Security
Major security flaws found in Adobe PDF reader and ASUS system controller
Your RGB controller and PDF reader almost became cyberattack launchpads, thanks to critical flaws just uncovered.
Read more about Major security flaws found in Adobe PDF reader and ASUS system controller
Hackers hide dangerous trojan in legitimate Mac apps, targeting developers
Hackers are bundling legitimate Mac tools with a ZuRu trojan, poisoning search results to advertise compromised packages and infecting unsuspecting users, SentinelOne warns.
Read more about Hackers hide dangerous trojan in legitimate Mac apps, targeting developers
Security pros run a 36-hour war room to close a critical DeFi backdoor, likely installed by North Korean hackers
Security researchers said they've closed a critical backdoor on "thousands" of smart contracts before a threat actor managed to hit a large target.
Read more about Security pros run a 36-hour war room to close a critical DeFi backdoor, likely installed by North Korean hackers
Former US Army Lt. Col. sent defense secrets over dating site to Ukrainian love interest
A former US Army Lieutenant Colonel pleaded guilty on Thursday to sending his Ukrainian "girlfriend" classified defense secrets over a foreign dating site during the height of the Russian invasion.
Read more about Former US Army Lt. Col. sent defense secrets over dating site to Ukrainian love interest
If it’s open-source, it might come with baggage
Open-source code is open to everyone – including hackers – and with malware booming, experts warn that it’s time to watch your back.
Read more about If it’s open-source, it might come with baggage
Breach of legendary Chicago radio station exposes financial data, contracts, hackers claim
WFMT, a well-known Chicago-based radio station, was allegedly breached by a hacker group. The attackers claim they’ve taken a trove of sensitive personal and business information.
Read more about Breach of legendary Chicago radio station exposes financial data, contracts, hackers claim
Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it
As the security industry braces itself for a post-quantum world – and the dreaded changeover of pretty much every piece of encrypted technology in existence – there's a new buzzword coming to town, and it's called “cryptographic inventory.” Cybernews explains what it is and why you'll be hearing about it for the next 10 years.
Read more about Post-quantum cryptographic inventory – the latest PQC buzzword and why you need to know it
Qantas offers more clarity on recent data breach
Australian airline Qantas has shared more details on the recent cybersecurity incident that affected the company.
Read more about Qantas offers more clarity on recent data breach
“Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature
While still in beta, the feature has already received some backlash, despite its good intentions.
Read more about “Thanks for gathering my private calls!” Users skeptical about FaceTime’s beta privacy feature
This MacBook malware lets Russian hackers remotely control your device
A fake job interview on LinkedIn might end with hackers accessing your MacBook with this new, dangerous malware upgrade.
Read more about This MacBook malware lets Russian hackers remotely control your device
Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions
The latest Android devices are vulnerable to a new method of “tapjacking,” which enables hackers to use screen animations to make security prompts invisible and trick users into granting dangerous permissions and unauthorized access.
Read more about Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions
5.1M private files of job seekers just got exposed. Here’s what we know
A job search platform exposed over 5 million resumes, putting millions of job seekers at risk of identity theft and targeted scams.
Read more about 5.1M private files of job seekers just got exposed. Here’s what we know
Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users
Eighteen extensions had a “squeaky clean” codebase, sometimes for years, until a version bump turned them into dangerous trojans without any user input. Security researchers warn that over 2.3 million users have just been compromised, but there are many more extensions lurking.
Read more about Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users
Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so
Businesses and organizations in the United Kingdom should be legally required to report any major cyberattack that significantly impacts their operations.
Read more about Should UK companies be required to disclose major cyberattacks? M&S CEO Archie Norman thinks so
Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio
Russian threat actors are suspected of creating AI deepfakes of US Secretary of State Marco Rubio and then using the AI-generated content to contact at least five foreign ministers and US officials, the State Department warned on Tuesday.
Read more about Russian actors suspected of AI deepfakes impersonating US State Secretary Marco Rubio
Hackers can target Teslas and other EVs through public chargers
Plugging an electric car into a charger creates a data link that can be abused for many attacks, a researcher warns. Hackers can attempt to steal money, data, or electricity, gain unauthorized control, or even shut down entire systems.
Read more about Hackers can target Teslas and other EVs through public chargers
iPhone wingman app leaks 160K chat screenshots
The publicly accessible bucket contained data from the iOS app FlirtAI - Get Rizz & Dates. It mainly included private chats that users wanted the AI wingman to help them reply to.
Read more about iPhone wingman app leaks 160K chat screenshots
Over 26,000 Bitcoin Depot customers learn of data breach one year later
Bitcoin Depot, a publicly traded bitcoin ATM company, has informed thousands of individuals that their sensitive data, including driver’s license numbers, may have been stolen. The breach happened a year ago, but victims are only now receiving notification letters.
Read more about Over 26,000 Bitcoin Depot customers learn of data breach one year later