Security

Dean Burton, WP Buffs: “keeping WordPress sites fast and secure is a full-time job”

With WordPress playing a huge role in online business these days, keeping websites up and running is more important –...
Read more about Dean Burton, WP Buffs: “keeping WordPress sites fast and secure is a full-time job”

US National Guard severely hacked by Salt Typhoon in 2024

A US state's Army National Guard network was thoroughly hacked by a Chinese cyberespionage group nicknamed "Salt Typhoon," according to a Department of Homeland Security memo.
Read more about US National Guard severely hacked by Salt Typhoon in 2024

Windows Hello flaw allows hackers to “swap faces” and access sensitive data

Hackers inside a network can swap an admin’s biometric data with their own faces to unlock sensitive Windows systems. Researchers warn that the face recognition templates are protected by weaker security than the things they unlock.
Read more about Windows Hello flaw allows hackers to “swap faces” and access sensitive data

European Commission launches age-check app to protect kinds online

The European Commission has introduced a prototype of an age verification app and guidelines to create a safe online environment for young people and allow them to enjoy all that the online world has to offer.
Read more about European Commission launches age-check app to protect kinds online

Venkatesh Sundar, Indusface: “zero-day exploits don’t wait for your dev team to catch up”

Keeping sensitive data safe is tougher than ever, especially with businesses jumping into the digital world so quickly. Lots of...
Read more about Venkatesh Sundar, Indusface: “zero-day exploits don’t wait for your dev team to catch up”

This is what you should include in your password to make it uncrackable

Think your password is safe because it’s eight characters long and mixes in a number or two? According to new analysis from Specops, nearly 99% of breached passwords are so weak they could be cracked in minutes.
Read more about This is what you should include in your password to make it uncrackable

Marks & Spencer hackers hit US retailer Belk

Belk, the popular US department store chain, has allegedly been targeted by the DragonForce hacker group. This is the same group that struck UK retailer Marks & Spencer with a cyberattack, costing the company hundreds of millions of dollars.
Read more about Marks & Spencer hackers hit US retailer Belk

Serious Google Gemini flaw: it obeys hidden prompts in malicious emails

If hackers hide malicious commands in an email, Google Gemini for Workspace will “faithfully obey” them when interacting with the content. Researchers tricked Gemini into alerting users about account compromise and directing them to call scammers.
Read more about Serious Google Gemini flaw: it obeys hidden prompts in malicious emails

UnitedHealth subsidiary Episource hit with data breach, millions affected

Over five million patients were affected after a massive data breach at Episource that exposed sensitive medical and personal information.
Read more about UnitedHealth subsidiary Episource hit with data breach, millions affected

S&P 500’s AI adoption may invite data breaches, new research shows

Researchers have identified hundreds of potential issues ranging from insecure AI output to critical infrastructure attack vectors across sectors such as infrastructure, finance, and healthcare.
Read more about S&P 500’s AI adoption may invite data breaches, new research shows

Shopify plugin exposes hundreds of websites to attacks

A trusted Shopify plugin designed to enforce privacy compliance ended up quietly exposing hundreds of online stores to serious security threats.
Read more about Shopify plugin exposes hundreds of websites to attacks

Massive investment fraud campaign leverages 17,000 fraudulent news sites

Scam sites are impersonating legitimate news websites, using native languages, major brands, and regional public figures to promote fake investment opportunities.
Read more about Massive investment fraud campaign leverages 17,000 fraudulent news sites

Your eSIM might not be as safe as you think: researchers hack and clone numbers

Researchers have successfully hacked a widely used chip that stores eSIM (embedded SIM) profiles, leaving billions of users vulnerable to SIM cloning, spoofing, spying on them, and related security implications.
Read more about Your eSIM might not be as safe as you think: researchers hack and clone numbers

Saudi industrial services group breached, hackers claim

Rezayat Group, a multibillion-dollar industrial services provider based in Saudi Arabia, has been posted on a dark web leak site. Hackers claim they’ve obtained several gigabytes of data from the company.
Read more about Saudi industrial services group breached, hackers claim

Estimating age with augmented cameras in tobacco shops is a no-go, CNIL says

The use of augmented cameras that can estimate the age of tobacco shop customers to prohibit the sale of cigarettes and other tobacco products to minors is neither necessary nor proportionate and, therefore, not allowed according to data protection and privacy laws.
Read more about Estimating age with augmented cameras in tobacco shops is a no-go, CNIL says

PewDiePie is driving self-hosting craze: how to protect your home server experiments?

Do you have an old laptop without a screen and other missing parts? That’s more than enough for a decent home server. Some folks even use Legos to build theirs. A recent shoutout from PewDiePie sent thousands of beginners diving into self-hosting for the first time. But beware of potential security disasters waiting to happen: don’t expose yourself to bots constantly scanning your IP.
Read more about PewDiePie is driving self-hosting craze: how to protect your home server experiments?

A simple radio hack can emergency stop any train in North America, researchers warn

End-of-train devices, installed on the rear of freight trains in North America to sense and control braking, are outdated and simplistic. Hackers can easily target them with plain text radio signals to send emergency braking commands.
Read more about A simple radio hack can emergency stop any train in North America, researchers warn

Hacker exploits Elmo’s X account, calls President Trump a “child f**ker,” and tells the world to “kill all Jews”

The iconic character from Sesame Street was hacked by an antisemitic attacker who used Elmo’s X account to rant about Jeffrey Epstein files and tell all Jews to die.
Read more about Hacker exploits Elmo’s X account, calls President Trump a “child f**ker,” and tells the world to “kill all Jews”