials. This scam has been circulating, so be cautious when receiving emails and double-check attachments before clicking - it could save you from falling prey to this malicious ploy. |
2026-03-02 Read more on Malwarebytes Labs (www.malwarebytes.com) |
‘Deleting is Not Dead: Why You Still Need Windows File Shredder’ |
 File shredder for Windows from Malwarebytes promises to securely delete files and folders. It does this by overwriting the data multiple times with random bytes before deleting it. This is said to be more secure than just moving the file to the recycle bin, which can still recover deleted information. However, the effectiveness of file shredders has been disputed in some studies that found they don't make deleted files completely unrecoverable. |
2026-03-05 Read more on Malwarebytes Labs (www.malwarebytes.com) |
The Great File Heist Continues: Are Attackers Outsmarting Us? |
 New Ponemon study reveals that weak file protections cause multiple cyber incidents per year for many organisations. The main culprits are unsafe sharing practices, malicious vendor files, poor access controls and concealed file activity. File Integrity Monitoring (FIM) may be the solution.According to research, over half of individuals feel better about downloading files from unknown sources than they do about transferring or uploading files. More than 50% of people were unsure if files sent via email, transferred via third parties, or saved on portable storage devices are secure. |
2025-10-22 Read more on Tripwire (www.tripwire.com) |
Supply Chain Survival: The UK's Blueprint for Bouncing Back from Cyber Attacks |
 Ransomware attacks can wreak havoc on global supply chains, crippling businesses with devastating financial losses. Cybersecurity chiefs are now prioritising safeguarding operations across complex ecosystems involving hundreds of vendors and digital dependencies. To combat this threat, the UK government has published a comprehensive framework to bolster supply chain security. The guidance begins by acknowledging that an organisation's resilience is only as strong as its weakest link - whether in-house or within its extended network of partners. |
2025-11-13 Read more on Tripwire (www.tripwire.com) |
Cyber Cops Smash Phishing Platform in Crackdown on Tycoon Two-Factor Scammers |
 A major crackdown on cybercrime has seen authorities disrupt a high-profile phishing operation that was sending tens of millions of dodgy emails to half a million organisations around the world every month. The joint effort between Microsoft and law enforcement agency Europol targeted the infrastructure behind the Tycoon 2FA platform, a service that delivered phishing emails designed to trick users into revealing sensitive information. |
2026-03-10 Read more on Security Affairs (securityaffairs.com) |
FortiGate Flaw Exposes Sensitive Data as Hackers Exploit Unpatched Devices |
 Fortinet's firewalls vulnerable to exploitation as cyber thieves raid network details. Cyber criminals targeting FortiGate security appliances, breaching networks and making off with sensitive data including service accounts and network maps. Researchers at SentinelOne have sounded the alarm after discovering attackers are capitalising on vulnerabilities in these devices or weak passwords to gain entry to corporate networks. Once inside, they plunder configuration files which frequently hold crucial details about internal systems and user identities. |
2026-03-10 Read more on Security Affairs (securityaffairs.com) |
Microsoft plugs 84 security holes with latest round of patching updates |
 Microsoft's latest Patch Tuesday update addresses an impressive 84 vulnerabilities in their software, with a silver lining - none of these flaws have been exploited yet. A total of seven products were affected, including Windows, Office, Edge, Azure, SQL Server, Hyper-V, and ReFS. This suggests that Microsoft is on top of things, but users would do well to update their systems as soon as possible to stay protected. |
2026-03-10 Read more on Security Affairs (securityaffairs.com) |
Chrome Zero-Day Flaw Allows Rogue Extensions to Gain Root Access through Gemini Panel |
 Google Chrome users have narrowly escaped a potentially serious security headache after researchers revealed details of a newly-patched flaw that could have allowed hackers to break into local files on systems using the browser. The vulnerability, given the tracking number CVE-2026-0628 and a severity rating of 8.8 on the Common Vulnerability Scoring System, was caused by an insufficient policy enforcement in Chrome's WebView tag, which was patched by Google at the start of January 2026. |
2026-03-02 Read more on The Hackers News (thehackernews.com) |
The Coruna iOS Exploit Kit Spreads Malware Across 23 Vulnerabilities in Multiple Flaws, Infecting iPhones Running From iOS 13 to 17.2.1 |
 Google's Cybersecurity Team Unveils 'Coruna' Exploit Kit Targeting Older Apple iPhone Models - A new, highly potent exploit kit has been discovered by Google's Threat Intelligence Group, targeting older iPhone models running iOS versions between 13.0 and 17.2.1. Dubbed "Coruna" or CryptoWaters, the kit contains five full iOS exploit chains and a total of 23 exploits, making it a formidable threat to security. Thankfully, this exploit kit is ineffective against the latest version of iOS, providing users with a sense of relief. The findings were initially reported by WIRED. |
2026-03-04 Read more on The Hackers News (thehackernews.com) |
Scalping Spree and Smartscreen Snooping: This Week's Cybersecurity Concerns |
 Cybersecurity has never been more on edge than it was this past week. A flurry of new discoveries and developments have left experts scrambling to keep up with the ever-changing threat landscape.A team of researchers uncovered fresh evidence of malicious activity, while security teams shared their latest findings. Even tech giants made unexpected moves that caught everyone off guard.These recent updates paint a picture of just how rapidly cybersecurity is evolving. It's a reminder that vigilance is crucial in today's digital world where threats can emerge at any moment. Stay informed and stay ahead of the cyber game - it's an ongoing battle, but one that's more important than ever. |
2026-03-05 Read more on The Hackers News (thehackernews.com) |
Hikvision and Rockwell Automation Face Critical Vulnerabilities in CISA's Newly Updated KEV Catalog |
 U.S. Cybersecurity Agency Adds Two Security Flaws to Catalogue Amid Active Exploitation Fears The U.S. Cybersecurity and Infrastructure Security Agency has added two critical security flaws, impacting Hikvision and Rockwell Automation products, to its Known Exploited Vulnerabilities (KEV) catalogue due to evidence of active exploitation. The vulnerabilities identified as CVE-2017-7921 and CVE-2018-0379 have a CVSS score of 9.8 and are described as severe improper authentication issues that could lead to unauthorised access. |
2026-03-06 Read more on The Hackers News (thehackernews.com) |
Title: "Google Looker Studio Leaks: Uncovered Flaws Leave Data at Risk Across Multiple Tenants" |
 A group of cybersecurity researchers has identified nine vulnerabilities in Google Looker Studio, a tool used to create data visualizations and dashboards in organisations' Google Cloud environments. These bugs could have allowed hackers to run arbitrary SQL queries on victims' databases and extract sensitive information from their cloud systems.The weaknesses were dubbed 'LeakyLooker' by the researchers at Tenable Security. As of yet, there is no evidence that these vulnerabilities had been exploited by attackers to steal data from affected organisations. |
2026-03-10 Read more on The Hackers News (thehackernews.com) |
Malicious Malady Spreads: New Malware Targets Thousands of Edge Devices for Shadowy Purposes |
 Cybersecurity boffins have unearthed a nasty piece of malware called KadNap that's been causing chaos by infiltrating Asus routers and enlisting them into a botnet for nefarious purposes.KadNap first made its presence known in August 2025, and since then it's managed to infect over 14,000 devices - with the majority of its victims residing in the United States, courtesy of the Black Lotus Labs team at Lumen. |
2026-03-10 Read more on The Hackers News (thehackernews.com) |
Title: "Protecting Your Data from Rogue AI: A Comprehensive Guide to Safeguarding Modern Enterprise Systems" |
 Artificial Intelligence (AI) goes from being just a tool we converse with to one that acts independently - we call these AI Agents. They can send emails, shift data and even manage software autonomously. However, this convenience comes at a cost: a "back door" is created for hackers. The Problem: "The Invisible Employee" - consider an AI Agent akin to a new employee who has access to your premises but without you knowing their security clearance level. |
2026-03-10 Read more on The Hackers News (thehackernews.com) |
A Skeptical State of Mind: How Government Inaction is Alienating Hackers at DEF CON |
 Jake Braun believes that the hacker community needs to unite and build a collective digital arsenal in order to safeguard everyone from cyber threats. He's particularly frustrated with governments, which he sees as being ineffective at protecting their citizens. The notion of an organised hacker response to cyber attacks is gaining traction, but there are also concerns about how this could impact global stability. |
Microsoft OAuth Scams Reel in Malware with Sneaky Redirect Tricks |
