Security
Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it
As the security industry braces itself for a post-quantum world – and the dreaded changeover of pretty much every piece of encrypted technology in existence – there's a new buzzword coming to town, and it's called “cryptographic inventory.” Cybernews explains what it is and why you'll be hearing about it for the next 10 years.
Read more about Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it
Qantas offers more clarity on recent data breach
Australian airline Qantas has shared more details on the recent cybersecurity incident that affected the company.
Read more about Qantas offers more clarity on recent data breach
“Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature
While still in beta, the feature has already received some backlash, despite its good intentions.
Read more about “Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature
This MacBook malware lets Russian hackers remotely control your device
A fake job interview on LinkedIn might end with hackers accessing your MacBook with this new, dangerous malware upgrade.
Read more about This MacBook malware lets Russian hackers remotely control your device
Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions
The latest Android devices are vulnerable to a new method of “tapjacking,” which enables hackers to use screen animations to make security prompts invisible and trick users into granting dangerous permissions and unauthorized access.
Read more about Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions
5.1M private files of job seekers just got exposed. Here’s what we know
A job search platform exposed over 5 million resumes, putting millions of job seekers at risk of identity theft and targeted scams.
Read more about 5.1M private files of job seekers just got exposed. Here’s what we know
Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users
Eighteen extensions had a “squeaky clean” codebase, sometimes for years, until a version bump turned them into dangerous trojans without any user input. Security researchers warn that over 2.3 million users have just been compromised, but there are many more extensions lurking.
Read more about Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users
Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so
Businesses and organizations in the United Kingdom should be legally required to report any major cyberattack that significantly impacts their operations.
Read more about Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so
Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio
Russian threat actors are suspected of creating AI deepfakes of US Secretary of State Marco Rubio and then using the AI-generated content to contact at least five foreign ministers and US officials, the State Department warned on Tuesday.
Read more about Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio
Hackers can target Teslas and other EVs through public chargers
Plugging an electric car into a charger creates a data link that can be abused for many attacks, a researcher warns. Hackers can attempt to steal money, data, or electricity, gain unauthorized control, or even shut down entire systems.
Read more about Hackers can target Teslas and other EVs through public chargers
iPhone wingman app leaks 160K chat screenshots
The publicly accessible bucket contained data from the iOS app FlirtAI - Get Rizz & Dates. It mainly included private chats that users wanted the AI wingman to help them reply to.
Read more about iPhone wingman app leaks 160K chat screenshots
Over 26,000 Bitcoin Depot customers learn of data breach one year later
Bitcoin Depot, a publicly traded bitcoin ATM company, has informed thousands of individuals that their sensitive data, including driver’s license numbers, may have been stolen. The breach happened a year ago, but victims are only now receiving notification letters.
Read more about Over 26,000 Bitcoin Depot customers learn of data breach one year later
SatanLock ransomware gang shuts down operation, files will be leaked
The ransomware group called SatanLock is ending its operation. All the data that it has stolen from victims will be leaked online.
Read more about SatanLock ransomware gang shuts down operation, files will be leaked
Ingram Micro struck by ransomware attack, causing ongoing system outage
Ingram Micro Holding Corporation has acknowledged that it fell victim to a ransomware attack, but refuses to share details about the incident.
Read more about Ingram Micro struck by ransomware attack, causing ongoing system outage
Linux contains dangerous secure boot flaw: hackers can bypass it with a USB stick
Physically present hackers can effectively bypass secure boot protections on modern Linux Systems and inject persistent malware. The quick fix is to modify the kernel and prevent the system from dropping into a debug shell during boot failures.
Read more about Linux contains dangerous secure boot flaw: hackers can bypass it with a USB stick
Teléfonica victim of a new data breach, hacker claims
A hacker going by the name “Rey” claims to have stolen 106GB of data from Teléfonica. The Spanish telecommunications company says it's nothing more than an extortion attempt.
Read more about Teléfonica victim of a new data breach, hacker claims
The rising threat of mobile malware: How to protect your device in 2025
The number of mobile users is increasing every year – and so do the instances of mobile malware.
Read more about The rising threat of mobile malware: How to protect your device in 2025
Hackers target vibe coders with malicious extensions for their code editors
Hackers are exploiting a dangerous loophole to target vibe coders. Cursor, Windsurf, and other AI-powered code editors can’t access the VS Code Marketplace and instead rely on riskier third-party platforms, where malicious extensions and critical flaws thrive.
Read more about Hackers target vibe coders with malicious extensions for their code editors