Security
Authorities shut down cybercrime service that sold access to 369,000 home internet connections
Authorities have disrupted a massive cybercrime platform, SocksEscort, which quietly hijacked 369,000 WiFi routers and other devices, and helped hackers hide their malicious traffic behind residential IP addresses. People were often unaware that their IPs were being used for cybercrime.
Read more about Authorities shut down cybercrime service that sold access to 369,000 home internet connections
Researchers ask AI agents to create LinkedIn posts. They publish passwords instead
No one asked them to do it. No adversarial prompting was employed. But these AI agents, deployed for routine enterprise tasks in a test, still went rogue and autonomously hacked the systems they were operating in.
Read more about Researchers ask AI agents to create LinkedIn posts. They publish passwords instead
How Oscar season becomes prime time for malware attacks
Illegally downloading the latest Oscar contender might feel like beating the system. But when the malware kicks in, as Morpheus once said, “Welcome to the real world.” Lurking in the shadows lies a common enemy of both the illegal streamer and the movie studios.
Read more about How Oscar season becomes prime time for malware attacks
Researcher discovers severe antivirus blind spot: corrupted ZIP files evade nearly all scanners
Hackers can change a single byte to insert malware undetected, posing as an apparently corrupted ZIP file dubbed Zombie Zip. A security researcher demonstrated this by tricking Windows Defender and most other antivirus software, with 65 of 66 security solutions failing to detect the malware.
Read more about Researcher discovers severe antivirus blind spot: corrupted ZIP files evade nearly all scanners
We ranked the most pirated Oscar nominees of the past 15 years, from Anora to Avatar
Were you betting on Sinners to take home the Best Picture award from the 98th Oscars? Or did you know all along that One Battle After Another would win?
Read more about We ranked the most pirated Oscar nominees of the past 15 years, from Anora to Avatar
Oscars 2026: attackers exploit Best Picture hype for One Battle After Another to spread malware via Google
Your obsession with the Academy Awards might drain your bank account. Cybernews researchers found that illegally downloading this years' Best Picture nominees may result in installing dangerous wallet-draining malware.
Read more about Oscars 2026: attackers exploit Best Picture hype for One Battle After Another to spread malware via Google
Russia military command tells troops to ditch unsafe MAX app and use Telegram again
The Kremlin recently moved to reduce usage of the popular messenger Telegram across the country and ordered the troops invading Ukraine to switch to MAX, a state-run service. Now, though, the military command seems to have realized that MAX is even less safe and is telling troops to reinstall Pavel Durov’s app on their devices.
Read more about Russia military command tells troops to ditch unsafe MAX app and use Telegram again
Weird friend requests on Facebook? Meta will warn users more often
Meta, the parent company of Facebook, Instagram, and WhatsApp, has introduced a new set of tools to help protect users against scams.
Read more about Weird friend requests on Facebook? Meta will warn users more often
Verifone and Stryker claims by Iran-linked hackers as cyber retaliation fears grow
In less than a day, the Iran-linked hacktivist group Handala claims attacks on two multinational US companies – the electronic payments giant Verifone and the major medical technology company Stryker, both of which have strong ties to Israel. Verifone on Thursday denied the breach claims.
Read more about Verifone and Stryker claims by Iran-linked hackers as cyber retaliation fears grow
Hackers hijack Wordpress sites and deploy CAPTCHA ClickFix in global infostealer campaign
Cybercriminals have compromised hundreds of websites – including regional news outlets and the website of a US Senate candidate – in a global malware operation new research has uncovered.
Read more about Hackers hijack Wordpress sites and deploy CAPTCHA ClickFix in global infostealer campaign
HR departments are being targeted with fake resumes that disable security protection
A threat campaign against human resource (HR) departments has recently been launched. What seems like a decent resume actually is malicious software that kills security defenses, including antivirus programs and Endpoint Detection and Response (EDR) tools.
Read more about HR departments are being targeted with fake resumes that disable security protection
Who owns your Chrome extension? Researchers warn side projects are being turned into malware
Many Chrome extensions start as small developer projects, and once they gain users, are sold on. But what if the new owner turns out to be a bad actor who gains the ability to update software running inside thousands of browsers?
Read more about Who owns your Chrome extension? Researchers warn side projects are being turned into malware
Red-teamers unleash AI agent on McKinsey’s chatbot, gain full access in two hours
An offensive AI agent, created by red-team security startup CodeWall, autonomously chose McKinsey’s AI chatbot as a target and then hacked it in just two hours, gaining full read and write access to the system. This was just an experiment, but clearly, malicious machine-speed intrusions are possible.
Read more about Red-teamers unleash AI agent on McKinsey’s chatbot, gain full access in two hours
Beware: researchers uncover hundreds of malvertising campaigns on Meta platforms
A disinformation-for-profit network uses trusted news brands, real personalities, fabricated media narratives, emotional hooks, and advanced evasion techniques to drive victims – all users of Meta platforms – into investment fraud funnels, researchers say.
Read more about Beware: researchers uncover hundreds of malvertising campaigns on Meta platforms
China fuels OpenClaw adoption despite mounting security concerns
Local governments in China are offering subsidies to drive adoption of the OpenClaw AI agent, even as security experts in China and abroad warn that improper configuration of the software could carry serious cybersecurity risks.
Read more about China fuels OpenClaw adoption despite mounting security concerns
Man who accidentally discovered DJI robot vacuum backdoor awarded $30K
All that software engineer Sammy Azdoufal ever wanted was to connect his DJI robot vacuum cleaner to a PlayStation 5 controller. What actually happened was that he discovered a way to access a network of 7,000 remote-control DJI robots, enabling him to peek into other people’s homes. For this, he was rewarded $30,000 by DJI.
Read more about Man who accidentally discovered DJI robot vacuum backdoor awarded $30K
Scammers impersonate local zoning officials in latest phishing scheme, FBI warns
A new email phishing scam impersonating US city and county officials is tricking homeowners and businesses into forking over fraudulent fees for nonexistent planning and zoning permits, the FBI warns.
Read more about Scammers impersonate local zoning officials in latest phishing scheme, FBI warns
Viral GitHub project claims WiFi can "see through walls" – developers aren’t convinced
Wifi-DensePose claims to track human movement behind walls using ordinary wireless signals – triggering privacy concerns. Yet developers say at best it’s a proof of concept, at worst, “AI slop”.
Read more about Viral GitHub project claims WiFi can "see through walls" – developers aren’t convinced
Hackers claim leak of 141,000 Success Magazine users
A 100-year-old business magazine read by millions may have just had 141,000 subscriber records dumped onto a hacker forum.
Read more about Hackers claim leak of 141,000 Success Magazine users
Hackers claim breach of hat brand worn by Nicole Kidman and Hillary Clinton
A luxury fashion label worn by Hollywood stars has landed on a ransomware gang’s hit list.
Read more about Hackers claim breach of hat brand worn by Nicole Kidman and Hillary Clinton