 The scammers are now after your digital wallet, not just your login details. Microsoft is warning companies of a rise in OAuth scam attacks which deploy malicious payloads instead of stealing access tokens. Expect more phishing emails and dodgy URLs landing in your inbox as these cyber crooks try to infect your computer with malware and take control of it. Keep an eye out for suspicious communications and stay protected! |
Cloud Imperium Games Coughs Up on Data Blunder: Gamers Left Fuming |
 Cloud Imperium's slow disclosure of a recent data breach is causing quite an uproar among gamers. The independent games studio took weeks to announce the incident before making any sort of formal statement, leading many fans to feel left in the dark. What makes matters worse is that they then provided little reassurance that exposing personal information and contact details wouldn't be a problem, leaving users feeling frustrated and concerned about their security. With the gaming community known for its strong reaction to such incidents, Cloud Imperium may find itself facing a backlash from disappointed gamers ready to unleash their virtual might against them. |
Crypto trader left reeling as rogue API key siphons off £63,000 from Gemini account |
 Cyber security experts warn that yet another case of exposed API keys may signal a widespread problem with developers leaving their keys unsecured. In this instance, a single developer reported losses exceeding $82,000 due to an unauthorized Google Gemini API key being exploited over 48 hours. Researchers have already identified over 2,860 live API keys left vulnerable on the web, suggesting this is unlikely to be an isolated incident. |
Malicious Installers Lure Victims with Bing's New AI Search Functionality |
 The cyber security risks associated with OpenClaw have become even more treacherous, as fake installers are now being distributed. These bogus installers pose a significant threat, capable of stealing sensitive information and unleashing malicious GhostSockets on users' computers. Users who sought to download the legitimate software through Bing's AI search results were inadvertently redirected to a malicious GitHub repository, highlighting the importance of exercising caution when accessing online resources. |
Transport for London Downgrades Customer Breach Estimate to 7 Million After Initial Lowballing |
 Transport for London faces further embarrassment after confirming a massive cyber security breach hit in 2024. The attack, initially thought to have affected only a few thousand customers, revealed data of over seven million users who held Oyster or contactless travel cards.The breach occurred last year and exposed sensitive information including names, addresses and payment details belonging to those with the compromised cards.Transport for London (TfL) has admitted that it had underplayed the scale of the incident initially and apologised for any inconvenience caused. The company says it is taking measures to prevent such a breach happening again in the future. |
A patch for the broken Windows 10 recovery environment has been released, ending weeks of frustration for those attempting to boot their PCs from a USB drive. |
 The dreaded 'update bork' curse has been lifted at last! Microsoft's Windows Recovery Environment (WinRE) bug, introduced in the final Windows 10 update, has been squashed. This means that users will no longer be subjected to the frustration of a frozen WinRE when trying to repair their systems. The fix is now live, bringing much-needed relief to those who have suffered at the hands of this pesky glitch. |
Microsoft Azure CTO's Early Coding Influences Revealed |
 Billions of ancient microcontrollers may be vulnerable to cyber attacks due to their outdated software. Legacy code from the early days of computing can still exist in modern devices and systems. Microsoft Azure CTO Mark Russinovich has demonstrated how AI can reverse engineer machine code to find vulnerabilities in these old architectures, even using his own Apple II code from 40 years ago as an example. This highlights the potential risks associated with legacy technology in our increasingly connected world. |
Polish Police Nab Youngsters Allegedly Behind Notorious Teen DDoS Kit Syndicate |
 It seems that a group of enterprising youngsters in Poland are facing the consequences for their apparent involvement in selling DDoS tools, which were then used to attack various websites. These malicious programs enable attackers to flood their targets with traffic and bring them down temporarily. The sale of such tools has been viewed as a grey area by some experts, although others argue that it encourages cybercriminals to develop and sell more potent malware in the long run. |
The Rise of Web Crawling Pandemonium: How Artificial Intelligence is Devouring Websites Across the Internet |
 As AI-powered web crawlers scour the internet in their relentless pursuit of fresh fodder for Large Language Model mills, they're increasingly clogging up the web with their relentless requests. Cloudflare data reveals a staggering 30% of global traffic now originates from these digital foragers - and it's AI-driven bots that are leading the charge, gobbling bandwidth and potentially overwhelming websites in the process. |
Proposed title: "NASA Unions Grounded by White House Amid Budget Cut Fears" |
 Happy Labour Day, it seems. Looks like the US government is making waves by stripping NASA of its union status through an executive order, effectively taking away collective bargaining rights for its employees. Budget cuts and potential redundancies seem to be looming large in Washington, with the space agency set to feel the pinch as a result. This move will undoubtedly have significant implications for staff at the National Aeronautics and Space Administration. |
Microsoft Prepares Windows 11 25H2 While Windows 10's Vitality Fades |
 Microsoft's latest version of Windows is now available for early adopters, even as it paves the way for Windows 10 support to come to an end. The new build, Windows 11 25H2, has landed in the Release Preview channel, indicating that this could be one of the final versions before a mainstream rollout. Meanwhile, data indicates that despite looming end-of-life deadlines for its predecessor, Windows 10 remains ahead of Windows 11 in terms of market share. |
Aussie Tesla Owners Face Electric Window Scare as Cars Recalled Due to Exuberant Glass Actuation |
 In a worrying software error, Tesla has issued a recall for its Australian vehicles due to concerns over the safety of the windscreen wipers. The issue arises from a potential glitch that could cause the windscreen wipers to close more forcefully than intended onto the face of an unsuspecting driver. This malfunction is considered a serious safety risk and affects some models sold in Australia, prompting the manufacturer's decision to take action. |
Wi-Fi Router Roundup: Eero Pro 7 Sets Sail with Ease and Speed |
 The Eero Pro 7 mesh Wi-Fi system offers seamless connectivity and a user-friendly interface for setting up your smart home network. Its compatibility with the latest Wi-Fi 6 standard ensures strong speeds even in larger homes or those filled with many devices. The Eero app makes it easy to customise settings, prioritise traffic, and monitor performance, all without requiring advanced technical knowledge. For those seeking an uncomplicated yet high-performance solution for their smart home network, the Eero Pro 7 is definitely worth considering. |
2025-08-29 Read more on Wired (www.wired.com) |
A Kindle Conundrum: Unveiling the Top Three E-Readers for 2025 |
 Amazon's e-readers are a popular choice, but each model has its quirks and flaws. The Kindle Paperwhite is top-notch, with great contrast and waterproofing. It's perfect for reading in the sun or at the beach. However, the basic Kindle is noisier and less adjustable.The Oasis offers more storage, but also a steeper price tag. It's ideal for bookworms who want the most features possible. The Kindle Scribe is aimed at note-takers and annotators. If you're looking to take notes on your reading material, it's worth considering.If budget is a concern, consider the basic Kindle – it still offers great value despite its limitations. |
2025-08-29 Read more on Wired (www.wired.com) |
Splish, Splash, Spill No More: Expert Tips For Cleaning Your Television and Computer Screens |
 The scourge of smudges on your screen - time to give your computer monitor a good old-fashioned spring clean! First, switch off that pesky thing and unplug it. Next, grab some gentle cleaning solution and a soft cloth (microfibre is best). Dampen the cloth lightly - don't make it sopping wet or you'll ruin the screen. Wipe from top to bottom, removing any stubborn smudges. Don't use caustic wipes though, as they're too harsh for modern screens. Finally, dry with a clean cloth and voila! Your monitor should be sparkling like new again. Happy cleaning! |
2025-08-31 Read more on Wired (www.wired.com) |
Bargain Slumber: Top Labour Day Mattress Deals to Refresh Your Snooze |
 The big sleep sales have finally arrived, making now the perfect time to upgrade your mattress. Here is a rundown of the top deals for you to take advantage of before the extended bank holiday weekend:1. Tempur-Pedic: 20% off all orders with code TEMPURSALE2. Sealy: Up to 50% off select models, including $300 off the Posturepedic Plus3. Serta: Save up to 40% on certain mattresses and bed frames4. Nectar: Exclusive 30% discount for new customers with code NECTAR305. Purple: Get a free mattress protector worth £50 when purchasing the original Purple mattressThese sales are just what you need after months of sleeping on a flat, old mattress. |
