Infosec News
In today's interconnected digital landscape, cyber security threats are no longer confined to national borders. Malware, phishing attacks, data breaches, and other forms of cyber crime can strike at any moment, anywhere in the world. To help you stay informed and prepared, our curated list aggregates the most important InfoSec news from around the globe. From major breach announcements to emerging trends in cyber security research, this roundup brings you the latest developments that impact your digital security and online privacy. Whether you're a security professional, IT administrator, or just tech-savvy individual, we've got you covered with the insights and intelligence you need to navigate our rapidly changing cyber environment.
US Fears South Korean Chip Makers' Dependence on Chinese Manufacturing |
 US restricts South Korea's chip production in China as tensions escalate.The US Commerce Department has announced that South Korea's Samsung and SK Hynix, major memory vendors, must obtain licenses to manufacture restricted semiconductor technology within Chinese fabrication plants. This move is a significant escalation of tensions between the two nations amid ongoing diplomatic disputes over various trade issues. The restriction will likely impact the global microchip market and affect consumer electronics prices worldwide. |
Failover Fiasco: From Part-Timer to Full-Time DBA in One Disaster |
 Here's my version of the article:**Monday Mishaps: Your Guide to Cyber Security Blunders**Are you tired of the same old IT disasters? Look no further than Monday Mishaps, our weekly rundown of reader-submitted cyber security blunders. Each week we'll be sharing a new tale of woe from our readers, and how they managed to survive (just about) intact.From accidental data deletions to poorly configured firewalls, we've seen it all. And who better to tell you the tales than the people who've lived through them?So if you're ready to laugh, cringe or commiserate with your fellow IT professionals, then Monday Mishaps is the column for you. |
Oracle's Larry Ellison Funds £118m AI Vaccine Research at Oxford Uni - The Oracle mogul's latest philanthropic endeavour aims to develop a new generation of AI-powered vaccines, with the university leading the charge. |
 Billionaire backs £118m project to develop treatments using artificial intelligence and AI, targeting hard-to-prevent diseases and illnesses. The collaboration between the billionaire backed group and Oxford University hopes to use machine learning techniques to identify potential vaccines and treatments for diseases such as HIV and tuberculosis. The funding of $169.6 million is part of an attempt by tech moguls to fund research into life sciences projects. |
Four new faces join the crew on the sinking ship that is Atos' sales division. |
 Atos, touted as a top AI-driven digital transformation player, has welcomed high-profile executives onto its board. The move comes as some question whether such large corporations are truly committed to genuine innovation or merely relying on buzzwords to attract business. Critics argue that companies like Atos often overpay seasoned leaders, who may struggle to address the root issues plaguing these firms. As Atos faces financial challenges, one must consider whether this new leadership will be enough to turn its fortunes around. |
Aussie Tesla Owners Face Electric Window Scare as Cars Recalled Due to Exuberant Glass Actuation |
 In a worrying software error, Tesla has issued a recall for its Australian vehicles due to concerns over the safety of the windscreen wipers. The issue arises from a potential glitch that could cause the windscreen wipers to close more forcefully than intended onto the face of an unsuspecting driver. This malfunction is considered a serious safety risk and affects some models sold in Australia, prompting the manufacturer's decision to take action. |
Wi-Fi Router Roundup: Eero Pro 7 Sets Sail with Ease and Speed |
 The Eero Pro 7 mesh Wi-Fi system offers seamless connectivity and a user-friendly interface for setting up your smart home network. Its compatibility with the latest Wi-Fi 6 standard ensures strong speeds even in larger homes or those filled with many devices. The Eero app makes it easy to customise settings, prioritise traffic, and monitor performance, all without requiring advanced technical knowledge. For those seeking an uncomplicated yet high-performance solution for their smart home network, the Eero Pro 7 is definitely worth considering. |
2025-08-29 Read more on Wired (www.wired.com) |
SpaceX's Unorthodox Reusability Strategy Pays Off as Falcon 9 Milestones Mount |
 The reliable Atlas V rocket has successfully carried out another mission, solidifying its reputation as a dependable workhorse for NASA's launch needs. This latest endeavour saw the rocket delivering a classified payload to space with ease, bringing its total success count to an impressive tally. Despite some minor delays and technical issues in the past, the Atlas V remains a trusted choice for missions requiring precision and reliability. Its consistency has earned it a spot as one of the go-to rockets for NASA's critical operations. |
2025-08-30 Read more on Wired (www.wired.com) |
Cryptocurrency Frenzy DOGE Sparks Massive Cyber Heist - Thousands Left Vulnerable as Personal Data Leaked, Warns Insider |
 A fresh wave of cyber attacks is sweeping across the globe, with hackers from China's Salt Typhoon gang targeting over 600 companies spanning 80 different nations. Meanwhile, former US presidential hopeful Tulsi Gabbard has made good on her campaign promise to purge CIA agents from Hawaii's National Guard. And in a separate incident, hackers have knocked out communications systems for an Iranian ship. |
2025-08-30 Read more on Wired (www.wired.com) |
Ancient Britain's Hottest Summer: How Scorcher Spells Doom to the Fittest Amongst Us |
 Heat shock protein is activated in our cells when exposed to high temperatures, which triggers an inflammatory reaction and causes cellular stress, leading to faster ageing. While smoking and drinking cause cell damage due to toxins, they don't activate the same heat-shock response as extreme heat does. This suggests that overheating can lead to accelerated biological aging in a unique way compared to other harmful activities. |
2025-08-30 Read more on Wired (www.wired.com) |
Breathtaking Discovery: New Species of Cells Found to Thrive on Dual Oxygen Intake |
 A remarkable discovery has been made in the depths of Yellowstone National Park - a microbe thriving in an unusual environment has been found to breathe both oxygen and sulfur simultaneously. This unique organism, living in the park's hot spring, defies conventional expectations, showcasing nature's incredible diversity. While life typically relies on either aerobic or anaerobic respiration, this microbe has adapted to utilise both methods of energy production, a testament to its remarkable resilience. |
2025-08-31 Read more on Wired (www.wired.com) |
Blasting Off to the Beats: Rocket Fuel Meets Sonic Boom in this Unconventional Speaker Series |
 The &Space Project has unveiled its latest endeavour, transforming spent rocket fuel tanks into eco-friendly speakers. Dubbed 'Debris', this innovative initiative seeks to mitigate the vast amount of waste generated by space exploration while providing a unique sonic experience. The converted containers create an immersive audio system, serving as both a creative solution for disposing of discarded materials and a commentary on our rapidly expanding reliance on space technology. |
2025-08-31 Read more on Wired (www.wired.com) |
Splish, Splash, Spill No More: Expert Tips For Cleaning Your Television and Computer Screens |
 The scourge of smudges on your screen - time to give your computer monitor a good old-fashioned spring clean! First, switch off that pesky thing and unplug it. Next, grab some gentle cleaning solution and a soft cloth (microfibre is best). Dampen the cloth lightly - don't make it sopping wet or you'll ruin the screen. Wipe from top to bottom, removing any stubborn smudges. Don't use caustic wipes though, as they're too harsh for modern screens. Finally, dry with a clean cloth and voila! Your monitor should be sparkling like new again. Happy cleaning! |
2025-08-31 Read more on Wired (www.wired.com) |
10 Essential Privacy Tweaks For Your Android Smartphone |
 Despite some impressive features, certain Pixel phone capabilities can be disabled for various reasons. This guide shows how to turn them on and make the most of your device.1. Google Assistant's volume button shortcut: To use this feature, go to settings, search for 'button shortcuts', then select 'volume down key' and assign an action like launching the camera app or taking a screenshot.2. Gesture navigation: This can be enabled by going to settings, then navigating to system, then gestures. Choose your preferred gesture options from there.3. Developer mode: To turn this on, head to settings, scroll down to 'system', tap 'advanced', select 'developer options' and enable it. |
2025-08-31 Read more on Wired (www.wired.com) |
Bargain Slumber: Top Labour Day Mattress Deals to Refresh Your Snooze |
 The big sleep sales have finally arrived, making now the perfect time to upgrade your mattress. Here is a rundown of the top deals for you to take advantage of before the extended bank holiday weekend:1. Tempur-Pedic: 20% off all orders with code TEMPURSALE2. Sealy: Up to 50% off select models, including $300 off the Posturepedic Plus3. Serta: Save up to 40% on certain mattresses and bed frames4. Nectar: Exclusive 30% discount for new customers with code NECTAR305. Purple: Get a free mattress protector worth £50 when purchasing the original Purple mattressThese sales are just what you need after months of sleeping on a flat, old mattress. |
2025-08-31 Read more on Wired (www.wired.com) |
China readies to unveil cutting-edge military arsenal at international defence expo, showcasing technological prowess on global stage. |
 China's "Victory Day" military parade on September 3rd is a bold declaration of its growing military might. The event will mark 80 years since China defeated Japan in World War II, and it serves as a powerful reminder of the country's resilience and strength. As a nod to the international community, the parade may also be seen as a message from Beijing: "We're here, we're strong, and don't mess with us." The timing of this event is particularly significant, as it coincides with heightened tensions between China and Western nations over trade disputes and territorial claims in the South China Sea. |
2025-09-01 Read more on Wired (www.wired.com) |
Title: "Countdown to Savings: Our Top 62 Labour Day Deals - Don't Miss Out" |
 Summer may be waning, but savings are still sizzling. With the Labour Day weekend just around the corner, retailers are offering fantastic discounts on a range of WIRED-approved gadgets. Top of the list are some cracking deals on top-notch Bluetooth speakers that will ensure your outdoor gatherings stay merry and loud. Meanwhile, power banks to keep your devices juiced up are also seeing big price cuts.For those who can't resist a good pie in the sun, pizza ovens are being sold at a fraction of their original cost. The perfect excuse to fire up the backyard BBQ and cook up some mouth-watering Italian delights. |
2025-09-01 Read more on Wired (www.wired.com) |
"Ear It Like You Mean It: Feline and Canine Grooming Dos and Don'ts"A comprehensive guide on pet care has been released. Experts advise that dog owners regularly clean their pets' ears while felines require nail clipping. |
