Security

Microsoft's largest Patch Tuesday ever: 570 flaws, Kerberos encryption overhaul

The record-breaking update also forces a long-planned authentication change that could disrupt legacy Windows environments.
Read more about Microsoft's largest Patch Tuesday ever: 570 flaws, Kerberos encryption overhaul

Uninstall this Chrome extension now: it contains surveillance code

Don’t trust everything you find on Chrome Web Store.
Read more about Uninstall this Chrome extension now: it contains surveillance code

Telegram’s t.me domain vanishes overnight, Durov cries for help on X

Users are unable to access Telegram links, but core app features remain working.
Read more about Telegram’s t.me domain vanishes overnight, Durov cries for help on X

Microsoft ditches SMS and voice authentication for Entra ID, passkeys rolling out as default

SMS and voice authentication have served their purpose well, but the threat environment has evolved beyond their capabilities, Microsoft says.
Read more about Microsoft ditches SMS and voice authentication for Entra ID, passkeys rolling out as default

Mozilla is experimenting with a two-week update cycle for Firefox

AI is accelerating the race between hackers and defenders.
Read more about Mozilla is experimenting with a two-week update cycle for Firefox

Giant Telegram user database just hit hacker forums: here's why that's bad news


Russian hackers are targeting routers to infiltrate critical infrastructure, CISA warns

A forgotten router could give hackers a foothold inside critical telecom networks.
Read more about Russian hackers are targeting routers to infiltrate critical infrastructure, CISA warns

OpenAI will require hardware-backed passkeys for access to advanced cyber models

Hardware-backed passkeys store authentication credentials on a physical security key rather than in software or cloud-based systems
Read more about OpenAI will require hardware-backed passkeys for access to advanced cyber models

Hackers blackmail Bosh as secret engineering files surface on the dark web


Progress warns ShareFile Users: shut down on-premises servers immediately

A temporary lockdown has been implemented on ShareFile accounts using on-premises storage. However, Progress warns that it’s not enough and is urging admins to take immediate action.
Read more about Progress warns ShareFile Users: shut down on-premises servers immediately

Lidl confirms data breach affecting European customer data


Could Microsoft's AI era spell the end of Patch Tuesday? Experts say yes.

AI is accelerating Windows security fixes – and challenging Microsoft's decades-old monthly update model.
Read more about Could Microsoft's AI era spell the end of Patch Tuesday? Experts say yes.

Insider threat: NHS staff warned they’ll be fired or even jailed for accessing patient records illegally

The campaign follows several incidents of staff being dismissed from their posts after accessing the medical records of victims of high-profile crimes
Read more about Insider threat: NHS staff warned they’ll be fired or even jailed for accessing patient records illegally

How the world’s top cyber authority left its door wide open on GitHub: CISA shares lessons from major blunder

CISA promises no customer or mission data was compromised, even though exposed keys remained valid for days.
Read more about How the world’s top cyber authority left its door wide open on GitHub: CISA shares lessons from major blunder

Ransomware negotiator helped hackers squeeze victims for bigger payouts

He was hired to help victims, but got paid for extorting money from them.
Read more about Ransomware negotiator helped hackers squeeze victims for bigger payouts

Science has cracked the concept of a better password – your breath


Hackers bait users with popular VPNs, but fake installers lead to complete compromise

Attackers use a covert network of command servers named after “Nishihaoren,” which translates to “you are a good person.”
Read more about Hackers bait users with popular VPNs, but fake installers lead to complete compromise

Hacker claims sale of alleged Nike customer database with millions of records


The internet’s weirdest hacking bot: tries to force its way into servers, begs for help to escape Belarus

Its creator claims this “performance piece” is “somewhat illegal” but harmless, yet security experts warn of real risks.
Read more about The internet’s weirdest hacking bot: tries to force its way into servers, begs for help to escape Belarus

Critical bugs enable hackers to take control of Ubiquiti devices

Vulnerabilities can be chained to compromise entire systems.
Read more about Critical bugs enable hackers to take control of Ubiquiti devices