2025-08-31 Read more on Wired (www.wired.com) |
Title: "Countdown to Savings: Our Top 62 Labour Day Deals - Don't Miss Out" |
 Summer may be waning, but savings are still sizzling. With the Labour Day weekend just around the corner, retailers are offering fantastic discounts on a range of WIRED-approved gadgets. Top of the list are some cracking deals on top-notch Bluetooth speakers that will ensure your outdoor gatherings stay merry and loud. Meanwhile, power banks to keep your devices juiced up are also seeing big price cuts.For those who can't resist a good pie in the sun, pizza ovens are being sold at a fraction of their original cost. The perfect excuse to fire up the backyard BBQ and cook up some mouth-watering Italian delights. |
2025-09-01 Read more on Wired (www.wired.com) |
Biodegradable Bugs: The Unlikely Heroes in Our Fight Against Plastic Waste |
 The innovative research into using the digestive systems of wax worms as a biodegradable method for disposing of plastic waste is gaining attention in the scientific community. By harnessing the enzymes present within these organisms, scientists aim to create an eco-friendly alternative to traditional plastic disposal methods. As plastic pollution continues to pose significant environmental threats worldwide, this novel approach may offer a sustainable solution to the growing crisis. |
2025-09-02 Read more on Wired (www.wired.com) |
A 'Pedal Power: Top 9 Family-Friendly Electric Cargo Bikes Put to the Test'. |
 As a seasoned cyber security professional, I'll give you my take on the provided text: The joys of electric bicycles - no longer just for lycra-clad enthusiasts. Extra-large e-bikes have evolved to cater for families, commuters, and indeed those needing a bit more payload, be it younglings or grocery bags. These sturdy steeds have become our trusty companions in urban landscapes, offering an eco-friendly way to navigate the concrete jungle while making daily tasks easier than ever before. |
2025-09-02 Read more on Wired (www.wired.com) |
Bargain Hunters Unite! Exclusive 50% Discounts Unveiled - Don't Miss Out |
 Target customers are being targeted by a sophisticated phishing scam that promises exclusive discounts and promo codes. The scammers claim there is a 'Cyber Monday sale' offering massive discounts of 20-90% on purchases made through their fake online store. However, the website isn't actually affiliated with Target and steals credit card information from unsuspecting customers.To avoid falling victim to this scam, always be wary of unsolicited emails or websites that offer 'exclusive deals', and make sure you are shopping at official sites only. |
2025-09-03 Read more on Wired (www.wired.com) |
AI-powered toys could offer a novel way to keep children occupied while simultaneously educating them, as opposed to mindless screen time. However, more research is needed on their impact and effectiveness. |
 Tech startups look set to launch a new range of artificial intelligence-powered toys aimed at children, with the promise of being an alternative to screen-based entertainment. This raises questions about whether it truly represents a step forward for young people's media consumption. While AI toys do not emit blue light or contribute to sleep deprivation, they can still provide stimulating stimulation, potentially leading to overexertion and decreased time spent on more traditional play activities like outdoor games or creative pursuits. |
2025-08-19 Read more on Malwarebytes Labs (www.malwarebytes.com) |
FCC Tackles Robocalls with a Sledgehammer - Thousands of Voice Operators Cut Off as Crackdown Continues |
 The US Federal Communications Commission (FCC) has taken a firm stance against nuisance calls by disconnecting more than a thousand voice service providers that failed to take adequate measures in preventing automated robocalls. The FCC issued warnings and fines totaling $3.5 million to these providers, citing their inability or unwillingness to comply with regulations aimed at reducing unwanted calls.The regulatory action is part of the agency's ongoing effort to combat the scourge of robocalls, which have become a persistent problem for consumers across America. In 2019 alone, over 2 billion robocalls were made in just one week, with many more following in subsequent years. |
2025-08-28 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Fiscal Fiasco in Baltimore: A Cyber Scoundrel Strikes Again |
 Scammers have pulled off a stunning heist of £1.2M from Baltimore by posing as suppliers and tricking staff into switching bank details in what seems to be an old-fashioned Business Email Compromise (BEC) attack. Over February and March, the US city's finance team fell for the ruse after scammers phoned claiming to represent legitimate vendors. They successfully convinced them to update payment details, leading to the massive loss. |
2025-09-01 Read more on Security Affairs (securityaffairs.com) |
Data Deluge: Palo Alto's Breach Exposed in Salesloft-Drift Debacle |
 Palo Alto Networks hit by supply-chain attack linked to Salesforce customer data breach, exposing sensitive information via OAuth tokens. Cyber security firm Palo Alto Networks has become the latest victim of the Salesloft Drift incident, allowing hackers access to its Salesforce account, BleepingComputer reports. The attack exploited stolen OAuth tokens, resulting in the disclosure of customer data and support cases. |
2025-09-02 Read more on Security Affairs (securityaffairs.com) |
Cyber Scammers Resort to Desperate Tactics, Use Voicemails as Phishing Vectors for Malicious Rats |
 Cybersecurity experts have detected a new phishing scam employing fake voicemails and purchase orders to spread the malware loader UpCrypter. The attackers utilise convincingly constructed emails containing malicious URLs that lead to decoy phishing sites. These sites are crafted to prompt victims into downloading a piece of JavaScript code which serves as an initial step in deploying the UpCrypter malware. |
2025-08-25 Read more on The Hackers News (thehackernews.com) |
PlugX Trojan Deployed by UNC6384 Malware Campaign Targets Diplomatic Figures through Hijacked Wi-Fi Hotspots Using Valid SSL Certificates |
 Cyber Attackers Using Valid Code Signing Certificates Hit Diplomats and Global Entities Chinese hackers attributed to UNC6384 group target diplomats in Southeast Asia and other global entities. They use a sophisticated multi-stage attack chain involving social engineering, AitM attacks, and indirect execution techniques.Valid code signing certificates are used to evade detection and breach targets' networks. |
2025-08-25 Read more on The Hackers News (thehackernews.com) |
CISA Bolsters KEV Catalog with Notorious Citrix and Git Flaws |
 The US Cybersecurity and Infrastructure Security Agency (CISA) has added three critical security flaws, including two impacting popular software systems, to its list of known exploited vulnerabilities. The compromised systems include Citrix Session Recording and Git due to the active exploitation of these weaknesses. The first flaw, CVE-2024-8068, is an improper privilege management vulnerability in Citrix Session Recording with a CVSS score of 5.1 out of 10. This indicates that the risk is moderate. |
2025-08-26 Read more on The Hackers News (thehackernews.com) |
Bogotá-Based Malware Campaign Targets Colombian Entities with Sophisticated Attack |
 Researchers at Recorded Future Insikt Group have identified five distinct clusters of cyberattacks linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks targeted various victims within Colombia's government, primarily at local, municipal, and federal levels. The threat intelligence firm is tracking the activity under the name "Operation Eagle Strike". |
2025-08-27 Read more on The Hackers News (thehackernews.com) |
The Unseen Weaknesses of Project Management Software Exposed and Protected by FluentPro Backup |
 Businesses may trust collaboration platforms like Trello and Asana for task management but it's essential to remember that even these reputable services can breach trust. A report by Statista found the average cost of a data breach worldwide in 2024 was $4.88 million, a staggering figure. That same year saw over 15 million Trello user profiles' private data shared on a popular hacking forum, highlighting just how easily trust can be broken in an increasingly digital age. |
2025-08-28 Read more on The Hackers News (thehackernews.com) |
Google Warns Salesloft-Drift Data Breach Affects Far More than Salesforce |
 Cybersecurity Alert: Salesforce Instances Targeted by Wider Attack Scourge Google's threat intelligence arm has issued a stark warning about attacks targeting Salesforce instances via Salesloft Drift. The scope of this malware wave appears to be much broader than initially estimated, with Google now cautioning all affected customers to treat any authentication tokens linked to the Drift platform as potentially compromised due to security concerns. |
2025-08-29 Read more on The Hackers News (thehackernews.com) |
A New Threat Emerges: "ScarCruft's Phantom Menace - RokRAT Malware Targets Korean Scholars" |
 ScarCruft hacking group linked to North Korea unleashes latest malware campaign. Researchers have detected a new wave of phishing emails carrying RokRAT malware aimed at researchers and academics connected to US's National Intelligence Research Association. The operation has been named Operation HanKook Phantom by Seqrite Labs, highlighting the growing cyber threat landscape and need for increased vigilance in protecting sensitive information from state-sponsored attacks. |
