Security
NVIDIA: from gaming powerhouse to military tech player
Parents were right after all. Gaming and real-life violence are indeed related, at least by association. NVIDIA’s humble beginnings are...
Read more about NVIDIA: from gaming powerhouse to military tech player
Cyberattack on Delta smart alarm system paralyzes cars across Russia
Winter has hit Russia hard already, and now car owners across the country – those using a Delta smart alarm system – can’t unlock cars, stop active alarms, or even start their engines. A cyberattack is believed to be the cause.
Read more about Cyberattack on Delta smart alarm system paralyzes cars across Russia
Android AI apps leak Google secrets the most, 700TB of files already exposed
Android developers are still hardcoding secrets, while attackers exploit them in the wild. Cybernews has analyzed 1.8 million Android apps on the Google Play Store and found that most AI apps leak an average of five secrets.
Read more about Android AI apps leak Google secrets the most, 700TB of files already exposed
ShinyHunters claims 10M dating records from Match Group's Hinge and OkCupid
The alleged attack targets Tinder-owner Match Group's dating apps. The attackers claim they have millions of records, with the data sample revealing user IDs, transactions, IP addresses and other sensitive information.
Read more about ShinyHunters claims 10M dating records from Match Group's Hinge and OkCupid
Trump’s CISA chief at it again: uploads sensitive files into ChatGPT
The interim head of CISA, America’s cyber defense agency, decided it was A-okay to upload sensitive documents into ChatGPT after requesting special permission to use the popular chatbot right after arriving at the agency last May.
Read more about Trump’s CISA chief at it again: uploads sensitive files into ChatGPT
New Microsoft Office zero-day under active attack, patch now
Microsoft’s Security Response Center pushed an urgent Patch Tuesday fix after a new zero-day targeting earlier versions of Microsoft Office 365 surfaced in active attacks – and companies are being told to patch immediately.
Read more about New Microsoft Office zero-day under active attack, patch now
North Korea is turning open-source projects into malware traps
North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The latest campaign builds on techniques seen in previous DPRK-linked fake-recruiter and supply-chain attacks, but shifts focus to VS Code automation and disguised font files.
Read more about North Korea is turning open-source projects into malware traps
Crunchbase confirms hack by ShinyHunters, 2M records up for grabs
Crunchbase, a predictive private company intelligence platform, has confirmed a data breach after the notorious ShinyHunters cybercrime group published files supposedly stolen from its systems.
Read more about Crunchbase confirms hack by ShinyHunters, 2M records up for grabs
14M Panera Bread customer records leaked: What do we know so far?
Hackers have claimed responsibility for a cyberattack against Panera Bread, a major American restaurant chain, that allegedly resulted in the leak of millions of customer and employee records.
Read more about 14M Panera Bread customer records leaked: What do we know so far?
State employee in Texas? You're now banned from using Shein, Alibaba products
Texas will bar its employees from using Shein, Alibaba and TP-Link hardware and software, the governor said in a statement on Monday, saying his state made the decision to protect the "privacy of Texans" from the Chinese government.
Read more about State employee in Texas? You're now banned from using Shein, Alibaba products
North Koreans now using AI-generated PowerShell backdoor to target devs
Konni, a North Korean threat actor, has been using PowerShell malware generated using AI tools to attack developers and engineering teams in the blockchain sector. The phishing campaign has targeted users in Japan, Australia, and India.
Read more about North Koreans now using AI-generated PowerShell backdoor to target devs
Data of 146K users leaked as hackers claim Edmunds breach
Edmunds, a major American car shopping platform, has allegedly been breached by the infamous ShinyHunters cybergang.
Read more about Data of 146K users leaked as hackers claim Edmunds breach
Prisons seize inmate laptops over security flaw
The Dutch Ministry of Justice and Security has confiscated over a hundred laptops from prisoners and inmates in secure psychiatric units due to a security vulnerability.
Read more about Prisons seize inmate laptops over security flaw
Hack exposed kids’ data, Swedish sports software firm fined €565K
SportAdmin, a Swedish software supplier to sports clubs, has been fined €565,000 for failing to provide an appropriate level of security to protect personal data.
Read more about Hack exposed kids’ data, Swedish sports software firm fined €565K
Germany’s Bundesbank sees 5,000 cyber attacks per minute
The bank is under a relentless digital storm, with cyberattacks coming in by the millisecond. Officials call the situation “never-ending” and vow to counterstrike.
Read more about Germany’s Bundesbank sees 5,000 cyber attacks per minute
Hilton pulled into Cl0p’s dark‑web hit list: hotel giant denies
A notorious ransomware gang has claimed it has a new trophy. This time, it’s Hilton.
Read more about Hilton pulled into Cl0p’s dark‑web hit list: hotel giant denies
Encryption illusion: Microsoft shared keys with FBI, leaving user data vulnerable
Last year, Microsoft handed over encryption keys for its hard drive encryption software BitLocker to the FBI. The company says it simply complied with a search warrant related to a fraud investigation in Guam, but the news has raised alarm among the cybersecurity community.
Read more about Encryption illusion: Microsoft shared keys with FBI, leaving user data vulnerable
Nike data breach: Hackers post company data, but what do we know so far?
Attackers have leaked 1.4TB of what they claim is Nike data, including nearly 190,000 unique files. The Cybernews research team believes the data could be legitimate.
Read more about Nike data breach: Hackers post company data, but what do we know so far?
India hit by China-linked phishing campaign, unleashes malware to create long-term spy backdoor
A newly-uncovered espionage campaign aimed at targeted individuals is using phishing emails that impersonate the Government of India.
Read more about India hit by China-linked phishing campaign, unleashes malware to create long-term spy backdoor
Cybercrooks are now creating live, personalized phishing pages in real time
At first glance, it’s a normal and harmless webpage, but it’s able to transform into a phishing site after a user has already loaded it. In a matter of a few seconds, AI carefully crafts a landing page specifically for the victim, thus turning it into an online crime scene.
Read more about Cybercrooks are now creating live, personalized phishing pages in real time
