Security

Witty users defeat Google's hi-tech CAPTCHA with this low-tech hack

Security researchers claim to have already found a loophole in Google's experimental hand gesture CAPTCHA system. According to a video shared on X, the human verification system can be tricked using nothing more than a photograph of a hand.
Read more about Witty users defeat Google's hi-tech CAPTCHA with this low-tech hack

Boeing confirms unplanned IT outage affecting computer systems and applications

Boeing said on Tuesday that an unplanned IT outage affected some of its computer systems and applications.
Read more about Boeing confirms unplanned IT outage affecting computer systems and applications

Trump’s grip on the FTC puts EU-US data transfer at risk

Billions of data transfers occur every day between the US and Europe, but the agreement governing them might be at risk. The US Supreme Court has issued a landmark ruling that is throwing the status quo into doubt, and privacy activists have now called for a suspension of the arrangement.
Read more about Trump’s grip on the FTC puts EU-US data transfer at risk

Major win for Anthropic as US lifts Mythos, Fable export controls

In a dramatic turnaround, Anthropic says the US government has rolled back weeks-long export restrictions that had blocked the AI startup from exporting its über-powerful Claude Mythos 5 and Fable 5 models over national security concerns.
Read more about Major win for Anthropic as US lifts Mythos, Fable export controls

Nissan the latest victim in Oracle’s PeopleSoft attack: sensitive data stolen

Nissan North America has begun notifying employees after a cyberattack targeted Oracle's PeopleSoft software. Reportedly, attackers exfiltrated sensitive information belonging to Nissan’s current and former workers across multiple countries.
Read more about Nissan the latest victim in Oracle’s PeopleSoft attack: sensitive data stolen

Hackers say they have GameStop customers' personal data

GameStop customers are implicated in an alleged data leak, with hackers claiming to have breached the video game giant on an illicit marketplace.
Read more about Hackers say they have GameStop customers' personal data

Another Claude Code attack allows full takeover of developers’ systems

A proof-of-concept (PoC) attack shows that a completely clean-seeming GitHub repository can trick AI-powered coding agents such as Claude Code into silently opening a reverse shell on a developer’s machine.
Read more about Another Claude Code attack allows full takeover of developers’ systems

Apple’s AirDrop and Android’s Quick Share vulnerable: nearby hackers initiate connection, crash devices, or worse

Five billion iPhones and Android phones are listening for potential file drops via AirDrop and Quick Share, leaving users exposed to nearby hackers who can cause crashes, tamper with active transfers, or, potentially, even run code. Researchers have probed the protocols and disclosed six security flaws.
Read more about Apple’s AirDrop and Android’s Quick Share vulnerable: nearby hackers initiate connection, crash devices, or worse

GitHub overwhelmed as flood of vulnerability reports slows security fixes

While GitHub, the world's most popular proprietary developer platform, is experiencing a record-high surge in vulnerability reports, you can help yourself by following several suggestions as the platform adjusts to the new reality.
Read more about GitHub overwhelmed as flood of vulnerability reports slows security fixes

Hackers claiming leak of 310 million Temu accounts: here's what we know

An alleged 310 million Temu user records have been put up for sale on a cybercrime forum. While the leaked samples appear recent, Temu denies that the data originated from their systems.
Read more about Hackers claiming leak of 310 million Temu accounts: here's what we know

Website owners report surge in malicious bots impersonating Googlebot, sparking call to check IPs

Administrators are noticing an influx of malicious bot requests impersonating Googlebot and other legitimate crawlers, attempting to slip past website defenses. Google offers IP verification tools to help its crawlers be identified.
Read more about Website owners report surge in malicious bots impersonating Googlebot, sparking call to check IPs

Hackers claim 110M Notion records exposed, but the company’s AI assistant is not concerned

A hacker has claimed responsibility for a massive breach of Notion – a productivity platform used by Nvidia and OpenAI – exposing 110 million user records. Meanwhile the company says that no unauthorized access was identified.
Read more about Hackers claim 110M Notion records exposed, but the company’s AI assistant is not concerned

Russian state hackers stealing new Signal accounts with old backup keys, FBI warns

Signal’s Secure Backup key, once stolen, can unlock new accounts, and Russian state hackers are already abusing it in a global wave of phishing attacks, the US cyber authorities warn.
Read more about Russian state hackers stealing new Signal accounts with old backup keys, FBI warns

UK data watchdog fines consultancy firm £300K for flooding people with millions of illegal texts

The Information Commissioner’s Office (ICO) has issued a fine of £300,000 to a Manchester-based consultancy firm for sending millions of unlawful text messages to people in debt. They included fake bailiff threats designed to pressure and intimidate recipients.
Read more about UK data watchdog fines consultancy firm £300K for flooding people with millions of illegal texts

Microsoft reveals phishing campaign targeting hotels in Europe and Asia

An unknown threat actor has launched a convincing phishing campaign aimed at tricking hotel employees into installing malware via fake photo attachments.
Read more about Microsoft reveals phishing campaign targeting hotels in Europe and Asia

Apple supplier locks down systems after alleged Apple files appear on dark web

An Apple supplier at the heart of the company's push to move iPhone production out of China has locked down its internal systems after a ransomware group leaked thousands of confidential files allegedly linked to Apple, Tesla, TSMC and Qualcomm. The breach has triggered a forensic investigation and prompted Apple's security team to step in, according to sources.
Read more about Apple supplier locks down systems after alleged Apple files appear on dark web

France statistics agency Insee confirms cyberattack on staff data

France's national statistics department Insee said a cyberattack had led to a breach of personal data from its directory, affecting about 12,800 current and former staff and members of Insee-related civil service corps.
Read more about France statistics agency Insee confirms cyberattack on staff data

Polymarket hit by $3M cyberattack via third-party dependency, promises full refunds

Polymarket has been targeted by hackers exploiting a third-party dependency. Some users report being hacked, and blockchain analysts flagged $3 million outflows from the company. Polymarket has reassured all impacted users that they will be refunded in full.
Read more about Polymarket hit by $3M cyberattack via third-party dependency, promises full refunds

Someone hacked Johnson & Johnson's internal systems to teach it a lesson

A simple vulnerability can give access to highly confidential corporate data.
Read more about Someone hacked Johnson & Johnson's internal systems to teach it a lesson

Alibaba is suing US government for branding it a “Chinese military company”

Alibaba has filed a lawsuit against the US Department of Defense, seeking to overturn its designation as a "Chinese military company" after the Pentagon blacklisted the tech giant over alleged military ties that Alibaba says simply do not exist.
Read more about Alibaba is suing US government for branding it a “Chinese military company”