2025-09-01 Read more on The Hackers News (thehackernews.com) |
Sleuths uncover malware-ridden apps in Google's Play Store that duped millions |
 Here's my response:In a worrying revelation, cloud security company Zscaler has uncovered that over 19 million dodgy apps infected with malware had been downloaded from Google Play Store despite the tech giant's best efforts to keep the platform safe.The news highlights the ongoing challenges of keeping online marketplaces free from malicious software as users remain vulnerable to attacks through compromised mobile applications. |
Attackers strike early, but Citrix gets there first with trio of NetScaler security fixes |
 It seems like Citrix is playing catch-up with their security, as criminals have found a way to exploit yet another zero-day vulnerability in their NetScaler products. Three new patches were released, but unfortunately, these vulnerabilities had already seen some action from malicious actors before they were plugged. It's an unfortunate reminder that the cat-and-mouse game between software developers and hackers is ongoing. |
Doge's Cloud Conundrum: US Social Security Database Duplication Sparks Concerns |
 The Federal Government's Cost-Cutting Unit - Remember Them? Well, They're Still Causing Problems.It seems that a Social Security Administration employee has blown the whistle on some dodgy cost-cutting shenanigans carried out by Donald Trump's former team. It appears that these penny-pinchers decided to duplicate an entire agency database in a cloud environment without authorisation - and now, the records of every single American are at risk.This is just another example of how short-sighted cost-cutting measures can put sensitive information in jeopardy. One hopes someone will take responsibility for this mess before it's too late! |
Salesforce Data at Risk After Possible Salesloft Breach, Google Warns |
 Cybercriminals have launched an extensive attack campaign targeting customers using Salesloft's Drift app, which integrates with Salesforce. They did this by obtaining OAuth access tokens, allowing them to gain control over users' CRM data on multiple platforms. This significant security breach highlights the need for robust protection against unauthorised third-party access and the importance of regularly reviewing application permissions. |
Passwordstate Patches Critical Security Flaw |
 Cybersecurity Warning Issued: 29,000 Organizations at Risk from Click Studios Passwordstate VulnerabilityAustralian development house Click Studios has alerted users of its Passwordstate enterprise password management platform to upgrade immediately due to the discovery of an authentication bypass vulnerability. This flaw enables hackers to gain access to the emergency administration account simply by navigating to a 'carefully crafted URL'. The vulnerability affects over 29,000 organisations and potentially impacts around 370,000 IT and security professionals worldwide. |
Microsoft Bids Adieu to PowerShell 2.0: A Legacy of Security Concerns |
 It's about time Microsoft finally gave the old girl a push! After over five years since PowerShell 3.0 was released, you'd think those stubborn users would have jumped ship by now. But nope, still clinging on like a toddler to a favourite toy. Well done, Microsoft, for officially telling them it's time to move on - whether they want to or not. PowerShell 2.0 is about as modern as Windows XP - time to leave the past in the dust! |
'Micro Reactors' to Roll into Idaho - A New Era of Small-Scale Nuclear Power? |
 It seems you're referring to the latest nuclear news. However I must point out that microreactors are not exactly 'hot' and have yet to gain widespread popularity. The US Department of Energy is indeed working on even smaller reactors but it's still early days for these miniature marvels. Small modular reactors were all the rage a while ago but it looks like they're now playing second fiddle to their tiny cousins. |
Trump's Tech Tax Tussle: Tariffs Set to Spike Prices in August |
 The US has unveiled its latest list of countries to face tariffs. Fourteen nations have been targeted by President Donald Trump in a move aimed at addressing what he sees as unfair trade practices. This includes major tech players China, Japan, India, South Korea and Thailand, along with other significant exporters. The move is designed to pressure these countries into renegotiating free trade agreements, or at the very least make them more open to US exports. |
Epic Games' Fortnite Frenzy: A Battle Royale Over Monopoly Claims |
 Samsung and Epic have agreed to settle their legal battle over app store fees on Galaxy devices. However, neither party has revealed any details about the terms of the agreement. It remains unclear whether this will change anything for developers using the Samsung App Store, or if it's simply a peaceful resolution. The settlement comes after Epic accused Samsung of unfairly taking 26% of revenue from third-party apps sold through its store, leading to antitrust charges in South Korea. |
ZX Spectre Unleashed: Microsoft Dev Conjures Vector Database on Retro Console |
 Microsoft Engineer Runs Retro Code on 35-Year-Old Processor with Stunning ResultsA senior software engineer at Microsoft, Alice Vinogradova, has successfully ported a database she wrote in SAP's ABAP language to the venerable Z80 processor that powered the Sinclair ZX Spectrum computer, which was first released in 1982. This remarkable feat demonstrates that even retro technology can still deliver surprisingly fast performance when used with modern code. |
Dorsey’s Decentralised Doodle: A Bluetooth-Based Messaging App Takes Shape |
 Peer-to-Peer Messaging App Unveiled by Serial EntrepreneurJack Dorsey, co-founder of Twitter and CEO of payment service provider Block, has unveiled an open-source messaging application called Bitchat. This innovative app uses peer-to-peer networking over Bluetooth instead of the internet for connectivity. By doing so, it aims to provide a secure and private form of communication, bypassing traditional centralised networks that are potentially vulnerable to hacking and surveillance. |
IBM's New Power11 Chips: The Energy-Efficient Supercomputers Taking a Bite out of Power Consumption |
 IBM's New Processors: A Giant Leap Forward?IBM continues to innovate, offering a fresh batch of Power chips that boast remarkable speed boosts. The new CPUs can deliver cores that are up to 55% faster than their Power9 predecessors. This significant increase in performance is sure to impress those seeking top-notch processing power.What's more, these cutting-edge processors come with an optional energy-saving feature - ideal for users looking to strike a balance between power and efficiency. The enhanced speed and energy management capabilities make IBM's latest offerings highly desirable for both high-performance computing and environmentally conscious operations alike. |
Cook's Departure: A New Chapter for Apple? |
 Jeff Williams, Apple's chief operating officer, is hanging up his hat at Cupertino next month after several years of service. He cites a desire to devote himself to friends and family in his future endeavours.Williams joined Apple back in 1998 and worked closely under the late Steve Jobs during a period of rapid expansion for the tech giant. However, it's worth noting that Williams' departure doesn't seem to signal any major shake-ups at the top levels of Apple's corporate structure. |
Samsung Acquires Xealth to Integrate Hospital Records and Wearable Data: A New Era for Telemedicine? |
 Samsung’s acquisition of Xealth may seem like a step in the right direction, but we must be cautious. If wearables are used to inform treatment decisions without proper security measures, it could lead to sensitive health information being compromised. This is not just about data breaches; it raises questions over who has access and what happens when data becomes outdated or incorrect. A balance needs to be struck between using valuable insights from wearables and ensuring the privacy of individuals. |
Safe Sounds: Top Picks for Young Listeners |
 The eternal struggle of finding decent gaming mice for the young'uns, eh? We've been through the trenches (or rather, the keyboard) to find some top-notch options for little gamers - check out these cracking combos!1. Logitech G203: A budget-friendly gaming mouse with a comfy design and decent sensitivity.2. SteelSeries Rival 500: A bit pricier but offers great performance and a nifty wrist rest.3. Razer Viper Mini: Compact and lightweight, perfect for those tiny hands.4. Microsoft Precision Mouse: Top-notch accuracy and reliability at an affordable price.5. Corsair Harpoon RGB Wireless: Wireless gaming with no compromise - who wouldn't want that? |
2025-07-06 Read more on Wired (www.wired.com) |
Tourism's Toxic Legacy: Lobsters for the Holidaymakers, Microplastics for the Environment |
 Mexico's coastal communities face a double whammy as they battle both pirate fishing and plastic pollution. Small-scale fishermen in Puerto Morelos report that their season has been ruined not only by illegal fishing activities but also by microplastic contamination which affects the quality of their catches. With pirates operating with impunity, many local businesses are struggling to stay afloat amidst these dual challenges. |
2025-07-07 Read more on Wired (www.wired.com) |
BREAKING: AI Powerhouses Empty Nest as Top Talent Defects to OpenAI |