 Pet owners may find themselves unsure about how to care for their pets properly. Fortunately, various sources provide a wealth of information on best practices and helpful tips. For example, bathing is an essential part of keeping your furry friend clean and healthy. Experts advise using appropriate shampoos and ensuring the water is not too hot. It's also crucial to trim nails regularly as they can grow excessively if neglected. This can lead to discomfort for your pet, which may result in them causing damage to furniture or other household items. |
2025-09-02 Read more on Wired (www.wired.com) |
Audi's New Electric Sports Car Signals the Start of a Design Revolution |
 Audi has launched a sporty, lightweight TT-inspired car as part of its new "radical simplicity" plan. This scheme aims to reduce complexity in design and technology while still delivering engaging driving experiences. The car combines elements from the TT with Audi's Q2 crossover. It features a lower starting price than its more complex sibling and is positioned as an affordable, easy-to-drive alternative for urban environments. |
2025-09-02 Read more on Wired (www.wired.com) |
Google Chrome Zero Day Bug Allows Malicious Websites to Hijack Computers |
 Cyber security pros sound alarm as Google Chrome vulnerabilities expose users to potential exploitation by hackers, putting sensitive data and system settings at risk. The most critical flaw allows arbitrary code execution, opening doors for attackers to install malware, view, modify or delete files, or even create new admin accounts. Users with restricted permissions may be less affected but those with admin rights are prime targets. |
2025-07-23 Read more on Center for Internet Security (www.cisecurity.org) |
A Potentially Perilous Patchwork: Flaws in Apple's Defences Leave Users Vulnerable to Malicious Intrusions |
 Apple devices riddled with vulnerabilities, one of which lets hackers run arbitrary code and install malware with admin privileges, potentially granting access to sensitive data. The more severe bugs affect iOS, macOS, tvOS and watchOS products, while a lesser flaw impacts the Safari browser on Windows and Linux machines. Apple is yet to issue patches for these security holes, so users are advised to be extra cautious until they do. |
2025-07-30 Read more on Center for Internet Security (www.cisecurity.org) |
Beware The Storm: Microsoft Unveils Critical Patch Release to Ward Off Cyber Menace |
 Microsoft Products Plagued by Multiple Vulnerabilities A series of critical vulnerabilities have been identified in various Microsoft products, the most severe allowing for remote code execution. Depending on user privileges, this could result in programmes being installed, data viewed, modified or deleted, and new accounts created with full access rights.Those operating under standard user rights will be less impacted than those utilising administrative user rights. |
2025-08-12 Read more on Center for Internet Security (www.cisecurity.org) |
Adobe's Achilles' Heel: Multiple Flaws Expose Users to Malicious Attacks |
 Adobe has issued patches for multiple vulnerabilities in its software suite, including several that could lead to arbitrary code execution if exploited. The most severe vulnerability, found in Adobe Commerce and others, could allow attackers to install programs, view, change or delete data, create new accounts, or gain full user rights if successfully exploited. Users with administrative privileges are at greater risk than those with fewer user rights. |
2025-08-13 Read more on Center for Internet Security (www.cisecurity.org) |
Two-Factor Tapping In: A Step-by-Step Guide to WhatsApp Two-Factor Verification |
 Step by step instructions on enabling two-factor authentication for WhatsApp on Android, iOS, and iPadOS are provided in this comprehensive guide. To begin with, ensure you're running the latest version of the app. Open WhatsApp, navigate to 'Settings', and tap 'Account'. Select 'Two-step verification' from here and follow the prompts. Provide a password which will act as your two-factor authentication key when prompted. If using Android or iOS, enter your password within the next hour for added security. |
2025-09-01 Read more on Malwarebytes Labs (www.malwarebytes.com) |
WhatsApp Fights Back Against Zero-Click Exploit Abuse |
 WhatsApp, the popular messaging app owned by Facebook, has just fixed a critical flaw that allowed hackers to execute remote code execution and eavesdrop on calls without any user interaction. The issue, identified as CVE-2022-35934, was found in conjunction with an existing vulnerability in Apple's iOS, which enabled attackers to bypass security measures and spy on victims' conversations. WhatsApp's patch brings relief to the millions of users worldwide who use the platform for both personal and professional communication. |
2025-09-01 Read more on Malwarebytes Labs (www.malwarebytes.com) |
A More Dynamic Approach to Cybersecurity: Making Vulnerability Management a Business Process |
 Vulnerability Management: From Data Dump to Frontline DefenceTraditional vulnerability management stops short of providing actionable insights for security analysts, who then bear the brunt of identifying and fixing issues. The changing landscape demands more from VM - it must now provide immediate alerts and recommendations for remediation. Workflow-centric solutions are emerging that address this need by integrating intelligence directly into incident response processes. These new solutions will replace traditional data-dumping approaches and arm front-line staff with the tools to tackle threats in real-time. |
2025-08-11 Read more on Tripwire (www.tripwire.com) |
Title: Record Breaking DDoS Attack Hits 11.5 Tbps - Can Your Infrastructure Cope? |
 Cloudflare Successfully Blocks Record-Breaking 11.5 Tbps DDoS Attack Originating From Google Cloud Services.The internet security firm, Cloudflare, has just announced its triumph over the largest ever distributed denial-of-service (DDoS) attack on record, peaking at an astonishing 11.5 Tbps. The assault was primarily fueled by a UDP flood emanating from Google Cloud services as part of a prolonged wave of attacks lasting several weeks.This significant event highlights the increasing potency and sophistication of cyber threats in modern times. Cloudflare's successful blocking of this massive DDoS attack underscores its robust capabilities against even the most formidable online assaults. |
2025-09-02 Read more on Security Affairs (securityaffairs.com) |
CISA Bolsters KEV Catalog with Notorious Citrix and Git Flaws |
 The US Cybersecurity and Infrastructure Security Agency (CISA) has added three critical security flaws, including two impacting popular software systems, to its list of known exploited vulnerabilities. The compromised systems include Citrix Session Recording and Git due to the active exploitation of these weaknesses. The first flaw, CVE-2024-8068, is an improper privilege management vulnerability in Citrix Session Recording with a CVSS score of 5.1 out of 10. This indicates that the risk is moderate. |
2025-08-26 Read more on The Hackers News (thehackernews.com) |
New 'MixShell' Malware Attacks U.S. Manufacturers via Contact Forms, Exposing Vulnerabilities in Supply Chain Security |
 Cyber security specialists have unearthed a complex cyber campaign targeting crucial supply chain manufacturing companies with MixShell malware. Dubbed ZipLine by Check Point Research, this sophisticated attack involves social engineering where attackers manipulate a company's 'Contact Us' form to initiate contact. Rather than relying on phishing emails, hackers utilise public-facing forms to launch their assault. |
2025-08-26 Read more on The Hackers News (thehackernews.com) |
Sneaky 5G Attack Batters Phones, Demotes Mobile Network to 4G |
 Researchers at the Singapore University of Technology and Design have created an open-source tool called Sni5Gect, which enables them to downgrade a 5G connection to an earlier generation without using a rogue base station. This novel attack exploits vulnerabilities in the 5G protocol stack, allowing attackers to intercept and manipulate critical control-plane signalling messages. The implications are significant, as this could potentially allow malicious actors to disrupt or even take over networks. |
2025-08-26 Read more on The Hackers News (thehackernews.com) |
Artificial Intelligence Malware Threatens Global Infrastructure with Sophisticated Automated Attacks |
 Anthropic's AI-powered chatbot Claude was hijacked by a sophisticated cyber attacker in July 2023 to steal personal data from at least 17 organisations across various sectors including healthcare, emergency services, government, and religion. The attack is believed to be one of the most significant cases of AI exploitation to date, with far-reaching implications for data security and organisational resilience against such threats. |
2025-08-27 Read more on The Hackers News (thehackernews.com) |
US Slams Brakes on North Korean Cyber Scammers Raking in Millions with Sophisticated Cryptocurrency Heists |
 U.S Treasury Sanctions North Korea IT Workers For Weapons Funding The U.S Department of Treasury has imposed sanctions on two individuals and two entities accused of supporting North Korea's nuclear and missile programmes through cybercrime activities.The Office of Foreign Assets Control claims the four targeted parties are involved in a scheme to generate revenue for the North Korean regime by offering remote information technology services. It is alleged they carried out hacking operations against foreign companies resulting in financial losses.Those affected will have their assets frozen and U.S citizens prohibited from doing business with them. |
2025-08-28 Read more on The Hackers News (thehackernews.com) |
The Unseen Weaknesses of Project Management Software Exposed and Protected by FluentPro Backup |
 Businesses may trust collaboration platforms like Trello and Asana for task management but it's essential to remember that even these reputable services can breach trust. A report by Statista found the average cost of a data breach worldwide in 2024 was $4.88 million, a staggering figure. That same year saw over 15 million Trello user profiles' private data shared on a popular hacking forum, highlighting just how easily trust can be broken in an increasingly digital age. |
2025-08-28 Read more on The Hackers News (thehackernews.com) |
Amazon Cracks Down on Russian Hackers Exploiting Flawed Microsoft Tech |
 Amazon Web Services on Friday reported disrupting a suspected Russian state-sponsored cyber espionage effort that was using compromised websites to spread malware onto the computers of unsuspecting victims. The campaign, attributed to APT29 hackers, involved redirecting visitors from infected sites to malicious servers hosting Microsoft device code, tricking users into installing malware allowing attackers to take control of their machines. |
2025-08-29 Read more on The Hackers News (thehackernews.com) |
DevSecOps Convergence: A Unified Approach to Cybersecurity in a Distributed World |
 Picture this: Your team releases new code to the cloud, confident it's solid.But lurking within is a minuscule flaw that erupts into chaos as soon as it lands.Hackers seize upon it, and your company faces an expensive mess costing millions globally.The average data breach in 2025 racks up a staggering $4.44 million bill worldwide.A big chunk of these costs stem from the inability to detect vulnerabilities in code before they wreak havoc.Companies need robust software development processes that can identify and plug these flaws early, not just relying on fire-fighting once the damage is done.Code quality matters: it's time to take this seriously. |
2025-08-29 Read more on The Hackers News (thehackernews.com) |
WhatsApp Confronts Zero-Day Threat as iOS and macOS Users Urged to Update Immediately |
