Security

Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it

As the security industry braces itself for a post-quantum world – and the dreaded changeover of pretty much every piece of encrypted technology in existence – there's a new buzzword coming to town, and it's called “cryptographic inventory.” Cybernews explains what it is and why you'll be hearing about it for the next 10 years.
Read more about Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it

Qantas offers more clarity on recent data breach

Australian airline Qantas has shared more details on the recent cybersecurity incident that affected the company.
Read more about Qantas offers more clarity on recent data breach

“Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature

While still in beta, the feature has already received some backlash, despite its good intentions.
Read more about “Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature

This MacBook malware lets Russian hackers remotely control your device

A fake job interview on LinkedIn might end with hackers accessing your MacBook with this new, dangerous malware upgrade.
Read more about This MacBook malware lets Russian hackers remotely control your device

Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions

The latest Android devices are vulnerable to a new method of “tapjacking,” which enables hackers to use screen animations to make security prompts invisible and trick users into granting dangerous permissions and unauthorized access.
Read more about Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions

5.1M private files of job seekers just got exposed. Here’s what we know

A job search platform exposed over 5 million resumes, putting millions of job seekers at risk of identity theft and targeted scams.
Read more about 5.1M private files of job seekers just got exposed. Here’s what we know

Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users

Eighteen extensions had a “squeaky clean” codebase, sometimes for years, until a version bump turned them into dangerous trojans without any user input. Security researchers warn that over 2.3 million users have just been compromised, but there are many more extensions lurking.
Read more about Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users

Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so

Businesses and organizations in the United Kingdom should be legally required to report any major cyberattack that significantly impacts their operations.
Read more about Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so

Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio

Russian threat actors are suspected of creating AI deepfakes of US Secretary of State Marco Rubio and then using the AI-generated content to contact at least five foreign ministers and US officials, the State Department warned on Tuesday.
Read more about Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio

Hackers can target Teslas and other EVs through public chargers

Plugging an electric car into a charger creates a data link that can be abused for many attacks, a researcher warns. Hackers can attempt to steal money, data, or electricity, gain unauthorized control, or even shut down entire systems.
Read more about Hackers can target Teslas and other EVs through public chargers

iPhone wingman app leaks 160K chat screenshots

The publicly accessible bucket contained data from the iOS app FlirtAI - Get Rizz & Dates. It mainly included private chats that users wanted the AI wingman to help them reply to.
Read more about iPhone wingman app leaks 160K chat screenshots

Over 26,000 Bitcoin Depot customers learn of data breach one year later

Bitcoin Depot, a publicly traded bitcoin ATM company, has informed thousands of individuals that their sensitive data, including driver’s license numbers, may have been stolen. The breach happened a year ago, but victims are only now receiving notification letters.
Read more about Over 26,000 Bitcoin Depot customers learn of data breach one year later

SatanLock ransomware gang shuts down operation, files will be leaked

The ransomware group called SatanLock is ending its operation. All the data that it has stolen from victims will be leaked online.
Read more about SatanLock ransomware gang shuts down operation, files will be leaked

Ingram Micro struck by ransomware attack, causing ongoing system outage

Ingram Micro Holding Corporation has acknowledged that it fell victim to a ransomware attack, but refuses to share details about the incident.
Read more about Ingram Micro struck by ransomware attack, causing ongoing system outage

Linux contains dangerous secure boot flaw: hackers can bypass it with a USB stick

Physically present hackers can effectively bypass secure boot protections on modern Linux Systems and inject persistent malware. The quick fix is to modify the kernel and prevent the system from dropping into a debug shell during boot failures.
Read more about Linux contains dangerous secure boot flaw: hackers can bypass it with a USB stick

Teléfonica victim of a new data breach, hacker claims

A hacker going by the name “Rey” claims to have stolen 106GB of data from Teléfonica. The Spanish telecommunications company says it's nothing more than an extortion attempt.
Read more about Teléfonica victim of a new data breach, hacker claims

The rising threat of mobile malware: How to protect your device in 2025

The number of mobile users is increasing every year – and so do the instances of mobile malware.
Read more about The rising threat of mobile malware: How to protect your device in 2025

Hackers target vibe coders with malicious extensions for their code editors

Hackers are exploiting a dangerous loophole to target vibe coders. Cursor, Windsurf, and other AI-powered code editors can’t access the VS Code Marketplace and instead rely on riskier third-party platforms, where malicious extensions and critical flaws thrive.
Read more about Hackers target vibe coders with malicious extensions for their code editors