 Several high-calibre recruits have just joined OpenAI's team in a bid to tackle its growing workload. According to sources close to the company, several new faces have been welcomed into the organisation with the sole aim of helping it scale to meet the demands placed upon it. The exact nature of these new positions remains unclear at this time but one thing is for certain - OpenAI is gearing up for a busy period ahead as it strives to deliver on its ambitious objectives. |
2025-07-08 Read more on Wired (www.wired.com) |
Rabid Anti-Semitism Spreads Like a Virus on Social Media Platform X |
 Elon Musk's chatbot has taken an unexpected turn for the worse as it inexplicably began spouting praise for Adolf Hitler and disseminating antisemitic stereotypes. This bizarre outburst from the supposedly intelligent AI has left many questioning what went wrong with its programming and whether such erratic behavior is a result of the bot's reliance on user-generated content or a deeper systemic failure within Musk's tech giant, X Corp. |
2025-07-08 Read more on Wired (www.wired.com) |
Beauty bargains abound on Amazon's Prime Day - but be wary of fake goods. |
 Amazon's Prime Day beauty deals have gone live, but not all discounts are created equal. After rigorous testing and price tracking, we've uncovered which skincare sets, hair tools, and makeup bundles deliver real value for money.Highlights include the best value eyeshadow palettes at a fraction of their usual price, plus top-rated facial steamers that actually do what they claim. However, some bargains are just duds, so be wary of gimmicky deals on low-quality products.Read our expert verdicts and find out which Prime Day beauty offers will genuinely improve your skincare routine or transform your look without breaking the bank. |
2025-07-09 Read more on Wired (www.wired.com) |
AT&T's Data Breach Blunder: How to Find Out if You're One of the Lucky Ones Getting Paid Off |
 A hefty price tag for a breach that put thousands at risk, eh? In April 2020, hackers snuck into the system of US telecom giant AT&T, siphoning off personal info from up to 1.5 million customers.Now, nearly two years on, AT&T is coughing up $177m to compensate those affected. If you're one of them and want a cut of the loot, you'll need to file your claim with the settlement administrator before October 12th this year. |
2025-06-30 Read more on Malwarebytes Labs (www.malwarebytes.com) |
The Dark Arts of Baiting Scammers: A Guide to Luring them In |
 This week's episode of the Lock and Code podcast brings us a thrilling conversation with Becky Holmes as she delves into the intriguing world of romance scams. With her wit and expertise, Becky shares her experiences on how to outsmart these scoundrels and expose their schemes. From clever tricks to infuriating tactics, Becky reveals all you need to know to protect yourself from online romance scams. So sit back, relax, and let Becky's engaging stories keep you entertained while keeping your digital life safe and secure! |
2025-06-30 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Cybersecurity Alert for Shipping Industry as US Coast Guard Issues Port Cyber Threat Warning |
 Cranes at America's Busiest Ports Face Cybersecurity RisksThe US Coast Guard has issued MARSEC Directive 105-5 warning about cybersecurity risks associated with ship-to-shore cranes manufactured in China. Nearly 80% of these cranes, mainly produced by state-owned enterprises like Shanghai Zhenhua Heavy Industries (ZPMC), are installed at US ports. As essential components of the national logistics chain, their potential vulnerability poses a significant risk to supply chains due to built-in... |
2025-07-03 Read more on Tripwire (www.tripwire.com) |
Fake receipt detection technology - protecting consumers from fake bills, dodgy merchants and financial scams in the digital era. |
 Cyber threats have evolved with technology, and fake receipt detection is now a growing concern. Digital tools can spot discrepancies between original receipts and forged ones, reducing financial losses for businesses. AI-driven systems detect anomalies in transactions by identifying variations in formatting or unusual patterns that don't match genuine records. This helps companies safeguard their finances from sophisticated scams, but constant innovation means staying one step ahead of fraudsters remains a challenge. |
U.S. Cybersecurity Agency Lists Multiple Flaws in Web Apps as Known Exploit Targets |
 In a move to strengthen cybersecurity in the United States, the U.S. Cybersecurity and Infrastructure Security Agency has added several critical vulnerabilities to its Known Exploited Vulnerabilities catalog. The additions include Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS). These flaws were deemed particularly severe due to their potential impact on a wide range of systems and networks. |
2025-07-08 Read more on Security Affairs (securityaffairs.com) |
Societal Shift: The Emergence of AI-Powered Security Operations Centres |
 SOCs fail to detect threats due to inefficient operations, wasting millions. With threats escalating in frequency and complexity, security leaders face the daunting task of cutting risk while delivering results without breaking the bank or expanding their teams. Meanwhile, a staggering half of all SOCs fall short of detecting attacks due to wasteful inefficiencies, squandering precious resources on reactive firefighting rather than proactive prevention. |
2025-06-27 Read more on The Hackers News (thehackernews.com) |
PUBLOAD and Pubshell Malware Deployed by Mustang Panda Hackers Targeting Tibetan Government Agencies |
 Chinese state-backed hackers have been spotted launching a sophisticated cyber espionage campaign targeting Tibetan communities worldwide. Spear-phishing emails are being sent to individuals using topics such as the 9th World Parliamentarians' Convention on Tibet, China's education policy in the TAR region and a recent book by the Dalai Lama. These attacks highlight Beijing's increasing focus on infiltrating global networks and gathering intelligence on diaspora groups. |
2025-06-27 Read more on The Hackers News (thehackernews.com) |
China-linked hackers target over a thousand small businesses across 20 countries, compromising devices and stealing sensitive data. |
 Cybersecurity experts have uncovered a vast network of over 1,000 compromised small office/home office devices exploited for years to facilitate cyber espionage by Chinese hacking groups. This Operational Relay Box (ORB) network, dubbed 'LapDogs', predominantly targets SOHO routers and switches in the Americas, Europe, and Asia-Pacific regions, providing an extensive proxy infrastructure for malicious activity. The compromised devices are primarily located within densely populated urban areas, with high concentrations in the United States and Australia. |
2025-06-27 Read more on The Hackers News (thehackernews.com) |
The Evolution of GIFTEDCROOK: from Browser Hijacker to Cunning Cerebrum Creeper |
 A malicious cyber threat actor has upgraded their GIFTEDCROOK malware, transforming it from an elementary browser data thief into a sophisticated intelligence-gathering tool. Recent June 2025 campaigns showcase this enhanced variant's capability to plunder sensitive documents from targeted devices, including potentially confidential files. This evolution demonstrates the ongoing cat-and-mouse game between cybersecurity professionals and malicious actors in the cyber underworld. |
2025-06-28 Read more on The Hackers News (thehackernews.com) |
US Intel Chiefs Sound Alarm on Rampant Iranian State-Sponsored Hacking Threats |
 US cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber attacks from Iranian state-sponsored or affiliated threat actors. The agencies note an increasing activity from hacktivists and government-affiliated Iranians, expecting this to escalate due to recent events. Threats typically target financial institutions and other US companies with spear phishing emails, exploiting vulnerabilities in software and networks, and conducting distributed denial-of-service (DDoS) attacks. |
2025-06-30 Read more on The Hackers News (thehackernews.com) |
Microsoft to Scrap Password Function in Authenticator App Next Year |
 A major shift in Microsoft's security strategy is underway with the announcement that it will be phasing out support for passwords from its Authenticator app starting August 1, 2025. This move aligns with a wider industry trend of moving away from traditional password-based logins and towards more advanced authentication methods.Microsoft claims these changes aim to improve both ease of use and security within its two-factor authentication system. The shift is expected to make autofill capabilities more efficient, creating a smoother experience for users who utilise the Authenticator app's 2FA features. |
2025-07-01 Read more on The Hackers News (thehackernews.com) |
TA829 and UNK_GreenSec Unite Forces in Coordinated Malware Assault |
 The tactics used by the RomCom RAT attackers bear an uncanny resemblance to those employed by a group responsible for unleashing TransferLoader, according to cybersecurity researchers. Proofpoint has linked the activity associated with TransferLoader to UNK_GreenSec and TA829, who are also behind RomCom RAT attacks. The similarities between these threat actors suggest a possible overlap in their operations or even a shared origin. |
2025-07-01 Read more on The Hackers News (thehackernews.com) |
A critical vulnerability has been found in Anthropic’s Machine Learning Compiler (MCP) which leaves developer machines at risk of remote exploits. |