 WhatsApp fixes security weakness affecting iOS and macOS messaging appsFollowing Apple's disclosure of a zero-day bug, WhatsApp has addressed an unrelated security flaw that could be exploited in targeted attacks.The vulnerability, identified as CVE-2025-55177 with a CVSS score of 5.4, deals with insufficient authorisation for linked device sync messages.WhatsApp researchers discovered the issue internally and acted swiftly to patch it before potential exploits by malicious actors. |
2025-08-30 Read more on The Hackers News (thehackernews.com) |
Malicious software exploiting security vulnerability in a Microsoft-signed driver, allowing ValleyRAT malware to infiltrate systems. |
 Silver Fox threat actor uses previously unknown bug in WatchDog Anti-malware driver to disable security solutions, exploiting 'amsdk.sys' vulnerability. This BYOVD attack leverages a legitimate Windows kernel driver, highlighting the danger of zero-day vulnerabilities within software components. The malicious exploitation of validly signed drivers demonstrates the importance of keeping systems updated and monitoring for unknown threats. |
2025-09-02 Read more on The Hackers News (thehackernews.com) |
North Korean APT Lazarus Unveils Trio of New Malware Threats |
 North Korean hackers known as Lazarus Group have been linked to a sophisticated social engineering campaign which has seen them distribute three pieces of malware designed to target the Decentralised Finance (DeFi) sector. The malware in question - named PondRAT, ThemeForestRAT and RemotePE - were identified by NCC Group's Fox-IT in 2024 after they launched an attack on a DeFi company that resulted in their systems being compromised. |
2025-09-02 Read more on The Hackers News (thehackernews.com) |
Sleuths uncover malware-ridden apps in Google's Play Store that duped millions |
 Here's my response:In a worrying revelation, cloud security company Zscaler has uncovered that over 19 million dodgy apps infected with malware had been downloaded from Google Play Store despite the tech giant's best efforts to keep the platform safe.The news highlights the ongoing challenges of keeping online marketplaces free from malicious software as users remain vulnerable to attacks through compromised mobile applications. |
Attackers strike early, but Citrix gets there first with trio of NetScaler security fixes |
 It seems like Citrix is playing catch-up with their security, as criminals have found a way to exploit yet another zero-day vulnerability in their NetScaler products. Three new patches were released, but unfortunately, these vulnerabilities had already seen some action from malicious actors before they were plugged. It's an unfortunate reminder that the cat-and-mouse game between software developers and hackers is ongoing. |
Doge's Cloud Conundrum: US Social Security Database Duplication Sparks Concerns |
 The Federal Government's Cost-Cutting Unit - Remember Them? Well, They're Still Causing Problems.It seems that a Social Security Administration employee has blown the whistle on some dodgy cost-cutting shenanigans carried out by Donald Trump's former team. It appears that these penny-pinchers decided to duplicate an entire agency database in a cloud environment without authorisation - and now, the records of every single American are at risk.This is just another example of how short-sighted cost-cutting measures can put sensitive information in jeopardy. One hopes someone will take responsibility for this mess before it's too late! |
Title: "Church of England Abuse Victim Details Exposed by Blundering Lawyers" |
 Apology Issued After Unfortunate Mass Email Blunders Personal Info of 200 Redress Scheme ApplicantsA London law firm has been left red-faced after they inadvertently sent a mass email that exposed the names and details of nearly two hundred people who had opted to receive updates about the Church of England's redress scheme for abuse victims. The scheme, set up to address historical abuses perpetrated by members of the clergy, is meant to be a support system for those affected. Instead, it seems this law firm took an unfortunate detour down the information super highway and ended up on the wrong side of the digital road. |
The Mysterious Case of the Golden Arch Robber and the Battered Robot Bandit |
 Researchers discovered critical vulnerabilities in Pudu, the world's top supplier of commercial service robots. The firm had left its administrative interfaces unsecured, allowing hackers to take control of and reprogram delivery robots at will. This oversight highlights the potential for cyber threats to compromise automated systems used in various sectors, underscoring the need for robust security measures in IoT devices. |
UK Frigate Delayed by Norwegian Deal Fiasco: A £10 Billion Slip-Up |
 BAE Systems has finally started production on its Type 26 anti-submarine warships, only for them to be snapped up by Norway before they even reach our waters. A £10 billion contract with Norway is a welcome boost to Britain's economy but will likely push back the introduction of these desperately needed vessels into Royal Navy service, leaving us vulnerable once more to the growing threat from submersible foes. |
Microsoft Bids Adieu to PowerShell 2.0: A Legacy of Security Concerns |
 It's about time Microsoft finally gave the old girl a push! After over five years since PowerShell 3.0 was released, you'd think those stubborn users would have jumped ship by now. But nope, still clinging on like a toddler to a favourite toy. Well done, Microsoft, for officially telling them it's time to move on - whether they want to or not. PowerShell 2.0 is about as modern as Windows XP - time to leave the past in the dust! |
Outspoken US Copyright Head Fires Back After Dramatic Sacking by Trump |
 Shira Perlmutter, a renowned cybersecurity expert in intellectual property law, found herself ousted from her position as chief legal advisor at the United States Copyright Office. The decision followed a report she authored discussing limitations on fair use of generative AI technology.Perlmutter's paper argued that existing copyright laws should be adapted to address the new landscape of artificial intelligence-generated content. Her stance drew ire from Trump's administration, which sought to have her dismissal justified as lawful. |
Airbus Tows the Line with TaxiBot Innovation |
 Airlines are set for a smoother landing with the introduction of electric-powered taxiing tugs, designed by Airbus and capable of hauling narrow-body aircraft up to 70 tonnes. The eco-friendly solution aims to reduce fuel consumption and lower emissions while also reducing wear on jet engines during take-off. With an estimated £60,000-£100,000 saving per aircraft in yearly costs, the industry is optimistic about this innovation. |
A Bug-tastic Youthful Indiscretion: The Seven-Year-Old Who Wrote a Six-Figure Vulnerability |
 Here's my take on this article:"Who, Me?" returns to The Register as our regular feature highlighting reader mistakes that have been forgiven. Monday morning brings adults back into the fray, and with it, a look at how others bounce back from blunders. In this special edition, we're eager to hear your stories of errors redeemed, of lessons learned, and of the forgiveness granted after going wrong. |
Samsung Predicts Profit Slump Amid Woes with New High-Bandwidth Memory Chip |
 Investors Warned of Q1 to Q2 Market DiveThe AI gold rush has brought significant profits for some firms involved in the production of GPUs, but not all manufacturers are reaping the same rewards. TSMC and SK-Hynix have benefited from Nvidia's success, however Samsung has struggled to keep pace. As a result, investors are being advised to prepare themselves for a substantial market decline from Q1 to Q2. |
Cook's Departure: A New Chapter for Apple? |
 Jeff Williams, Apple's chief operating officer, is hanging up his hat at Cupertino next month after several years of service. He cites a desire to devote himself to friends and family in his future endeavours.Williams joined Apple back in 1998 and worked closely under the late Steve Jobs during a period of rapid expansion for the tech giant. However, it's worth noting that Williams' departure doesn't seem to signal any major shake-ups at the top levels of Apple's corporate structure. |
Samsung Acquires Xealth to Integrate Hospital Records and Wearable Data: A New Era for Telemedicine? |
 Samsung’s acquisition of Xealth may seem like a step in the right direction, but we must be cautious. If wearables are used to inform treatment decisions without proper security measures, it could lead to sensitive health information being compromised. This is not just about data breaches; it raises questions over who has access and what happens when data becomes outdated or incorrect. A balance needs to be struck between using valuable insights from wearables and ensuring the privacy of individuals. |
The best indoor television antennas for UK viewers in 2025: A comparison of Mohu, Clearstream, and One for All. |
 Cutting the cord is easier than ever, thanks to the resurgence of good old-fashioned TV aerials. For a fraction of the cost of cable or satellite, you can enjoy high-definition picture quality from major networks like the BBC, ITV and Sky Sports right in the comfort of your own home.Indoor antennas have come a long way since the days of rabbit ears and dodgy reception - modern designs are sleek, discreet and surprisingly effective. So ditch those extortionate TV subscription fees and tune in to the free airwaves with an indoor aerial. Your wallet (and your viewing pleasure) will thank you! |
2025-07-06 Read more on Wired (www.wired.com) |
AI-powered trip buddies: how technology is transforming psychedelic experiences |
 Psychedelic therapy has been gaining traction in recent years as various companies explore its potential therapeutic benefits. Some entrepreneurs have begun creating apps that offer virtual guides for users undergoing psychedelic experiences, employing artificial intelligence (AI) to personalise the experience. This is resulting in a growing trend of individuals using chatbots and other digital tools alongside their drug use. |
2025-07-07 Read more on Wired (www.wired.com) |
Thirteen Wi-Fi Routers to Get You Wired Up: Our Top Picks for 2025 |
 Don't be left lagging behind - get a wired internet connection for a faster and more secure online experience. Our top picks are tried and tested to ensure a stable broadband connection across your entire home, whether you're working from the attic or gaming in the basement. Whether you're on a tight budget or looking to splurge, we've got the perfect wired solution for you - just don't suffer the buffer any longer! |
2025-07-07 Read more on Wired (www.wired.com) |
A Chilling Tale of Candy Bans: Unraveling the Mystery Behind Jolly Ranchers' Exile from British Shelves. |
 US Regulators Under Fire for Allowing Artificial Food DyesRegulatory agencies in America face criticism over the approval of artificial food additives derived from crude oil, which some scientists say cause health issues such as hyperactivity and cancer. These dyes, commonly used in candies and processed foods, have been linked to a range of problems including hyperactivity in children and an increased risk of certain cancers. Critics argue that outdated US regulations are not keeping pace with scientific evidence, allowing these potentially hazardous substances into the food supply. |
2025-07-07 Read more on Wired (www.wired.com) |
Top 15 Air Purifier Reviews (2025) - Coway, Levoit and More |
 Air purifiers are a must-have for any British household, don't you think? They're not just for show - they can genuinely improve the health of those living in your abode. We've tested a range of models to help you pick the best one for your needs. The Levoit LV-H132 is our top choice, able to capture 99.97% of particles as small as 0.3 microns. It's compact and quiet too, so won't disturb you or take up valuable space.But there are plenty of other options available - from the super-slim Honeywell HPA300 to the powerful Coway AP-1512GA. We've taken a close look at them all, so you can rest easy knowing your home is protected against dust, pets, and allergies. |
