Security
ShinyHunters leak 12.4M CarGurus records after ransom threat
The ShinyHunters extortion gang has released the personal records of 12.4 million CarGurus account holders – following what appears to be a failed ransom demand tied to a February 13th breach of the digital auto dealer.
Read more about ShinyHunters leak 12.4M CarGurus records after ransom threat
Ashley Madison pivots to shake cyberattack ghost, promises privacy this time
This once disgraced dating site sheds its scandalous branding in favour of privacy.
Read more about Ashley Madison pivots to shake cyberattack ghost, promises privacy this time
Hackers’ fake Zoom update drops same workforce analytics tool your boss uses – Malwarebytes report
Hackers can trick Windows users into joining fake Zoom meetings, downloading fake updates that silently install workforce analytics software used by companies to monitor staff activities, according to Malwarebytes. The security firm says it observed malicious activity attempts in the wild: not a single antivirus program flags it, while hackers can gain broad visibility.
Read more about Hackers’ fake Zoom update drops same workforce analytics tool your boss uses – Malwarebytes report
Is Verizon first among equals? New York exempts the company and other telecoms from following cybersecurity rules
Telecom companies, including Verizon and Optimum, have successfully pushed New York state regulators to exclude them from new cybersecurity rules. Experts are raising red flags, warning that this will leave the state unable to monitor and ensure the security of sensitive customer information. But how did the tech giants pull this off?
Read more about Is Verizon first among equals? New York exempts the company and other telecoms from following cybersecurity rules
Researchers reveal Russian hackers hijacked digital highways to "steal funds" from logistics giants
A Russian phishing crew hijacked the digital highways of US and EU logistics giants, exploiting trucking logins to steal funds. The investigation uncovered a well-organized crime infrastructure.
Read more about Researchers reveal Russian hackers hijacked digital highways to "steal funds" from logistics giants
Anthropic’s security tool made investors panic, but the cybersec industry should keep calm
Investors overreact every time a new AI tool or feature is announced these days. Last week was no different: when Anthropic launched Claude Code Security, a tool capable of autonomously finding and patching vulnerabilities, shares of elite cybersecurity companies plummeted in a flash. But is the risk of AI agents cannibalizing the market even real?
Read more about Anthropic’s security tool made investors panic, but the cybersec industry should keep calm
Scammers have the advantage: no one can reliably detect AI faces, study finds
Some people are just better at recognizing AI-generated faces, but even they fail 43% of the time, a new study has found. Synthetic faces can often be recognized because they “appear more human than real ones,” but no one can reliably predict.
Read more about Scammers have the advantage: no one can reliably detect AI faces, study finds
Adult site Frivol.com data leak reveals users registered using work emails
The user-made adult content website accidentally left a private database open, spilling 479,000 unique user emails. While leaking email addresses is typically low on the cybersecurity risk scale, adult sites play by different rules.
Read more about Adult site Frivol.com data leak reveals users registered using work emails
Odido telecom hackers threaten to leak 21M user records
Odido, the largest mobile phone company in the Netherlands, may soon see sensitive data from millions of its customers leaked online, the ShinyHunters attacker group claims on the dark web.
Read more about Odido telecom hackers threaten to leak 21M user records
ShinyHunters reveals +5M records after Wall Street ignores "final warning"
After giving a 48-hour ultimatum, ShinyHunters, an infamous extortion gang, dumped millions of records tied to two Wall Street powerhouses onto the dark web. The leaked data includes contracts and clients’ personal data.
Read more about ShinyHunters reveals +5M records after Wall Street ignores "final warning"
Amateur attacker uses AI toolkits, including Claude and Deepseek, to hack Fortinet firewalls
Commercial AI services are enabling even unsophisticated threat actors to conduct cyberattacks at scale. This time, a Russian-speaking threat actor leveraged AI tools to compromise more than 600 Fortinet firewalls in a single month.
Read more about Amateur attacker uses AI toolkits, including Claude and Deepseek, to hack Fortinet firewalls
Microsoft: ‘OpenClaw unsuited to run on standard personal or enterprise workstation’
Microsoft’s AI assistant OpenClaw should not be operated on a standard personal or enterprise workstation, as it has limited built-in security controls. Therefore, it should only be deployed in a fully isolated environment.
Read more about Microsoft: ‘OpenClaw unsuited to run on standard personal or enterprise workstation’
ICO wins court of appeal battle: “Organizations must protect all personal data they process, regardless of how it might be used by hackers”
The UK’s data watchdog, the Information Commissioner’s Office (ICO), has won an important Court of Appeal ruling against retailer DSG, keeping a £500,000 fine in place over a major cyberattack.
Read more about ICO wins court of appeal battle: “Organizations must protect all personal data they process, regardless of how it might be used by hackers”
LA County sues Roblox: “Roblox has created a world where adults and children mingle with little functional oversight.”
The County of Los Angeles has filed a lawsuit against the social media gaming platform Roblox for failing to protect children from predatory behavior.
Read more about LA County sues Roblox: “Roblox has created a world where adults and children mingle with little functional oversight.”
Old Android can be repurposed into a powerful OpenClaw AI assistant
The open-source AI personal assistant OpenClaw took the internet by storm, sending thousands of enthusiasts to buy Mac minis to run their own instance. However, an old Android phone can also do the same task, and even enable OpenClaw to make calls, take photos, or record audio.
Read more about Old Android can be repurposed into a powerful OpenClaw AI assistant
PayPal breach went undetected for six months, exposing Social Security numbers
PayPal has been sending data breach notification letters to customers affected by a recently discovered “cyber incident” dating back to 2025, in which an unknown attacker was found lurking in its systems for nearly six months.
Read more about PayPal breach went undetected for six months, exposing Social Security numbers
Microsoft admits Copilot reads protected emails, rushes worldwide updates
Microsoft has admitted that, for weeks, its AI assistant Copilot slipped past confidentiality labels and read emails it was never meant to see.
Read more about Microsoft admits Copilot reads protected emails, rushes worldwide updates
Wynn Resorts braces for “final warning” as attackers allege data breach
A notorious hacking group has targeted the US luxury casino empire and claims to hold 800,000 sensitive records. Wynn Resorts has confirmed the breach.
Read more about Wynn Resorts braces for “final warning” as attackers allege data breach
The wild claims that might not be so wild after all about Chinese spy vapes
On top of the obvious damage to your lungs, heart, and brain, your “cool” smart vape can also be used to spy on you. Apparently, to such an extent that the US government is calling it a threat to national security.
Read more about The wild claims that might not be so wild after all about Chinese spy vapes
Be careful when searching for Mac software: new campaign abuses Google ads to peddle malware
Hackers have hijacked at least 35 Google Advertiser accounts, launching more than 200 malicious ads targeting Mac users seeking 7-Zip, Notepad++, LibreOffice, Final Cut Pro, and other popular software. A click on the top search result might lead to a malware infection, Bitdefender warns.
Read more about Be careful when searching for Mac software: new campaign abuses Google ads to peddle malware