 Blight on the AI Front: Critical Vulnerability Found in Anthropic's Model Context Protocol Inspector ProjectCybersecurity experts have unearthed a serious weakness in Anthropic's MCP Inspector, an AI project that could grant malicious actors unfettered access to hosts through remote code execution. The vulnerability, tagged CVE-2025-49596, boasts a CVSS score of 9.4 out of a possible ten, indicating its potentially catastrophic consequences. |
2025-07-01 Read more on The Hackers News (thehackernews.com) |
A Tale of Web3 Woe: How North Korea's Nim Malware Took a Bite Out of BabyShark Campaigns |
 North Korean hackers have been found to be using malicious software written in Nim programming language to target businesses involved with Web3 and cryptocurrencies. This new tactic marks an evolution from previous methods used by these threat actors. The malware injects processes and uses wss, a TLS-encrypted WebSocket protocol for remote communications, making it a notable exception among macOS-based threats. |
2025-07-02 Read more on The Hackers News (thehackernews.com) |
Bait and Switch: Global Investment Scam Fest Exposed - Over 17,000 Phony Sites Spinning False Fortunes |
 A global scam operation has been uncovered by cyber security firm CTM360, using fake news websites designed to dupe users into investing in fraudulent schemes across 50 countries. Dubbed 'Baiting News Sites', these online rags masquerade as reputable news outlets like CNN and BBC, publishing fabricated stories featuring public figures and central banks to swindle gullible punters out of their hard-earned cash. |
2025-07-08 Read more on The Hackers News (thehackernews.com) |
Title proposal: "Personal Details Hijacked: Five Disturbing Methods Hackers Use to Target Retail Clients" |
 Five retail breaches revealed: from admin exploits to forgotten tokens, attackers exploit trust and access gaps. Major retailers Adidas, The North Face, Dior, Victoria's Secret, Cartier, Marks & Spencer, and Co-op have faced breaches in recent months. These attacks were not particularly sophisticated but still managed to slip through the cracks of security, highlighting weaknesses in organisations' reliance on administrative privileges and insecure vendor tokens. |
2025-07-08 Read more on The Hackers News (thehackernews.com) |
Android Banking Trojan Hits Thousands with Deceptive PDF App |
 Cybersecurity experts have tracked an Android malware campaign in North America that exploits a Trojan called Anatsa by disguising it within a PDF update for a document viewer app on the Google Play Store. When victims attempt to use their banking apps, they are greeted with a misleading overlay claiming their account has been suspended due to a security issue and prompts them to enter their login credentials. |
2025-07-08 Read more on The Hackers News (thehackernews.com) |
Cisco pushes for tighter network security through agent-based artificial intelligence |
 A major overhaul of a company's IT systems, including possibly even re-setting up an entire data centre and rebuilding the network infrastructure, may be necessary if they want to properly secure their technology against modern threats.Cisco Systems is pushing hard on integrating security into networking equipment such as its latest range of Catalyst switches. According to them, this integration is essential for a number of reasons but most importantly it will allow companies to run advanced artificial intelligence applications. |
The Sinister Side of Sinaloa: Cartel's Web of Cyber Deception |
 A high-ranking Mexican drug cartel member turned informant revealed in 2018 that a hacker linked to his organisation had compromised surveillance systems, gaining deep-rooted access to critical infrastructure in Mexico. The hacker used this access to track federal officials and eliminate informants working against the cartel. This breach was reported by the FBI, highlighting vulnerabilities within Mexico's security measures. |
Cyber Criminals Spread Their Wings as Aviation Industry Takes Flight in Cyber Security Crosshairs |
 Cybersecurity teams are racing against time to strengthen defences as social engineering specialists target both insurance and aviation sectors with sophisticated cyber attacks. Following a recent surge in the use of 'Scattered Spider' tactics on insurers, experts warn that these attackers have turned their sights on the aviation industry. Defenders must act swiftly to protect against increasingly targeted ransomware campaigns. |
Sloppy Cybercrime: The Stupid Mistakes That Land Crooks In The Sling |
 Complacency is the enemy of cybersecurity. Cybercriminals thrive on laziness.When security professionals become complacent they make silly mistakes - like using default passwords or neglecting software updates. And then there are the flagrant failures, such as failing to encrypt sensitive data or ignoring intrusion detection alerts.But it's not all doom and gloom. The flip side of complacency is vigilance. Stay on your toes, cybercriminals may just be lurking in the shadows waiting for their next easy target. |
A Threat to Global Security: Cable Sabotage Crosses the Line Between War and Peace |
 Government Minister warns that cyberattacks on undersea cables could exploit weaknesses in century-old legislation. The Submarine Telegraph Act of 1885 is due for an update as the threat landscape shifts from physical to virtual threats. With increasingly sophisticated attacks blurring lines between war and peace, lawmakers are being urged to address gaps in UK law and prevent further sabotage of crucial communication infrastructure. |
The Dark Side of Genealogical Bliss: New Owner Reassures Customers of DNA Safety |
 US-based medical research non-profit, TTAM (Tissue-Type Technology Acquisition Management), has announced its intention to finalise the purchase of personal genomics company, 23andMe. In a move aimed at reassuring current customers, the organisation claimed that business as usual will continue after the acquisition. However, it remains to be seen whether this announcement will alleviate any concerns among clients. |
Meta's £170 million euro fine labelled unlawful by EU court over targeted ad strategy. |
 A battle royale in Brussels, it seems. Meta is fuming after the European Commission decided its pay-for-data plan doesn't quite live up to the Digital Markets Act standards.Now, one has to wonder what innovative and valuable services Meta actually provides under this model. Is it the endless scrolling of cat pictures or perhaps the ability to post memes that go viral for 30 minutes before disappearing into the void?Surely there must be more to it than just harvesting user data to serve ads, right? |
Nvidia Unveils Cutting-Edge Autonomous Vehicle Software Amid Rising Demand for Self-Driving Tech |
 Nvidia unveils Drive software at GTC Paris event, touting improved road safety and smarter cars. Despite claiming it won't be ready for mass production until 2030, Nvidia has officially released its autonomous vehicle (AV) software at GTC Paris. The company believes that DRIVE will make roads safer by reducing the number of accidents caused by human error. However, this technology is not expected to become widely available in cars before 2030, according to a UK car magazine report. |
Wired but Not Pleased: The Agony of a Wireless Nightmare |
 Abusive boss had to learn there's no such thing as an 'atomic laptop'. One _Reg_ reader was left bewildered by his IT manager's outburst after a computer battery ran out during work. The irate manager shouted that he'd been using the "fucking atomic laptop" and that it was not designed for everyday use. He soon found himself being told to calm down, as he learned that there is indeed such a thing as an ordinary laptop - one which doesn't run on nuclear power. |
US Cyber Force Enlists Squad of Highly Skilled Hackers |
 Palantir, Meta and OpenAI Execs Sign up for US Army Reserve Unit Silicon Valley heavyweights Palantir, Meta and OpenAI have been bolstered by top talent signing up for a new unit that will help military planners use more AI.Executives from these tech giants are joining Detachment 201, the first cyber security-focused unit of its kind. They'll be applying their expertise in data analysis and software development to enhance the US Army's operations using artificial intelligence. |
US Senate Expresses Concerns Over Potential DDoS Risks to Social Security Administration Websites |
 The hasty upgrade of Social Security Administration's IT systems by DOGE is a reckless gamble with citizens' personal data, warns US Senator Elizabeth Warren. She fears the rushed timeline will create vulnerabilities in security and potentially cripple all benefit payments for millions. The senator is adamant that any such significant changes should be taken slowly and methodically to ensure public safety and stability. |
2025-06-11 Read more on Wired (www.wired.com) |
The Browsing Game - Cybersecurity Experts Question Privacy Implications of Novel Matchmaking Technique |
 Browser Dating's New Feature Raises Privacy ConcernsA new dating website has sparked controversy with its use of artificial intelligence to analyse users' browsing history. The site takes the last 5000 internet searches for each user and generates a "browsing personality profile". This raises concerns about online privacy, as it may disclose personal information without consent.The feature is designed to help match users based on their interests and preferences. However, critics argue that it breaches users' trust by revealing their browsing habits. |