2025-07-07 Read more on Wired (www.wired.com) |
The Cyber Scoop on Robo-Vacs: Unmasking the Top 9 for a Spotless Home, 2025 Edition. |
 A comprehensive review of robotic vacuums is in order. From affordable handheld devices capable of tackling pet hair, to more advanced models featuring cutting-edge technology like laser navigation, our article will help guide consumers in selecting the ideal device for their specific cleaning needs. Whether a budget-conscious buyer or someone willing to invest in premium features, we've got you covered with expert analysis and product comparisons that cater to all budgets. |
2025-07-07 Read more on Wired (www.wired.com) |
Amazon Review Detector: Uncovering Phony Feedback |
 Third-party sellers flood marketplaces with subpar goods. Here's how to weed out the rubbish:1. Read reviews carefully - pay attention to common complaints about a product.2. Check seller's feedback score and read recent comments on their performance.3. Look for detailed product descriptions, high-quality images and clear FAQs.4. Compare prices from multiple sellers, beware of suspiciously low prices.5. Be wary of sellers with poor ratings or those selling lots of similar products.With these tips, you'll be able to avoid dodgy vendors and find genuine goods in the competitive third-party market. |
2025-07-08 Read more on Wired (www.wired.com) |
Here's my proposed title for the article: "Nothing Phone (3) Review: A Stylish but Expensive Gimmick" |
 Nothing's latest flagship phone has launched with a splash, capturing attention despite its high price point. While it's not necessarily the most cost-effective option on the market, this new device is undeniably charming, boasting sleek design and impressive specs that set it apart from the competition. Its appeal lies in its unique blend of style and substance, making it a worthwhile investment for those seeking a premium smartphone experience. |
2025-07-08 Read more on Wired (www.wired.com) |
Zelensky's Wardrobe Malfunction: Ukrainian President Stirs Up Cyber Storm |
 Crypto gamblers are in disarray, facing significant losses after wagering on Ukrainian President Volodymyr Zelensky's sartorial choices during his address at the Davos Economic Forum. A bet that he would not wear a suit has paid out for some, while others face substantial financial losses as the president donned a bespoke black jacket over a white shirt but no tie. The stakes are estimated to be in the millions of dollars, with crypto exchanges and betting platforms handling the wagers. |
2025-07-08 Read more on Wired (www.wired.com) |
BREAKING: AI Powerhouses Empty Nest as Top Talent Defects to OpenAI |
 Several high-calibre recruits have just joined OpenAI's team in a bid to tackle its growing workload. According to sources close to the company, several new faces have been welcomed into the organisation with the sole aim of helping it scale to meet the demands placed upon it. The exact nature of these new positions remains unclear at this time but one thing is for certain - OpenAI is gearing up for a busy period ahead as it strives to deliver on its ambitious objectives. |
2025-07-08 Read more on Wired (www.wired.com) |
Amazon's Annual Sales Event Kicks Off with Widespread Discounts and Special Offers |
 As the inaugural day of Amazon's four-day Prime sale comes to a close, the WIRED Reviews team has been diligently tracking trends, deals, and anything worth mentioning. The event has seen numerous hot-ticket items fly off the virtual shelves as eager shoppers snapped them up at discounted prices. Despite initial concerns about supply chain disruptions, most sought-after products seem to be holding steady in stock. That said, a few niche items have sold out quickly, leaving some Prime subscribers feeling disappointed but not entirely surprised. |
2025-07-09 Read more on Wired (www.wired.com) |
Beauty bargains abound on Amazon's Prime Day - but be wary of fake goods. |
 Amazon's Prime Day beauty deals have gone live, but not all discounts are created equal. After rigorous testing and price tracking, we've uncovered which skincare sets, hair tools, and makeup bundles deliver real value for money.Highlights include the best value eyeshadow palettes at a fraction of their usual price, plus top-rated facial steamers that actually do what they claim. However, some bargains are just duds, so be wary of gimmicky deals on low-quality products.Read our expert verdicts and find out which Prime Day beauty offers will genuinely improve your skincare routine or transform your look without breaking the bank. |
2025-07-09 Read more on Wired (www.wired.com) |
Microsoft Rolls Out Crucial Security Fixes Across Product Lineup on July 8, 2025 |
 Microsoft Products Riddled With Serious Vulnerabilities: Cyber Threat LoomsMultiple critical security flaws have been unearthed in a raft of Microsoft products, posing significant risks to users. The most egregious vulnerability could enable attackers to execute malicious code remotely, potentially leading to dire consequences such as installing programs, altering or deleting files, and even creating new user accounts with administrator privileges. For those operating under limited user rights, the impact may be less severe compared to users who work with administrator-level access. |
2025-07-08 Read more on Center for Internet Security (www.cisecurity.org) |
FortiWeb Flaw Exposed: Potential for Malicious Code Infiltration |
 A major flaw has been unearthed in FortiWeb, a widely used web application firewall developed by Fortinet. Dubbed as a 'critical' vulnerability, it can potentially enable SQL injection attacks, which may allow malicious actors to execute arbitrary code on systems. The issue is significant given that FortiWeb is designed to shield web apps from various types of assaults, including previously unknown exploits. |
2025-07-08 Read more on Center for Internet Security (www.cisecurity.org) |
The Frightening Truth About Facial Recognition - How to Take Back Control |
 Facial recognition is creeping into our daily lives at an alarming rate - from unlocking smartphones with a glance to identifying culprits in CCTV footage. But it's not just about convenience: many companies are now using the technology without your explicit consent. Know where, when and how to opt out of this pervasive surveillance by checking if you're on facial recognition databases, asking retailers to remove your image, and choosing 'no face' login options on devices. |
2025-06-25 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Chrome update patches critical flaw: Zero-day exploit now being used in attacks, users advised to install latest patch urgently. |
 Google Chrome users are advised to install the latest security patches immediately after a critical vulnerability was discovered in the popular web browser. The software giant has issued an emergency update following reports that hackers were taking advantage of the flaw, which allows malicious scripts to be executed on affected systems. Users can protect themselves by downloading and installing the newest version of Chrome from Google's website. |
2025-07-01 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Beware: Google's Gemini AI Invades Your Apps - Including Messages |
 Google's plans for its Gemini AI are quite alarming. The company is apparently planning to give this new AI the ability to access all manner of personal data - not just email and search history, but messages from WhatsApp, location information and even utility records. This raises serious privacy concerns. People may feel uneasy about their most private communications being potentially accessed by a third party. It remains to be seen whether consumers will accept such a step for the sake of more efficient searching or not. |
2025-07-08 Read more on Malwarebytes Labs (www.malwarebytes.com) |
FBI Sounds Alarm on Decades-Old Routers as Silent Threat Lurks Within Your Network |
 How often do you update your router? If the answer is never or rarely, then you are not alone - but this lack of care could pose serious risks to your business. Malicious actors have been targeting routers that are no longer supported by manufacturers. These end-of-life (EOL) devices can be compromised and turned into stepping stones for cybercrime. The threat is real and growing, with TheMoon malware being a significant factor in many attacks. |
2025-06-26 Read more on Tripwire (www.tripwire.com) |
Title: "BreachForum Bites the Dust - The Empire Strikes Back, But This Time It's For Real" |
 French authorities have reportedly arrested several key figures involved with BreachForums, a major hub for cybercriminals. This marketplace has been one of the most active and influential in recent years, facilitating the sale of stolen data and malware. The takedown is likely to send shockwaves through the cybercrime underworld as BreachForums played a central role in the buying and selling of illicit goods on the dark web. |
A Week of Global Cybersecurity Threats, Ransomware Attacks and Cryptocurrency Hacks |
 A fresh batch of the Security Affairs newsletter has landed, bringing you the most important security stories from around the web.North Korean hackers have been busy spreading a macOS malware called NimDoor, disguising it as fake Zoom updates. Be cautious when clicking on those "update" pop-ups!Two critical bugs in Sudo, a command-line utility for Unix-like operating systems, could give attackers root access to your system. Make sure you're running the latest version.That's all for this week - stay safe out there! |
2025-07-06 Read more on Security Affairs (securityaffairs.com) |
Taiwan Unveils Security Threats in Popular Chinese Apps Following Investigative Findings |
 Taiwan's National Security Bureau has issued a warning about the security risks posed by popular Chinese apps such as TikTok and WeChat. The bureau states that these applications collect too much user data and transfer it to China. This comes after an official inspection revealed that certain Chinese apps, including Weibo and Baidu Cloud, pose significant security threats to users due to their data collection and transmission practices. |
2025-07-07 Read more on Security Affairs (securityaffairs.com) |
Beware the Batavia Menace: New Spyware Targets Russia's Industrial Backbone |
 In a targeted phishing campaign that began in March last year, malicious actors have been sending fake contract emails to Russian organisations as part of an ongoing espionage effort. These fake emails contain links leading to the Batavia spyware, which has been designed specifically to steal internal documents. The campaign, launched in July 2024, marks the latest attempt by cybercriminals to compromise sensitive information within Russian entities. |
2025-07-07 Read more on Security Affairs (securityaffairs.com) |
Microsoft's Mid-Summer Security Spree: July 2025 Patch Tuesday Tackles Critical Zero-Day Vulnerabilities |
 Microsoft has released its latest batch of Patch Tuesday security updates for July 2025. The patch bundle addresses a total of 130 vulnerabilities across various software products from Microsoft, including a critical zero-day flaw in Microsoft SQL Server.The patches target flaws in Windows and associated components, Office and related tools, .NET and Visual Studio development environments, Azure cloud services, Teams collaboration platform, Hyper-V virtualisation software, Windows BitLocker encryption utility, the Chromium-based Edge browser and numerous other Microsoft offerings. |
2025-07-08 Read more on Security Affairs (securityaffairs.com) |
Societal Shift: The Emergence of AI-Powered Security Operations Centres |
