Security

Read at your own risk: an iOS book app spilled your secrets

Your next favorite read could cost you your privacy. An iOS book app just exposed 42,000 users’ personal data to hackers.
Read more about Read at your own risk: an iOS book app spilled your secrets

AI transforms cybercrime: researchers warn about the rise of AI agent hackers

Security experts fear that artificial intelligence (AI) agents will soon perform sophisticated and difficult-to-detect cyberattacks at scale. The release of ChatGPT in 2022 transformed the cybercrime landscape with automated phishing, deepfakes, and malware development.
Read more about AI transforms cybercrime: researchers warn about the rise of AI agent hackers

Steam denies data breach claims, scoffs at quality of supposedly leaked data

The video game distribution service’s owners, Valve, went as far as to say it doesn’t see the need for users to change their passwords.
Read more about Steam denies data breach claims, scoffs at quality of supposedly leaked data

Steel manufacturer Nucor halts production after cybersecurity incident

Nucor, the biggest steel manufacturer in North America, has shut down some of its operations due to a “cybersecurity incident.”
Read more about Steel manufacturer Nucor halts production after cybersecurity incident

5.7M files with resumes exposed after hiring platform forgot the password

Millions of resumes from a hiring platform were left online, offering scammers job seekers' private data.
Read more about 5.7M files with resumes exposed after hiring platform forgot the password

Android 16 brings massive security improvements to fight scams, fraud, and spyware

On Android 16, a single click will enable the strongest security and privacy, and most of your day-to-day account activity will not feel different, Google promises. One of the new, long-awaited additions is USB port locking to charging only, preventing thieves or authorities from accessing the data.
Read more about Android 16 brings massive security improvements to fight scams, fraud, and spyware

EU launches own vulnerability database in wake of CVE funding issues

Europe launches its own vulnerability database on Tuesday – one that will work in tandem with existing industry databases, including Mitre’s widely-used CVE database, which had its own funding crisis last month.
Read more about EU launches own vulnerability database in wake of CVE funding issues

North Korean cyber spies hack Ukraine to measure Russia’s war needs

North Korean state-sponsored hackers launched attacks against government entities and other organisations in Ukraine. It looks like the rogue state wants to determine if Russia will request more troops or armaments in an ongoing war.
Read more about North Korean cyber spies hack Ukraine to measure Russia’s war needs

American college spills half a million files with personal data

Bank Street College of Education, a New York-based private school, exposed hundreds of thousands of files with personal data, including home addresses and phone numbers.
Read more about American college spills half a million files with personal data

Co-op was hit by hackers aligned with Kremlin’s agenda, researchers believe

British supermarket chain Co-op is still recovering from a major cyberattack and experiencing significant disruption. Hackers who claimed responsibility for the breach have links to the Russian Federation, according to Halcyon researchers.
Read more about Co-op was hit by hackers aligned with Kremlin’s agenda, researchers believe

VMware Tools vulnerability enables hackers to tamper with virtual machines

Broadcom alerts that attackers with limited access to a virtual machine can exploit a vulnerability affecting VMware Tools and trigger insecure file operations. The open-source implementation, open-vm-tools, is also affected.
Read more about VMware Tools vulnerability enables hackers to tamper with virtual machines

German DPA orders Meta to halt AI training with EU user data

The Verbraucherzentrale North Rhine-Westphalia (NRW), a regional data protection authority (DPA) in Germany, has officially requested Meta to stop its artificial intelligence (AI) training plans in the European Union.
Read more about German DPA orders Meta to halt AI training with EU user data

Thousands of Node developers compromised by malware in popular npm packages

Malware in the Node.js ecosystem is hiding in plain sight. Security researchers uncover npm packages with thousands of installs, delivering remote access trojans, infostealers, or backdoors. The largest one has over 45,000 weekly downloads.
Read more about Thousands of Node developers compromised by malware in popular npm packages

Profiled by the Defense Department: How hackers are groomed into assets

Greetings, user. If there’s one thing whispered in hacker circles in hushed, conspiratorial tones, it's who’s an informant and who isn’t. How do law enforcement and government agencies recruit hackers? What traits do they look for?
Read more about Profiled by the Defense Department: How hackers are groomed into assets

Over-65s might be more tech savvy than we thought

Over-65s are much more tech savvy than we once realized, as a new report reveals that this age group was much better at spotting ads and scam emails than their younger counterparts.
Read more about Over-65s might be more tech savvy than we thought

North Korean ‘IT worker scams’ take on female personas, expand to Europe, Japan

The North Korean hacker group Nickel Tapestry has found new ways to adapt its IT worker scams, including impersonating female applicants, and expanding its operations to target companies in Europe and Asia.
Read more about North Korean ‘IT worker scams’ take on female personas, expand to Europe, Japan

Elon Musk, Ronaldo, and Binance are the bait in Facebook’s latest scam

A malware campaign is tearing through Facebook’s ad network, hijacking the names of legit crypto brands and celebrities' faces to con users into downloading spyware.
Read more about Elon Musk, Ronaldo, and Binance are the bait in Facebook’s latest scam

Google adds scam-fighting AI to Chrome: will detect malicious websites

Google is adding an on-device artificial intelligence (AI) model to Chrome to fight scams. Gemini Nano, a large language model (LLM), will evaluate websites that users visit and alert if potential fraud is detected.
Read more about Google adds scam-fighting AI to Chrome: will detect malicious websites