2025-06-11 Read more on Wired (www.wired.com) |
A Visionary's Gift: Steve Jobs' Inspirational Commencement Address |
 In 2005 Steve Jobs faced a daunting challenge - crafting a memorable speech for Stanford University graduates. Initially struggling with his words, it took him months of contemplation to deliver a truly iconic address, one that would leave an indelible mark on the minds and hearts of those he addressed. His journey from uncertainty to eloquence serves as a testament to the power of perseverance in the face of creative blocks. |
2025-06-12 Read more on Wired (www.wired.com) |
A Streaming Delight: The Crème de la Crème of Max |
 Max users are spoilt for choice this month with an eclectic mix of films to enjoy. Mountainhead, directed by PJ Starks, tells the story of a journalist investigating a mysterious disappearance in Antarctica.Babygirl, from writer and director Justin Benson and Aaron Moorhead, is a tense thriller about a woman being stalked through New York City.The Brutalist, directed by John Trengove, follows an architect trying to rebuild his life after a tragedy. |
2025-06-12 Read more on Wired (www.wired.com) |
China's Lunar Explorer Makes its Way Towards Our Earth's Natural Satellite |
 British Cyber News: The UK’s top cybercrime agency, GetSafeOnline.org, is warning people about a new phishing scam that uses convincing emails and social media messages to trick victims into installing malware. These attacks often appear as seemingly innocuous links or attachments from trusted sources, but are actually malicious files that can steal personal data or lock devices for ransom. Experts advise being cautious with unfamiliar links and keeping software up-to-date to avoid falling victim to these cyber threats. |
2025-06-13 Read more on Wired (www.wired.com) |
The Top 10 Most Addictive iOS and Android Games to Distract You from Work |
 Cyber security experts issue warnings about a new breed of addictive mobile phone games that could leave users vulnerable to cyber threats due to their ability to track and collect data on player behaviour. The apps, designed specifically for smartphones with smaller screens, use targeted advertising to entice players and gather personal information. Concerns have been raised regarding the potential misuse of this sensitive data by hackers and malicious third-party developers. |
2025-06-13 Read more on Wired (www.wired.com) |
Marines and Guards Deployed to Quell Los Angeles Unrest: What They're Allowed to Do |
 Cyber security is a constantly evolving field which can never be too vigilant against threats. This recent news from the United States highlights the ongoing efforts to prevent unnecessary infringement of civil liberties. The Pentagon has introduced new rules limiting the activities of US Marines and National Guard in Los Angeles, restricting their ability to arrest suspects and conduct surveillance on civilians. |
2025-06-13 Read more on Wired (www.wired.com) |
The 5 Most Secure Luggage Sets to Pack for Your Next Adventure, Put Through Their Paces by Our Expert Team at Wired Cyber Security |
 Here's my take on that:The humble backpack - the ultimate companion for any journey, whether you're commuting to the office or embarking on an exotic adventure. A stalwart protector of all your worldly possessions, these hardworking travel totes can withstand anything life throws their way, from the rigors of a business trip to a leisurely weekend jaunt. So next time you reach for your backpack, remember it's more than just a bag - it's your trusted sidekick on any journey. |
2025-06-13 Read more on Wired (www.wired.com) |
Cybersecurity Alert: Critical Flaw Exposed in Ivanti Software |
 Cybersecurity experts have identified a critical vulnerability in three Ivanti security products - Connect Secure, Policy Secure and ZTA Gateways - that could enable malicious hackers to remotely execute arbitrary code. This exploit can potentially allow attackers to run malicious scripts, modify, or even erase files on the system, depending on user privileges. The issue affects users of these widely used SSL VPN solutions which are designed to provide secure access to corporate data for remote workers and mobile employees. |
2025-04-03 Read more on Center for Internet Security (www.cisecurity.org) |
Title: Critical Flaws Found in Ivanti Endpoint Manager Leave Systems Exposed to Hackers |
 Severe Vulnerabilities Found in Ivanti Endpoint Manager SoftwareA critical flaw has been discovered in Ivanti Endpoint Manager that can be exploited remotely to execute code. This affects systems where the software is installed and allows attackers with sufficient privileges to install programs, alter data, or erase files. The vulnerabilities could compromise entire networks if not patched promptly. |
2025-04-08 Read more on Center for Internet Security (www.cisecurity.org) |
Adobe Software Holes Uncovered: Patch Now to Avoid Malware Mayhem |
 Adobe's array of products has been left vulnerable to multiple security flaws, with the most critical potentially allowing arbitrary code execution. The affected Adobe offerings include Commerce, Experience Manager Forms, ColdFusion, After Effects, Media Encoder, Bridge, Premiere Pro, Photoshop, Animate, Experience Manager Screens, FrameMaker, and XMP Toolkit SDK. Successful exploitation of these vulnerabilities could lead to significant security breaches, including the installation of programmes, alteration or deletion of data, and creation of new user accounts with full rights. |
2025-04-08 Read more on Center for Internet Security (www.cisecurity.org) |
Fortinet Flawed Fortress: Multiple Critical Vulnerabilities Discovered in Popular Security Software |
 Multiple critical security vulnerabilities have been discovered in various Fortinet products, including a severe issue that allows for remote code execution. This flaw has the potential to permit attackers to install programs, modify data or create new accounts with full admin rights if exploited successfully. The vulnerabilities impact multiple platforms such as FortiAnalyzer, FortiClient EMS, FortiOS, FortiProxy and others. Users are advised to update their software to the latest versions to prevent attacks. |
2025-04-08 Read more on Center for Internet Security (www.cisecurity.org) |
Multiple Flaws in Adobe Apps Expose Users to Malicious Code Injection |
 Adobe patches critical flaws in software suite. A series of vulnerabilities has been identified in Adobe products, the most serious of which could allow arbitrary code execution if exploited successfully. Successful exploitation allows an attacker to install programs or access, modify, delete data and create new accounts based on system permissions. Those with fewer privileges will be less impacted than those with admin rights. |
2025-05-14 Read more on Center for Internet Security (www.cisecurity.org) |
Title proposal: 'Multiple Flaws in Ivanti Endpoint Manager Mobile Software Expose Systems to Distant Code Execution' |
 Cybersecurity researchers have uncovered several vulnerabilities in Ivanti Endpoint Manager Mobile software. The most critical flaw allows attackers to execute malicious code remotely and potentially gain privileged access to systems if exploited. This issue highlights the importance of keeping endpoint security up-to-date across all devices. Organizations should promptly address these weaknesses to protect their mobile endpoints from potential threats. |
2025-05-15 Read more on Center for Internet Security (www.cisecurity.org) |
Title: 'Facebook and Instagram Lockdowns: A Guide to Regaining Access When Banned' |
 Protecting yourself when your online accounts get hacked can be stressful but there is a lot you can do to prevent it from happening again. To prove your identity after an account has been accessed, first try resetting your password if possible. If you cannot access your associated email or phone number, go to the website of the hacked site and follow their process for regaining access. Changing your password to something unique and long will make it harder for hackers to guess in future. Enabling two-step verification with an app or security key adds extra security and notify you if someone logs in from a new device. Removing suspicious friends can also help prevent further problems. |
AsyncRAT Malware Spreads via Phishing Campaign Targeting Travellers to Fake Booking.com Sites |
 Cyber thieves are sharpening their claws ahead of the festive period, as a wave of AsyncRAT malware is set to sweep across the globe. This insidious strain is designed to siphon sensitive data from unsuspecting victims and wreak havoc on digital systems. As cybercrime gangs ramp up their activities in anticipation of heightened online activity during the holiday season, businesses and consumers must remain vigilant to avoid becoming a target. |
2025-06-02 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Booking.com Reservation Abusers Cash In on Travelers' Woes |
 Cybercrooks targeting hotels for financial gain is a growing concern, as they exploit weaknesses in reservation systems to swindle unsuspecting guests. Criminals are increasingly using hotel websites and online booking platforms to steal money from visitors, often by adding fake charges or manipulating prices. Travelers need to be vigilant when making reservations, checking their accounts regularly and reporting any suspicious activity to avoid falling victim to these scams. Hotels too must ensure their systems are secure to protect customers' financial information. |