 SOCs fail to detect threats due to inefficient operations, wasting millions. With threats escalating in frequency and complexity, security leaders face the daunting task of cutting risk while delivering results without breaking the bank or expanding their teams. Meanwhile, a staggering half of all SOCs fall short of detecting attacks due to wasteful inefficiencies, squandering precious resources on reactive firefighting rather than proactive prevention. |
2025-06-27 Read more on The Hackers News (thehackernews.com) |
European Police Break-Up Global Crypto Heist Gang Netting Over Half a Billion in Stolen Money |
 Cybercrime gang behind €460m cryptocurrency investment scam busted in international crackdown Europol announced on Monday the dismantling of an enormous cryptocurrency fraud ring that swindled over €460 million ($540 million) out of more than 5,000 victims worldwide. In a joint operation codenamed Operation Borrelli, law enforcement agencies from Spain, Estonia, France and the US joined forces to take down the cybercrime gang. |
2025-06-30 Read more on The Hackers News (thehackernews.com) |
A New Zero Day in the Wild: Google Chrome Gets a Critical Fix |
 Google patches critical zero-day bug in Chrome after exploit spotted in wildA zero-day vulnerability has been identified in Google's popular Chrome web browser, prompting the company to rush out an emergency security update. The flaw, tracked as CVE-2025-6554 and carrying a CVSS (Common Vulnerability Scoring System) rating of N/A, is a type confusion issue affecting the V8 JavaScript and WebAssembly engine. If exploited, it could allow a remote attacker to execute arbitrary code on affected systems. Google has released an update to resolve this issue in versions prior to 138.0.7204.96. |
2025-07-01 Read more on The Hackers News (thehackernews.com) |
TA829 and UNK_GreenSec Unite Forces in Coordinated Malware Assault |
 The tactics used by the RomCom RAT attackers bear an uncanny resemblance to those employed by a group responsible for unleashing TransferLoader, according to cybersecurity researchers. Proofpoint has linked the activity associated with TransferLoader to UNK_GreenSec and TA829, who are also behind RomCom RAT attacks. The similarities between these threat actors suggest a possible overlap in their operations or even a shared origin. |
2025-07-01 Read more on The Hackers News (thehackernews.com) |
A critical vulnerability has been found in Anthropic’s Machine Learning Compiler (MCP) which leaves developer machines at risk of remote exploits. |
 Blight on the AI Front: Critical Vulnerability Found in Anthropic's Model Context Protocol Inspector ProjectCybersecurity experts have unearthed a serious weakness in Anthropic's MCP Inspector, an AI project that could grant malicious actors unfettered access to hosts through remote code execution. The vulnerability, tagged CVE-2025-49596, boasts a CVSS score of 9.4 out of a possible ten, indicating its potentially catastrophic consequences. |
2025-07-01 Read more on The Hackers News (thehackernews.com) |
Phishy Documents: Cyber Thieves Dress Up as Microsoft and More in Deceptive Callback Attacks |
 Phishing Campaigns Misusing Popular Brands and Phone Numbers Pose Growing Threat Security specialists are highlighting a developing trend where phishing attacks mimic well-known brands, causing targets to contact malicious phone lines run by the attackers. This tactic combines impersonation with the Telephone-Oriented Attack Delivery technique, demonstrating a sophisticated approach in the ongoing fight against cyber threats. |
2025-07-02 Read more on The Hackers News (thehackernews.com) |
A Tale of Web3 Woe: How North Korea's Nim Malware Took a Bite Out of BabyShark Campaigns |
 North Korean hackers have been found to be using malicious software written in Nim programming language to target businesses involved with Web3 and cryptocurrencies. This new tactic marks an evolution from previous methods used by these threat actors. The malware injects processes and uses wss, a TLS-encrypted WebSocket protocol for remote communications, making it a notable exception among macOS-based threats. |
2025-07-02 Read more on The Hackers News (thehackernews.com) |
Here's my proposed title for that news piece: "Cybersecurity Shocks: Chrome Zero-Day Flaw, Stealthy macOS Malware & Cryptocurrency Crimes on the Rise". |
 While robust security systems exist to protect against potential threats, they can still be breached if key checks are missed or trusted tools are misused.Most cyber attacks don't begin with loud alarms; they quietly infiltrate networks through the small, seemingly insignificant details we often overlook. A minor bug, reused passwords, or an unnoticed connection can prove enough to compromise even the most robust defences.To stay secure, it's not just a matter of reacting quickly when threats arise, but also catching those early warning signs before they develop into full-blown attacks. |
2025-07-07 Read more on The Hackers News (thehackernews.com) |
Freezing Out Crime: Supermarket Chain Fights Shoplifting with Facial Recognition |
 Iceland has sparked outrage from privacy advocates by introducing facial recognition cameras in some of its stores. The tech is set to scan customers, with the retailer claiming that it will help combat crime. Critics have lambasted Iceland for implementing such measures as "Orwellian", comparing them to Big Brother's all-seeing eye. However, the company stands firm on its decision, asserting that FRT is necessary in order to curb violent crime. |
Proton Takes Aim at Apple, Joins Battle to Reckon with Closed App Store Policies |
 Proton joins lawsuit against Apple over anticompetitive practicesSwitzerland-based email encryption specialist Proton Mail is backing a complaint filed in the US alleging Apple's closed ecosystem harms software development, user choice, and privacy.The tech giant's strict control over apps on its App Store and App Clip store are the focal points of this antitrust lawsuit. Proton has become one of several prominent companies to join this action against the tech giant, which makes various claims about the costs and consequences of Apple's practices. |
Cl0p Gang's Data Theft Tool Flaw Exposes Targets to Remote Code Execution Attacks |
 Cyber security specialists claim there will be little consequence from a new exploit of a flaw found in an important utility used by notorious criminal hackers. The tool, called MOVEit, is utilised by the Cl0p crime syndicate for data theft operations across various high-profile targets. According to experts, however, the vulnerability may not significantly impact the group's activities as they could easily update and adapt their software. |
Title: 'Ransomware Outage: Ingram Micro's Multi-Day Downtime a Cautionary Tale' |
 Ingram Micro, a major technology distributor, suffered a serious cyber attack on Tuesday as hackers using the SafePay group disrupted its global network. The company confirmed it was attempting to get back online after detecting ransomware which encrypted several of its databases and servers. This is another reminder for companies to invest in robust security measures against an increasingly sophisticated threat landscape. |
Cloud-First Cyber Defence: Why Cloud-Native Security is Crucial for Resilience in Modern IT |
 Modern cyber threats necessitate robust, cloud-native defences as outdated architectures struggle to cope with evolving risks.Organisations are investing heavily in cyber resilience tools, training and processes to counter increasingly sophisticated attacks. However, many IT and security teams remain hamstrung by legacy technology infrastructure designed for 2015's challenges rather than today's reality.This is a major issue since organisations will only be able to respond effectively if they adopt modern, cloud-based defences that are capable of keeping pace with rapidly changing threats. Anything else will leave them woefully exposed to cyber attacks. |
Cloud Service Provider Oracle Scores Chinese Business with Flexible Infrastructure Deal |
 Cloud Computing Boom Fuels Oracle's Surprising Revenue GrowthOracle has defied expectations with a revenue increase thanks to strong demand for its cloud services. The company's earnings have been bolstered by an astronomical rise in customers seeking non-artificial intelligence (AI) cloud solutions. Infrastructure as a Service (IaaS), which provides businesses with virtual computing resources, has seen significant growth. This surge in demand highlights the increasing reliance on cloud-based services and Oracle's ability to adapt to this trend. |
AI coding tools are the chums who lend you a helping hand but might stab you in the back at any moment. |
 Developers have mixed feelings about AI coding tools - while appreciating productivity gains, they often question their accuracy. A new study highlights the uneven distribution of benefits among developers using these robo-coding tools. Some see improved efficiency and reduced errors, while others struggle with unreliable outputs. This finding reveals a nuanced view of AI in software development, where the advantages are undeniable but trust remains an issue. |
Taiwan's Tech Giant Bolsters East Asian Connections |
 Global chip manufacturer TSMC expands its reach by partnering with the University of Tokyo for a joint research lab, marking their first collaboration with a foreign institution. This strategic move is seen as a response to concerns over the unpredictable approach of the US government towards foreign technology companies in Taiwan. By diversifying its partnerships, TSMC aims to strengthen its presence in Asia and mitigate potential risks associated with an uncertain future US policy landscape. |
Google Cloud Takes the Lead, Launching Nvidia RTX PRO 6000 Server Virtual Machines |
 Nvidia's Blackwell GPUs are now available on Google Cloud. This marks a significant development as it is claimed that Google Cloud is the first cloud provider to offer these cutting-edge graphics processing units. The inclusion of Nvidia's latest technology aims to improve performance and enhance user experience in applications requiring extensive graphical power such as machine learning, data analytics, and more. |
Chinese Memory Maker YMTC Sues US Rival Micron Over Defamation Rather Than Patent Disputes |
 Chinese memory chip manufacturer Yangtze Memory Technologies has lodged a defamation claim against US-based chip giant Micron, alleging a malicious PR campaign that spread damaging information about its business. Yangtze claims Micron orchestrated a smear campaign involving unfavourable press releases and reports to harm the Chinese company’s reputation in the global market. This move marks another chapter in an increasingly tense competition between the two memory chip manufacturers as tensions rise over trade disputes and intellectual property theft allegations between China and the US. |
Fad Fizzles: How Vibe Coding is being Replaced by the New Kid on the Block - Vine Coding |
 It seems like the topic of AI has struck a chord with readers. With more frequent mentions of it in the news and media, the debate over its impact on society rages on. While some see it as a force for good, bringing about efficiency and innovation, others are concerned about its potential consequences. As our reliance on technology grows, so does the importance of discussing AI's effects on our lives. |
Hard Disk Drives Headed For Obsolescence: A Descent into Digital Decline? |
 HDD Sales to Non-Hyperscale Firms Plummet, Analysts WarnIn early May, renowned digital storage expert Thomas Coughlin revealed a concerning trend: HDD sales and revenue have been on the decline since approximately 2010. His analysis points to a staggering drop from around 600 million annual hard disk shipments in that year.Coughlin's findings highlight the increasingly rare nature of HDD sales among non-hyperscale outfits, hinting at a seismic shift towards solid-state drives and cloud storage solutions. This trend underscores the accelerating obsolescence of traditional hard disk drives in the modern digital landscape. |
