Security

Major security flaws found in Adobe PDF reader and ASUS system controller

Your RGB controller and PDF reader almost became cyberattack launchpads, thanks to critical flaws just uncovered.
Read more about Major security flaws found in Adobe PDF reader and ASUS system controller

Hackers hide dangerous trojan in legitimate Mac apps, targeting developers

Hackers are bundling legitimate Mac tools with a ZuRu trojan, poisoning search results to advertise compromised packages and infecting unsuspecting users, SentinelOne warns.
Read more about Hackers hide dangerous trojan in legitimate Mac apps, targeting developers

Security pros run a 36-hour war room to close a critical DeFi backdoor, likely installed by North Korean hackers

Security researchers said they've closed a critical backdoor on "thousands" of smart contracts before a threat actor managed to hit a large target.
Read more about Security pros run a 36-hour war room to close a critical DeFi backdoor, likely installed by North Korean hackers

Former US Army Lt. Col. sent defense secrets over dating site to Ukrainian love interest

A former US Army Lieutenant Colonel pleaded guilty on Thursday to sending his Ukrainian "girlfriend" classified defense secrets over a foreign dating site during the height of the Russian invasion.
Read more about Former US Army Lt. Col. sent defense secrets over dating site to Ukrainian love interest

If it’s open-source, it might come with baggage

Open-source code is open to everyone – including hackers – and with malware booming, experts warn that it’s time to watch your back.
Read more about If it’s open-source, it might come with baggage

Breach of legendary Chicago radio station exposes financial data, contracts, hackers claim

WFMT, a well-known Chicago-based radio station, was allegedly breached by a hacker group. The attackers claim they’ve taken a trove of sensitive personal and business information.
Read more about Breach of legendary Chicago radio station exposes financial data, contracts, hackers claim

Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it

As the security industry braces itself for a post-quantum world – and the dreaded changeover of pretty much every piece of encrypted technology in existence – there's a new buzzword coming to town, and it's called “cryptographic inventory.” Cybernews explains what it is and why you'll be hearing about it for the next 10 years.
Read more about Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it

Qantas offers more clarity on recent data breach

Australian airline Qantas has shared more details on the recent cybersecurity incident that affected the company.
Read more about Qantas offers more clarity on recent data breach

“Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature

While still in beta, the feature has already received some backlash, despite its good intentions.
Read more about “Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature

This MacBook malware lets Russian hackers remotely control your device

A fake job interview on LinkedIn might end with hackers accessing your MacBook with this new, dangerous malware upgrade.
Read more about This MacBook malware lets Russian hackers remotely control your device

Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions

The latest Android devices are vulnerable to a new method of “tapjacking,” which enables hackers to use screen animations to make security prompts invisible and trick users into granting dangerous permissions and unauthorized access.
Read more about Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions

5.1M private files of job seekers just got exposed. Here’s what we know

A job search platform exposed over 5 million resumes, putting millions of job seekers at risk of identity theft and targeted scams.
Read more about 5.1M private files of job seekers just got exposed. Here’s what we know

Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users

Eighteen extensions had a “squeaky clean” codebase, sometimes for years, until a version bump turned them into dangerous trojans without any user input. Security researchers warn that over 2.3 million users have just been compromised, but there are many more extensions lurking.
Read more about Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users

Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so

Businesses and organizations in the United Kingdom should be legally required to report any major cyberattack that significantly impacts their operations.
Read more about Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so

Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio

Russian threat actors are suspected of creating AI deepfakes of US Secretary of State Marco Rubio and then using the AI-generated content to contact at least five foreign ministers and US officials, the State Department warned on Tuesday.
Read more about Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio

Hackers can target Teslas and other EVs through public chargers

Plugging an electric car into a charger creates a data link that can be abused for many attacks, a researcher warns. Hackers can attempt to steal money, data, or electricity, gain unauthorized control, or even shut down entire systems.
Read more about Hackers can target Teslas and other EVs through public chargers

iPhone wingman app leaks 160K chat screenshots

The publicly accessible bucket contained data from the iOS app FlirtAI - Get Rizz & Dates. It mainly included private chats that users wanted the AI wingman to help them reply to.
Read more about iPhone wingman app leaks 160K chat screenshots

Over 26,000 Bitcoin Depot customers learn of data breach one year later

Bitcoin Depot, a publicly traded bitcoin ATM company, has informed thousands of individuals that their sensitive data, including driver’s license numbers, may have been stolen. The breach happened a year ago, but victims are only now receiving notification letters.
Read more about Over 26,000 Bitcoin Depot customers learn of data breach one year later