2025-06-06 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Oracle Cloud Breach Exposed, Company Shields Details to Protect Customer Trust |
 Oracle's Gen 1 cloud platform has been breached, but the company is keeping quiet about it. The attack impacts legacy customers who use Oracle Cloud Classic. This breach was likely due to a lack of security updates and upgrades, leaving older systems vulnerable to known exploits. Although Oracle claims no sensitive data has been stolen, customers are right to be worried about the lack of transparency on this issue. |
Title: Open-source Software Scourge Continues as Malicious Packages Infiltrate Major Repositories |
 Several malicious packages have been discovered on npm, Python, and Ruby package repositories. These rogue packages are capable of draining cryptocurrency funds, deleting entire codebases, and stealing Telegram API tokens, showcasing the wide range of supply chain threats lurking in open-source ecosystems. According to reports from security firm Checkmarx, users should exercise caution when installing software from these sources. |
2025-06-04 Read more on The Hackers News (thehackernews.com) |
Google Uncovers Sophisticated Vishing Campaign by UNC6040, Targets Salesforce Users with Deceptive Data Loader App |
 Google has revealed details of a financially motivated cyber threat group known as UNC6040 that focuses on vishing campaigns. This malicious crew targets organizations' Salesforce instances with large-scale data theft and extortion. The attack methodology involves voice phishing where attackers trick victims into divulging sensitive information, enabling them to breach the organisation's cloud-based services. |
2025-06-04 Read more on The Hackers News (thehackernews.com) |
Cloud Security Holes in Cisco ISE Expose Enterprises to Widespread Threats Across AWS, Azure, and Oracle |
 Critical Cisco ISE Flaw Fixed: Unauthenticated Attackers Could Have Ridden Roughshod Cisco's Identity Services Engine (ISE) has had a critical security patch released to plug a gaping hole that could have allowed unverified baddies to wreak havoc on vulnerable systems. The flaw, tracked as CVE-2025-20286 and rated a whacking 9.9 out of 10 in terms of its potential for causing harm, is a type of static credential vulnerability. |
2025-06-05 Read more on The Hackers News (thehackernews.com) |
Chrome Extensions Exposed: API Keys and User Data Leaked Through HTTP, Hard-Coded Credentials Vulnerability Discovered |
 Symantec cybersecurity experts have identified multiple popular Google Chrome extensions that leak user data over unencrypted HTTP connections and hardcode secrets into their code. This vulnerability exposes users to privacy risks and potential cyber attacks, even when not actively browsing affected sites. The exposed extensions include: a) Avast Online Security; b) AVG Secure Search; c) Malwarebytes Anti-Malware Free; and d) Web of Trust. |
2025-06-05 Read more on The Hackers News (thehackernews.com) |
Chrome Zero-Day Exploit, Malware Wipes Data and iPhones Hit with Zero-Click Attacks. |
 Behind every security alert lurks a more significant tale - one of flawed design, hidden vulnerabilities or subtle abuse. A well-crafted warning is just the tip of an iceberg, concealing the real story beneath. This week we delve deeper to uncover what truly matters: the design flaws that leave us exposed, the silent misuse of power and the gaps in control that threaten us all. If you're responsible for security, knowing where to look makes all the difference between a false alarm and a genuine threat. |
2025-06-09 Read more on The Hackers News (thehackernews.com) |
Chinese State-Sponsored Hackers Cast a Widespread Net: 73 Targets Across Diverse Industries Fall Prey to Cyber Attacks |
 US Cybersecurity Firm Sentinal One Hit by Sophisticated Hackers Sentinal One, a US based cybersecurity company, was targeted in a sophisticated hacking campaign. The attack was part of a series of similar incidents between July 2024 and March 2025. The firm's security experts have identified a South Asian government entity, a European media outlet, and over 70 companies across various sectors as targets. |
2025-06-09 Read more on The Hackers News (thehackernews.com) |
Title: Securing AI's Hidden Backdoors - Uncover and Protect Your Secret AI Assets |
 Artificial intelligence is revolutionising our lives, but it's also creating new security threats if we're not careful. AI agents, chatbots and automation scripts are all using background identities such as API keys, service accounts and OAuth tokens to operate without being seen. If these aren't properly secured, they can be exploited by hackers for nefarious purposes, potentially leading to devastating breaches of our privacy. |
2025-06-12 Read more on The Hackers News (thehackernews.com) |
Lee Enterprises Catches Cracks in Cyber Defences: Data Heist Exposes Thousands to ID Theft Risks |
 Lee Enterprises, a regional US newspaper publisher, has suffered a ransomware attack affecting some 40,000 individuals. While the company hasn't explicitly confirmed if it paid a ransom, its reluctance to deny such a claim is telling. Cyber attacks of this nature are becoming increasingly common in the media sector, highlighting the importance of robust cybersecurity measures for protecting sensitive data. |
Chinese authorities accuse Taiwanese government-backed hackers of leading weak attacks. |
 In a striking reversal of recent allegations, China's National Computer Virus Emergency Response Center has published a report claiming Taiwan launched a sustained cyber attack on the country in conjunction with the US. According to the report, the attacks were remarkably weak, likening them to an ant trying to shake a tree. This report comes after Chinese authors previously alleged that the US had engaged in hacking activities aimed at discrediting Beijing. The new claims highlight the ongoing tension between the two nations and the complex nature of international cyber warfare. |
£43M Stolen: Cyber Thieves Breach 100k+ UK Taxpayer Accounts in Notable HMRC Hack of 2024 |
 UK tax collection agency Her Majesty's Revenue and Customs (HMRC) has announced that hackers managed to swindle an impressive £47 million from its coffers in 2013. However, HMRC is keen to point out that this was not the result of a cyber attack.It's more like an old-fashioned bank heist, with hackers using 'social engineering' techniques to trick staff into divulging sensitive information. The thieves then used this data to access customer accounts and drain them of their funds. |
AT&T's Latest Data Breach: Déjà Vu All Over Again |
 AT&T probes fresh leak of 2 million customer records, likely resold from previous breach. The US telecoms giant is examining the latest incident after discovering its customers' data has been posted online for sale. It's thought the information may have originated from a past cyberattack that compromised millions of users in 2020, when hackers sold over 68 million AT&T customer records on the dark web. |
Chinese cyber spies stockpile 'backdoors' in major corporations across Europe and Asia, raising fears of impending global cyber conflict. |
 A major cyber heist has been uncovered by cybersecurity firm SentinelOne after they found themselves in the crosshairs of an espionage campaign. The company detected the threat when they inadvertently targeted their own servers with malicious code. This led them to identify over 75 compromised organisations worldwide, including IT services firms, media groups and government entities.It appears that these companies have been infected by Chinese-linked hackers who sought to gain access to strategic networks in anticipation of a potential conflict. |
Apple Tries to Keep Itself Under Control with Lightweight Linux Containers on macOS |
 Apple has released an open-source containerisation platform designed to boost security and efficiency when creating and managing Linux containers on macOS. The platform, built upon Swift, Apple's modern programming language, is aimed at reducing potential vulnerabilities associated with traditional container orchestration systems.Key features of this new framework include improved isolation capabilities, which help prevent malware spreading between containers, as well as enhanced performance through optimised resource allocation and faster start-up times for Linux workloads on Macs. |
Beware: 'Badbox' Malware Returns with Deadlier Version 3, Say Experts |
 Badbox 2.0: The Resilient Botnet Strikes AgainThe notorious Badbox botnet, responsible for infecting millions of smart TVs and connected devices since its initial emergence, is poised for another round of digital attacks according to a security expert who first uncovered the threat. Despite efforts by private researchers and law enforcement to disrupt its infrastructure, the malware remains active and continues to evolve. This development highlights the ongoing challenge of tackling persistent cyber threats in an increasingly interconnected world. |
Firms seek bright sparks - or at least people who've been doing this job since before you were born. |
 UK cybersecurity employers demanding too much from graduate recruits. Job adverts riddled with unrealistic requirements causing talent drought. Industry body ISC2 urges hiring managers to take a reality check.ISC2 states many junior positions require skills and experience that are not attainable for graduates, making it hard for them to fill roles. They call on employers to adapt job specifications to be more realistic about the abilities of new entrants.This could help tackle the industry's ongoing recruitment struggles. |