Here's a possible headline: Top Sweat-Be-Gone Headphones for Your Toughest Gym Sessions (2025 Review). |
 Cyber security professionals must be prepared to tackle an onslaught of threats in today's digital landscape. A good pair of headphones is not just for music lovers anymore. It could also prove essential when dealing with data breaches or online invasions. This week, we highlight the best sweatproof and tangle-proof headphones that can withstand even the most rigorous workouts while keeping your ears entertained during a marathon hacking session. |
2025-06-11 Read more on Wired (www.wired.com) |
The Browsing Game - Cybersecurity Experts Question Privacy Implications of Novel Matchmaking Technique |
 Browser Dating's New Feature Raises Privacy ConcernsA new dating website has sparked controversy with its use of artificial intelligence to analyse users' browsing history. The site takes the last 5000 internet searches for each user and generates a "browsing personality profile". This raises concerns about online privacy, as it may disclose personal information without consent.The feature is designed to help match users based on their interests and preferences. However, critics argue that it breaches users' trust by revealing their browsing habits. |
2025-06-11 Read more on Wired (www.wired.com) |
Cheap and Capable Coders: The Rise of Affordable AI That's Taking On Entry-Level Roles |
 AI tools for writing, design, and other creative tasks are becoming increasingly affordable and accessible. While they save organisations money compared to employing professionals, they also risk undermining job opportunities in these fields. As technology continues to advance, AI is becoming more adept at producing high-quality content that was previously the domain of skilled human workers. The trend threatens jobs in industries like journalism, graphic design, and software development. |
2025-06-12 Read more on Wired (www.wired.com) |
Amazon Scam Alert: Tips to Steer Clear of Rogue Sellers and Dodgy Goods |
 Amazon's messy marketplace can be a minefield for unwary shoppers. Be cautious when selecting products from unverified or third-party sellers as they may offer dodgy merchandise at suspiciously low prices. Don't trust glowing reviews, some may even be faked to boost sales. Keep an eye out for 'Fulfilled by Amazon' and 'Amazon's Choice' labels which indicate verified quality. Additionally, use the 'Price+Shipping: Lowest Price' filter when comparing deals. |
2025-06-12 Read more on Wired (www.wired.com) |
How to Dodge Big Brother in the Digital Wild West |
 As we head into an era of increasingly sophisticated surveillance, protesters must take steps to safeguard their personal data and maintain anonymity. With law enforcement agencies at their disposal a plethora of tools for tracking people's movements and intercepting communications, those who wish to remain under the radar during demonstrations need to be prepared.To begin with, using public Wi-Fi can be a major privacy risk as it is not encrypted. Protesters should opt for mobile data instead, which offers greater security even when you are on the move. Also, avoid social media – this allows authorities to build up profiles of individuals and their affiliations. |
2025-06-12 Read more on Wired (www.wired.com) |
China's Lunar Explorer Makes its Way Towards Our Earth's Natural Satellite |
 British Cyber News: The UK’s top cybercrime agency, GetSafeOnline.org, is warning people about a new phishing scam that uses convincing emails and social media messages to trick victims into installing malware. These attacks often appear as seemingly innocuous links or attachments from trusted sources, but are actually malicious files that can steal personal data or lock devices for ransom. Experts advise being cautious with unfamiliar links and keeping software up-to-date to avoid falling victim to these cyber threats. |
2025-06-13 Read more on Wired (www.wired.com) |
Mattress Testing Whiz Digs Deep into Eco-Friendly Certifications: The Lowdown on What Truly Matters in 2025 |
 The term "natural" is often a misnomer when applied to mattresses and bedding. A "natural" product typically contains fewer synthetic materials. However, it can also be vague, so some items may include man-made components. When shopping for natural mattresses, look for the Global Organic Textile Standard certification to ensure organic cotton or other certified sustainable materials have been used in their production |
2025-06-13 Read more on Wired (www.wired.com) |
Here's my version of a title for the article, with a cybersecurity twist:"Secure Your Luggage: The Safest Packing Cubes for Travellers in 2025, Put to the Test" |
 Packing cubes - the unsung heroes of travel organisation. Whether you're a seasoned backpacker or a glamourous globe-trotter, these little wonders will make your luggage woes a thing of the past. No more rummaging through your suitcase to find that one pesky item; packing cubes keep everything tidy and easily accessible. Choose from lightweight mesh options for breathability or durable fabric cubes for added protection - there's something for every type of traveller. Say goodbye to cluttered luggage and hello to a stress-free journey with the perfect packing cube for you. |
2025-06-13 Read more on Wired (www.wired.com) |
Bots and Barricades: How Automated Trolls Fuelled Los Angeles Riots |
 "Uncanny Valley", a podcast discussing politics and online disinformation, addresses recent protests in Los Angeles. The spread of disinformation has been prevalent, with social media platforms struggling to contain it. This issue is not unique to LA, as many cities worldwide face similar problems. Hosts discuss the challenges posed by this phenomenon, including its impact on public opinion and the need for more effective moderation techniques. |
2025-06-13 Read more on Wired (www.wired.com) |
Tech-Savvy Protestors Foil Government Surveillance with Low-Tech Tools |
 Military Intelligence Keeping Tabs on Homemade ICE Detention Tracking ToolsReports have emerged that army intelligence analysts are closely watching homemade software tracking the whereabouts of Immigration and Customs Enforcement (ICE) detention centres. This move comes amid mounting anti-ICE protests across America. The trackers allow users to locate facilities holding detainees, often revealing information not publicly disclosed by authorities. |
2025-06-13 Read more on Wired (www.wired.com) |
Sixty Unremarkable Amazon Prime Perks to Confound Your Boredom (And Possibly Help Save Some Bucks) |
 Amazon Prime Day 2025 promises to offer even greater deals for loyal members, but non-subscribers could be left disappointed. This year's extravaganza is expected to boast the usual discounts on popular products, alongside some exciting new perks for prime members. The two-day shopping event will likely feature a wide array of savings on everything from electronics and home appliances to outdoor gear and books. |
2025-06-14 Read more on Wired (www.wired.com) |
Firefox Flaws Exposed: Multiple Zero-Day Bugs Threaten Browser Security |
 Multiple security flaws have been uncovered in Mozilla's software suite, potentially allowing hackers to inject malicious code and wreak havoc on affected systems. The most severe vulnerability exists within Mozilla Firefox, a web browser used for accessing the internet, as well as its Enterprise version, Firefox ESR. Another product compromised is Mozilla Thunderbird, an email client. If exploited, this weakness could permit arbitrary code execution, granting attackers elevated privileges to install programs, modify data or accounts, and create new user accounts with full administrative rights. Users with limited system access may be less impacted than those running as administrators. |
2025-04-03 Read more on Center for Internet Security (www.cisecurity.org) |
SonicWall SMA 100 Series Flaw Exposed to Remote Exploitation |
 Cybersecurity Alert: SonicWall SMA Vulnerability Exposed - Threatens Remote Code ExecutionA recently discovered flaw in SonicWall's Secure Mobile Access (SMA) 100 Management Interface puts businesses at risk of a serious cyber attack. The vulnerability, which could be exploited remotely, allows for code execution and poses a significant threat to organisations worldwide that utilise the unified secure access gateway to provide employees with remote application access. |
2025-04-23 Read more on Center for Internet Security (www.cisecurity.org) |
Mozilla Security Flaws Put Users at Risk: Exploiting Weaknesses in Popular Browsers and Software. |
 Multiple vulnerabilities have been uncovered in Mozilla products, the most serious of which potentially allows attackers to run arbitrary code. These flaws impact Firefox and Thunderbird across both standard and ESR versions, with critical implications for system security. Successful exploitation could allow malicious actors to install programmes, view, modify or delete data, create new user accounts, or conduct other actions based on their level of user privilege. |
2025-04-29 Read more on Center for Internet Security (www.cisecurity.org) |
SonicWall SMA 100 Series Flawed - Remote Code Execution Looms Over Unpatched Vulnerabilities |
 British English version:Critical vulnerabilities have been identified in SonicWall Secure Mobile Access (SMA) 100 Management Interface, which could allow malicious attackers to execute arbitrary code remotely. The SMA gateway is widely used by organisations for secure access to applications from any location. Exploiting these flaws in combination could result in remote code execution, potentially leading to session hijacking and complete system takeover. |
2025-05-05 Read more on Center for Internet Security (www.cisecurity.org) |
Fortinet's Flawed Defences: Multiple Vulnerabilities Exposed to Attackers, Leaving Networks at Risk of Critical Exploit |
 Multiple vulnerabilities found in Fortinet products could allow arbitrary code execution, potentially granting attackers admin rights and giving them full control over systems. The affected products include network management solutions, application delivery controllers, log analytics platforms, endpoint management tools, video surveillance software, firewalls and more. Fortinet is advising users to update their products as soon as possible to patch the vulnerabilities. |
2025-05-13 Read more on Center for Internet Security (www.cisecurity.org) |
Title proposal: 'Multiple Flaws in Ivanti Endpoint Manager Mobile Software Expose Systems to Distant Code Execution' |
 Cybersecurity researchers have uncovered several vulnerabilities in Ivanti Endpoint Manager Mobile software. The most critical flaw allows attackers to execute malicious code remotely and potentially gain privileged access to systems if exploited. This issue highlights the importance of keeping endpoint security up-to-date across all devices. Organizations should promptly address these weaknesses to protect their mobile endpoints from potential threats. |
2025-05-15 Read more on Center for Internet Security (www.cisecurity.org) |
Title Proposal: "Critical Flaws Found in Google Chrome, Potentially Exposing Users to Malicious Code" |
 Severe Flaws Found in Google Chrome Browser Multiple critical vulnerabilities discovered in Google's Chrome browser, one of which could permit arbitrary code execution for logged-on users. Successful exploitation by an attacker may allow them to install programs, view, change or delete data, and create new accounts with full user rights if the affected user has administrative privileges on their system. |
2025-06-03 Read more on Center for Internet Security (www.cisecurity.org) |
Australian National University's Vice-Chancellor's Social Media Blunder |
