Security

Dozens of VPNs on Google and Apple app stores have undisclosed Chinese ownership

The Tech Transparency Project (TTP) has discovered dozens of VPN apps on Apple and Google app stores “surreptitiously owned by Chinese companies,” warning of privacy and US national security risks involved.
Read more about Dozens of VPNs on Google and Apple app stores have undisclosed Chinese ownership

Discord users under attack: trustworthy invite links reanimated by hackers

Hackers are hijacking expired or deleted Discord invite links, which are still posted on forums, social media, official websites, and elsewhere, security researchers warn. Accepting an invite could lead to a complete device compromise and crypto theft.
Read more about Discord users under attack: trustworthy invite links reanimated by hackers

Search, swipe, repeat? Not for long: the tech giants planning a post-screen future

Are smartphones dying? It sounds absurd in 2025 when most people are still glued to them. But last week's announcements from Google and OpenAI suggest something more profound is starting to stir beneath the glossy glass of our handheld companions.
Read more about Search, swipe, repeat? Not for long: the tech giants planning a post-screen future

Spyware scandal deepens: Another Italian journalist hit with Paragon spyware

A second Italian journalist was recently targeted by software made by U.S.-owned surveillance company Paragon, internet watchdog group Citizen Lab said, raising new questions about a surveillance scandal that has already led Prime Minister Giorgia Meloni's government and Paragon to part ways.
Read more about Spyware scandal deepens: Another Italian journalist hit with Paragon spyware

Spanish arm of French insurance giant posted on hacker forum

Asefa, the Spanish subsidiary of France’s SMABPT, was posted on a dark web forum used by the Qilin ransomware cartel.
Read more about Spanish arm of French insurance giant posted on hacker forum

AI first, security later: all Fortune 500 companies use AI, but security rules are still under construction

AI is no longer a niche technology — it’s becoming a fundamental part of business strategy for most Fortune 500 companies in 2025. All of them are now using AI, but they differ in their approaches to implementing it. Cybernews researchers warn of the risks involved as the rulebooks have yet to be written.
Read more about AI first, security later: all Fortune 500 companies use AI, but security rules are still under construction

Over 64M T-Mobile records leaked online, hackers claim

The unconfirmed dataset, supposedly consisting of details taken from America’s second-largest mobile carrier, T-Mobile, includes device IDs and phone numbers.
Read more about Over 64M T-Mobile records leaked online, hackers claim

Researchers turn Microsoft 365 Copilot against users, leaking extremely sensitive data

Microsoft 365 Copilot could’ve leaked sensitive information to attackers with zero user interaction, even if they never opened a malicious email. New research demonstrates how powerful content poisoning can be against inadequate defenses.
Read more about Researchers turn Microsoft 365 Copilot against users, leaking extremely sensitive data

NIST touts 19 ways to build "off-the-shelf" Zero Trust Architecture in new guidance

The National Institute of Standards and Technology (NIST) on Wednesday released a newly finalized guidance on how to build a Zero Trust Architecture (ZTA) – all with readily available off-the-shelf commercial products.
Read more about NIST touts 19 ways to build "off-the-shelf" Zero Trust Architecture in new guidance

Three things to learn to stay afloat in today’s digital world

You’re more likely to get hired if you brag about some sort of AI-related skill. You’ll feel more protected against scams if you take self-defense classes. And finally, you’ll understand cyber threats a bit better if you know what’s happening in the world.
Read more about Three things to learn to stay afloat in today’s digital world

DDoS now a strategic threat

DDoS attacks within the financial sector aren’t letting up, and finance is a threat actor’s top target.
Read more about DDoS now a strategic threat

Most cybersecurity certificates are just “nice to have,” but these three will help you land a job

When evaluating candidates for cybersecurity roles, managers prioritize those with experience, according to a new report.
Read more about Most cybersecurity certificates are just “nice to have,” but these three will help you land a job

Food delivery platform exposes customer names, addresses

GonnaOrder, a Europe-based food delivery platform, left an unprotected instance, exposing food lovers’ data to anyone willing to look.
Read more about Food delivery platform exposes customer names, addresses

Hackers pose as job seekers: opening a resume leads to ransomware

Cybercriminals are increasingly applying for jobs, posing as potential candidates. Their sole goal is to convince recruiters to open their malicious resumes.
Read more about Hackers pose as job seekers: opening a resume leads to ransomware

Hackers hit mental health clinic, names and addresses allegedly exposed

Mount Rogers Community Services has appeared on a ransomware gang’s dark web leak site, with attackers suggesting they stole multiple private details from the organization’s systems.
Read more about Hackers hit mental health clinic, names and addresses allegedly exposed

Macron proposes social media ban for under-15s after school stabbing

French President Emmanuel Macron said he would push for European Union regulation to ban social media for children under the age of 15 after a fatal stabbing at a school in eastern France, the latest such violent attack that left the country reeling.
Read more about Macron proposes social media ban for under-15s after school stabbing

40,000 security cameras found streaming without passwords or other protections

Security cameras that are supposed to protect users from dangers are actually putting users at risk, security experts warn. Forty thousand exposed internet-connected cameras have been discovered, 14,000 in the US alone.
Read more about 40,000 security cameras found streaming without passwords or other protections

Hack on Philly‘s largest school network exposes credit card data

Mastery Schools, a Philadelphia-based school network, has fallen victim to a ransomware attack that exposed a trove of sensitive data, ranging from names and Social Security numbers (SSNs) to credit card info.
Read more about Hack on Philly‘s largest school network exposes credit card data