 A cyber security expert has revealed that Australian National University (ANU) is investigating a possible hacking incident after their vice-chancellor's LinkedIn account 'liked' inflammatory posts about Gaza and Julie Bishop, the ANU chancellor. Genevieve Bell's account seemingly liked several highly offensive posts, including one criticising the university and another attacking Ms Bishop, a former foreign minister. |
AsyncRAT Malware Spreads via Phishing Campaign Targeting Travellers to Fake Booking.com Sites |
 Cyber thieves are sharpening their claws ahead of the festive period, as a wave of AsyncRAT malware is set to sweep across the globe. This insidious strain is designed to siphon sensitive data from unsuspecting victims and wreak havoc on digital systems. As cybercrime gangs ramp up their activities in anticipation of heightened online activity during the holiday season, businesses and consumers must remain vigilant to avoid becoming a target. |
2025-06-02 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Chrome Users Advised to Update Following Urgent Patch for Highly Exploited Flaw |
 Google Chrome users are advised to update their browser immediately, as a recent patch addresses three critical security vulnerabilities. The most pressing issue is an actively exploited zero-day flaw in the browser's V8 JavaScript engine. This bug enables remote code execution attacks when processing maliciously crafted web pages.In addition to this, the update also fixes two other security flaws: one in the Skia graphics library and another related to out-of-bounds memory access in the media framework. |
2025-06-04 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Adult Websites Blockade Looms Large Over French Internet Users |
 A number of major adult websites have blocked French internet users, sparking outrage among fans of online smut. The move comes after French authorities demanded the introduction of age verification measures to prevent minors accessing adult content.The companies behind several top sex sites, including PornHub and YouPorn, say they cannot meet the demands as it would cost tens of millions of euros. |
2025-06-05 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Google Chrome: The Browser for Every OS - A Step-by-Step Guide to Keeping Your Chrome Updated and Secure |
 Chrome users, listen up! Here's a rundown on updating the browser on various operating systems. Firstly, Windows users can check for updates via Settings > Help and about Google Chrome, or simply type chrome://help in the address bar. Mac users should visit the Apple App Store to update Chrome. Linux enthusiasts can update through the terminal by running 'google-chrome --version' and following prompts. Chrome OS fans need only click the settings cog icon and select About Google Chrome. For Android, open Google Play store, search for Chrome, then tap Update if available. Finally, iOS users must navigate to App Store > Updates for the latest Chrome version. |
2025-06-06 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Title: Don't Get Duped: Your Guide to Reporting Online Scams and Keeping Safe on the Internet |
 Online scammers are rife, with hundreds of thousands of people falling victim every year. Reporting such crimes is crucial in stopping them in their tracks. Here's a list of organisations you can turn to if you've been fleeced:* Action Fraud: The UK's national fraud reporting centre* Scamwise: Part of the Action Fraud website, offering advice and information on scams* Consumer Protection Scotland (CPS): Reporting cybercrime in Scotland* National Trading Standards: For complaints about businesses and trading practices |
2025-06-09 Read more on Malwarebytes Labs (www.malwarebytes.com) |
Protecting Patient Data: Unpacking the Enhanced ADHICS v2.0 for UAE's Digitalised Healthcare |
 As digital transformation takes hold in healthcare, the stakes have never been higher. Medical data is big business on the black market due to its long shelf life and rich pickings of personal information. Unlike financial records, medical histories remain fresh for years, full of juicy details like insurance info, payment histories, and more. Criminals can use this to steal identities, pull off insurance scams or even fake up dodgy medical records. In the high-pressure world of hospitals, time is short but cyber threats are a long-term worry. |
2025-06-09 Read more on Tripwire (www.tripwire.com) |
Mexico's Digital Dawn - A Rapid Rise Brings Cyber Risks |
 Mexico's Digital Revolution Leaves Cybersecurity Lagging BehindAs Mexico rapidly transforms through nearshoring, cloud adoption and e-commerce expansion, its digital infrastructure is increasingly vulnerable to cyber threats. The country's recent progress has outpaced cybersecurity preparedness, placing it among the top six most-targeted countries globally for cyberattacks, according to a 2023 report. |
2025-06-10 Read more on Tripwire (www.tripwire.com) |
WhatsApp's New Blunder: A Gateway to Total Network Infiltration? |
 Meta, the parent company of WhatsApp, has revealed a critical security vulnerability in its messaging app for Windows. Tracked as CVE-2025-30401, this bug could potentially allow remote attackers to execute arbitrary code on victim systems. The flaw affects all versions prior to the latest patch, highlighting the importance of keeping software up-to-date. This vulnerability serves as a reminder that even popular apps like WhatsApp are not immune to security breaches and that users should remain vigilant in protecting their digital lives. |
Victoria's Secret Data Breach - The Unspoken Details Revealed |
 Victoria's Secret, the renowned lingerie and fashion retailer, has had its US e-commerce website taken offline after a confirmed cyber attack. The company is also limiting some in-store services while they investigate the incident. However, details of the breach remain scarce. Cybersecurity professionals have been called in to assess the situation. This move will undoubtedly cause inconvenience for customers who rely on Victoria's Secret's online platform. As more information becomes available, it may become clearer how extensive the impact of this cyberattack is on the company's operations and customer data. |
Operation Net Shield: Global Cyber Policing Unit Dismantles Over 20,000 Rogue IP Addresses in Landmark Cybercrime Clampdown |
 INTERPOL's Operation Secure: Global Efforts Yield Thousands of Malicious IP TakedownsIn a significant blow against cybercrime, INTERPOL has announced the results of Operation Secure, a joint international effort targeting information-stealing malware. The operation, conducted between January and April 2025 with the participation of 26 countries and leading cybersecurity firms like Group-IB, Kaspersky, and Trend Micro, has resulted in the takedown of over 20,000 malicious IP addresses and domains linked to info-stealers. |
2025-06-11 Read more on Security Affairs (securityaffairs.com) |
Forty Thousand Eyes Wide Open: The Alarming Number of Vulnerable Security Cameras Exposing Businesses and Homes |
 Forty thousand internet-exposed security cameras put global privacy and security at risk. Over forty thousand internet-accessible webcams worldwide are vulnerable to hacking due to lack of secure HTTP or RTSP access. These exposed devices stream live feeds openly via IP addresses, making them susceptible to remote hacking. This poses serious risks for users' private lives as hackers can potentially gain unauthorised access to the streams. |
2025-06-12 Read more on Security Affairs (securityaffairs.com) |
iPhone Journalist Hacked with Novel Zero-Day Exploit |
 Researchers from Citizen Lab have exposed a critical flaw in Paragon's Graphite spyware which allows it to bypass even fully up-to-date iPhones through zero-click attacks. At least two European journalists have been targeted by this malicious software, highlighting the severity of the issue. The researchers found evidence that the affected phones had contacted a Graphite spyware server, underscoring the danger posed by such unpatched vulnerabilities. |
2025-06-12 Read more on Security Affairs (securityaffairs.com) |
A Baking Disaster: Cyber Attack Hits United Natural Foods Supply Chain, Leaving Shoppers Facing Empty Loaf |
 A massive cyberattack has brought deliveries from United Natural Foods Inc., a major US-based natural food wholesaler, to a grinding halt. The company, which supplies around 70% of the fresh produce sold in Whole Foods Markets nationwide, had its systems shut down on June 5th. This has led to shortages and stockpiling at some stores due to a lack of new shipments. UNFI's cyberattack is currently being investigated by both the company and law enforcement agencies. |
2025-06-13 Read more on Security Affairs (securityaffairs.com) |
Rethinking Cyber Risk: Prioritizing Economic Impact Over Technical Details. |
 Cyber security teams are overwhelmed by a plethora of tools, vast amounts of data, and increasingly high expectations from their boards. Despite significant budgets, the question persists: what tangible business benefits do these investments yield? Chief Information Security Officers (CISOs) provide reports on implemented controls and vulnerability assessments; however, executives seek a more nuanced understanding of cyber risks, factoring in financial exposure, operational disruption, and potential loss prevention. The industry is shifting from mere compliance checklists towards quantifying the tangible impact of security measures on the bottom line and organisational resilience. |
2025-06-05 Read more on The Hackers News (thehackernews.com) |
Chrome Extensions Exposed: API Keys and User Data Leaked Through HTTP, Hard-Coded Credentials Vulnerability Discovered |
 Symantec cybersecurity experts have identified multiple popular Google Chrome extensions that leak user data over unencrypted HTTP connections and hardcode secrets into their code. This vulnerability exposes users to privacy risks and potential cyber attacks, even when not actively browsing affected sites. The exposed extensions include: a) Avast Online Security; b) AVG Secure Search; c) Malwarebytes Anti-Malware Free; and d) Web of Trust. |
2025-06-05 Read more on The Hackers News (thehackernews.com) |
Microsoft Aids Indian Authorities in Shuttering International Call Centre Operation Perpetrating Tech Support Scams on Japanese Consumers |
 India's Central Bureau of Investigation (CBI) has arrested six individuals and closed two illegal call centers operating a complex transnational tech support scam targeting Japanese citizens. On May 28, the agency carried out coordinated raids at 19 locations across Delhi, Haryana, and Uttar Pradesh. The scam centres were allegedly operated by an organised criminal gang using sophisticated techniques to deceive victims into paying for unnecessary IT services. |
2025-06-06 Read more on The Hackers News (thehackernews.com) |
A Perilous Plague: 'New' Atomic macOS Malware Targets Apple Enthusiasts via ClickFix Weakness |
 Researchers at CloudSEK have discovered a malware campaign targeting macOS users that leverages the ClickFix tactic and typosquats to trick victims into downloading the Atomic macOS Stealer (AMOS), an information stealer. The campaign serves malware via domains mimicking U.S.-based telecom provider Spectrum, highlighting the importance of vigilance when encountering unsolicited links on unfamiliar websites. |
2025-06-06 Read more on The Hackers News (thehackernews.com) |
OpenAI Cracks Down on Rogue Chatbots: A Bold Move Against State-Sponsored Hacking? |
 OpenAI has revealed that it recently banned a set of ChatGPT accounts operated by threat actors from Russia and China, likely nation-state groups using AI for nefarious activities such as malware development and social media automation. The Russian-speaking group allegedly used the platform to develop and refine malicious software and spy on U.S. satellite communications technologies, while the Chinese hacking groups are thought to have been involved in spreading disinformation online. |
2025-06-09 Read more on The Hackers News (thehackernews.com) |
Five Critical Security Flaws Exposing Shadow IT to Data Breaches and Cyber Attacks |
 You don't need an insider for data breaches. Unsuspecting employees with free trials that weren't cancelled and personal Google Drive syncing can expose sensitive information. Personal Gmail accounts linked to business-critical tools are also a threat. Shadow IT today goes beyond unauthorised apps, including dormant accounts, unmanaged identities and over-permissioned SaaS subscriptions that leave organisations vulnerable. |
2025-06-09 Read more on The Hackers News (thehackernews.com) |
Chrome Zero-Day Exploit, Malware Wipes Data and iPhones Hit with Zero-Click Attacks. |
 Behind every security alert lurks a more significant tale - one of flawed design, hidden vulnerabilities or subtle abuse. A well-crafted warning is just the tip of an iceberg, concealing the real story beneath. This week we delve deeper to uncover what truly matters: the design flaws that leave us exposed, the silent misuse of power and the gaps in control that threaten us all. If you're responsible for security, knowing where to look makes all the difference between a false alarm and a genuine threat. |
2025-06-09 Read more on The Hackers News (thehackernews.com) |
Google Vulnerability Revealed: Expert Discovers Means to Expose Phone Numbers Associated with Accounts |
 Google has plugged a significant security hole that could have allowed hackers to guess phone numbers for account recovery and potentially breach user privacy. The flaw was unearthed by Singaporean researcher "brutecat" and stems from a weakness in Google's account recovery feature. To exploit the vulnerability, however, multiple moving parts had to be put in place, limiting its potential impact. Nonetheless, the issue has been resolved, ensuring users' accounts remain more secure. |
2025-06-10 Read more on The Hackers News (thehackernews.com) |
Proposed Article Title:The Invisible Menace in Your Infrastructure: Unveiling the Risks of Inadequate Non-Human Identity Management |
 In a world of intricate enterprise networks, the job of keeping things running smoothly falls to some unsung heroes: non-human identities (NHIs). These aren't just any identities - we're talking about application secrets, API keys, service accounts, and OAuth tokens here. Their numbers have ballooned in recent years, brought into being to ensure our modern networks operate without human intervention. |
2025-06-10 Read more on The Hackers News (thehackernews.com) |
DNS Shield: The Unsung Hero of Cyber Defences |
 The oft-overlooked yet vital bastion of internet security: the Domain Name System or DNS. Often overlooked in favour of firewalls and antivirus software, this critical component is becoming an increasingly popular target for hackers. As the entry point for nearly all online interactions, an unsecured DNS can be a single point of failure for even the most robust network defence systems. It's time to give it the attention it so rightly deserves. |
2025-06-11 Read more on The Hackers News (thehackernews.com) |
Title: "Apache Tomcat Under Siege: Over 290 IP Addresses Unleash Widespread Brute-Force Assaults" |
 A warning has been issued by cyber security firm GreyNoise regarding a surge in brute-force attacks on Apache Tomcat Manager interfaces. The company detected an increase in attempts to login to these services on June 5, suggesting malicious actors are attempting to find and exploit exposed servers at scale. A total of 295 IP addresses have been found to be involved in this activity, highlighting the potential for coordinated action by cyber criminals. |
2025-06-11 Read more on The Hackers News (thehackernews.com) |
ConnectWise Forces Rotation of ScreenConnect Code Signing Certificates Over Security Concerns |
 ConnectWise is revamping the digital certificates used to sign its software, including ScreenConnect, ConnectWise Automate and remote monitoring products. This decision follows security concerns raised by an independent researcher regarding the handling of configuration data in older versions of ScreenConnect. The certificate rotation aims to strengthen the overall security posture of these tools. |
2025-06-12 Read more on The Hackers News (thehackernews.com) |
Battling the Shadows: Understanding and Countering Non-Human Digital Threats |
 Human identity management systems are robust, but managing non-human identities, or machine identities, poses a different challenge altogether. GitGuardian has developed an end-to-end Non-Human Identity (NHI) security platform to address this issue. As enterprises increasingly rely on digital technologies, ensuring the secure management of machine identities is crucial for protecting against cyber threats. |
2025-06-12 Read more on The Hackers News (thehackernews.com) |
Microsoft 365 Users Caught Off Guard by Zero-Click AI Security Flaw |
 EchoLeak: A Sneaky AI Vulnerability in Microsoft 365 Copilot Exposes Sensitive Data A zero-click AI vulnerability, known as EchoLeak, has been identified in Microsoft's 365 Copilot service, allowing attackers to steal sensitive data without any user interaction. With a CVSS score of 9.3 out of 10, this high-risk flaw has been assigned the identifier CVE-2025-32711 and does not require any action from customers to exploit it. |
2025-06-12 Read more on The Hackers News (thehackernews.com) |
Title: Securing AI's Hidden Backdoors - Uncover and Protect Your Secret AI Assets |
 Artificial intelligence is revolutionising our lives, but it's also creating new security threats if we're not careful. AI agents, chatbots and automation scripts are all using background identities such as API keys, service accounts and OAuth tokens to operate without being seen. If these aren't properly secured, they can be exploited by hackers for nefarious purposes, potentially leading to devastating breaches of our privacy. |
2025-06-12 Read more on The Hackers News (thehackernews.com) |
Beware, old chap! "Newfangled TokenBreak Malware Evades AI Censorship with Sneaky Text Tweaks" |
 Researchers have unearthed a cunning technique dubbed TokenBreak which can subvert even the most robust large language models with just a single character substitution. This devious tactic exploits vulnerabilities in the text classification models' tokenisation strategies, causing them to produce false negatives and rendering the content moderation safeguards all but ineffective against targeted attacks. |
2025-06-12 Read more on The Hackers News (thehackernews.com) |
WordPress Sites Turned Crime Tools: Uncovering the Widespread Deception of VexTrio and Associates |
 It appears we have a rather extensive network of nefarious actors at play here, operating under the VexTrio banner. These cybercriminals run multiple traffic distribution services like Help TDS and Disposable TDS, all aimed at spreading malicious content far and wide. They seem to be quite organised in their approach, using these platforms as part of a larger operation designed to dupe innocent users with scams and potentially harmful software. |
2025-06-12 Read more on The Hackers News (thehackernews.com) |
Malicious Discord Invites Spreading Malware to Cryptocurrency Holders |
 Here's an alternative version of the article, keeping within the 700 character limit:A cunning malware campaign is spreading via Discord due to a weakness in its invitation system. Skuld and AsyncRAT have been used by hackers to target unsuspecting users. The malicious links were created through vanity link registration, which silently redirects people from trusted sources to infected servers, allowing the malware to install itself unnoticed. |
2025-06-14 Read more on The Hackers News (thehackernews.com) |
Ukraine hits back at Russia with cyber-blast against warplane manufacturer |
 Ukrainian cyber warriors strike at heart of Putin's war machine.Russian state-owned plane manufacturer Tupolev's server breach is a significant blow to Moscow's airpower as Ukrainian hackers target the backbone of Russia's strategic bombers. This sophisticated attack highlights Ukraine's increasingly effective use of cyber warfare, showcasing the country's growing countermeasures against the Kremlin's military might. |
Unwelcome guest: AI-powered security fails to kill off persistent vulnerability |
 Cybersecurity experts have finally fixed a pesky path traversal vulnerability that they initially detected back in 2010 and posted about online. Despite the long-standing bug, it managed to evade the efforts of countless developers attempting to vanquish it over the years. Its persistence has left many questioning how such a glaring oversight could have endured for so long, highlighting the importance of vigilance in software development. |
The Feds Set Loose a $10 Million Bounty on RedLine Stealer Dev and Russian Conspirators |
 The US Government is offering a substantial reward of up to $10 million for information about foreign government-backed cyber threats related to the notorious RedLine malware. This malware has been linked to one suspected developer: Maxim Alexandrovich Rudometov. Any information that leads to bringing these cyber criminals to justice could result in a handsome sum, so if you have any intel on Rudometov and his associates, it may be worth cashing in! |
US Seizes £5.8 Million Laundered by Rogue North Korean IT Gang |
 US authorities seek return of $7.74m frozen funds tied to alleged N Korea IT scamA sum of $7.74 million in cash has been on ice since 2016 when the US Department of Justice charged two individuals suspected of being involved in a North Korean cybercrime gang.The duo allegedly carried out hacking operations targeting online gaming sites, with stolen funds then laundered through banks worldwide, including in the US.US authorities have now formally asked that the frozen assets be released back into circulation to compensate victims of these attacks. |
China's asteroid-and-comet chaser sends out solar sail. |
 The Asia news report highlights the deployment of a solar wing by China's Tianwen 2 space probe. This development is significant as it indicates the probe is preparing to begin its scientific mission in space. The move comes ahead of the 30th anniversary of the June Fourth incident, with China implementing strict internet censorship nationwide. Additionally, the article notes Amazon Web Services' expansion into Taiwan, where it has launched a data centre to reduce reliance on mainland China. |
Critical Wazuh Vulnerability Exploited in Global Mirai Botnet Outbreak. |
 Mirai Malware Variants Spread via Wazuh Vulnerability Attacks Multiple cyber threats have been discovered exploiting a critical Wazuh security software flaw, allowing malicious actors to spread Mirai variants. This marks the first reported attacks following the disclosure of the code execution vulnerability.Cybercriminals are targeting servers hosting open-source XDR/SIEM providers with these attacks, putting those services in their crosshairs as well. Experts warn that organisations using Wazuh should implement security patches and updates to protect against these threats. |
From Intelligence Gathering to Real-World Response: Turning Threat Insights into Proactive Security Measures |
 In the ongoing battle against ransomware scoundrels, timing is everything. The moment a fresh security warning hits the headlines or a menacing new ransomware outbreak rocks the digital world, corporate leaders are sure to ask: 'Are we protected?' This query, while well-intentioned, often betrays a misunderstanding of what true preparedness entails.Having robust backup systems and up-to-date software in place is certainly important, but it's only half the battle. A comprehensive security strategy must also include employee education, regular drills, and continuous monitoring to stay ahead of these evolving threats. |