Security
iPhone thieves are using this trick to unlock devices: beware of fake “Find My” messages
People who have lost their iPhones are receiving fake text messages claiming that their device has been found abroad. The false hope is leading to the removal of Activation Lock and compromised Apple ID credentials, Swiss authorities warn.
Read more about iPhone thieves are using this trick to unlock devices: beware of fake “Find My” messages
I wanted a cloud at home, but AI assistants kept sabotaging my efforts
I just wanted to make my home network simpler and more secure – use nice domain names and the encrypted TLS (Transport Layer Security) protocol for my services instead of plain text HTTP.
Read more about I wanted a cloud at home, but AI assistants kept sabotaging my efforts
State-sponsored hackers named as culprits in SonicWall cyber hit
SonicWall, a major VPN, firewall, and other network security solutions provider, has formally blamed state-sponsored threat actors for the September security breach, when all firewall cloud backups belonging to customers were illegally accessed.
Read more about State-sponsored hackers named as culprits in SonicWall cyber hit
Claude Desktop users in danger: any question can lead to complete compromise
AI chatbot apps can be tricked by malicious websites into fetching and running malware on user devices. A massive security oversight has been discovered in Claude Desktop.
Read more about Claude Desktop users in danger: any question can lead to complete compromise
Belgium convenes National Security Council due to various drone sightings at airports and military bases
Belgium’s National Security Council will meet on Thursday to discuss several incidents involving drones crossing airspace at airports and military bases.
Read more about Belgium convenes National Security Council due to various drone sightings at airports and military bases
Crooks now using AI to generate convincing pharmaceutical scams
Scammers are now impersonating licensed physicians and medical clinics to promote counterfeit or unsafe medications. They frequently leverage AI and deepfake technology to generate convincing fake photos, videos, and endorsements, putting people’s lives at risk.
Read more about Crooks now using AI to generate convincing pharmaceutical scams
Third-party leak exposes Stanford Health Care staff details, passwords
Names, payroll data, hashed passwords, and thousands of other sensitive records belonging to Stanford Health Care’s staff were exposed after a third-party contractor, Perfectshift, left an unprotected database accessible to the public.
Read more about Third-party leak exposes Stanford Health Care staff details, passwords
Swiss bank’s data stolen in cyberattack, hackers claim
A notorious group of Russian hackers are claiming to be behind an attack on a Swiss international bank, allegedly stealing customer data and the bank’s source code.
Read more about Swiss bank’s data stolen in cyberattack, hackers claim
Russian hackers sneak a full Linux virtual machine inside Windows to run undetected
You can’t detect malware on Windows if it’s not running on Windows. Russian hackers are exploiting Microsoft’s Hyper-V virtualization feature to create a hidden Linux virtual machine within a target’s host, allowing them to covertly install secret implants on the victim's computer.
Read more about Russian hackers sneak a full Linux virtual machine inside Windows to run undetected
Attackers breach nuclear waste plant, allegedly stealing its entire database
Radon, a nuclear waste management plant operated by Russia’s nuclear energy behemoth Rosatom, allegedly had its systems breached with attackers stealing testing data and user information.
Read more about Attackers breach nuclear waste plant, allegedly stealing its entire database
Guess who’s getting rich off ransomware? The usual suspects
Ransomware victims paid an estimated $813 million in 2024, and nearly 40% of that amount went to actors in Russia, China, and North Korea, a new analysis has found.
Read more about Guess who’s getting rich off ransomware? The usual suspects
Rhysida exploits Microsoft certificates to infect Teams, Zoom, PuTTY
Rhysida is now taking advantage of users on Microsoft platforms to deliver malware, while abusing Microsoft code-signing certificates to make their files appear legitimate. The tech giant has revoked more than 200 certificates tied to the group, but researchers warn that the gang continues to find a way to slip past the cracks in security controls.
Read more about Rhysida exploits Microsoft certificates to infect Teams, Zoom, PuTTY
Hackers caught hiding malware instructions and data in OpenAI accounts
Hackers are exploiting OpenAI accounts to relay encrypted commands to compromised devices and store stolen data. A sophisticated new backdoor has been discovered that abuses public AI infrastructure.
Read more about Hackers caught hiding malware instructions and data in OpenAI accounts
Iconic Italian newspaper accidentally exposes its own readers
A decades-old newspaper has accidentally exposed its readers, leaving an unprotected database with millions of logs without a password.
Read more about Iconic Italian newspaper accidentally exposes its own readers
Google’s new reCAPTCHA only appears when a visitor is flagged as risky
Google is making reCAPTCHA – its free service for protecting sites from spam and abuse – a lot more intelligent. It can now distinguish between risky users, such as bots, and trustworthy ones, and give developers control over when to trigger the security guard.
Read more about Google’s new reCAPTCHA only appears when a visitor is flagged as risky
Hackers leak alleged US gas station memos threatening staff
Super Quik, a US regional gas station chain, has been hit by Russia-linked attackers, who leaked security camera footage and a tranche of internal documents on the dark web.
Read more about Hackers leak alleged US gas station memos threatening staff
Ransomware gang cracks the whip on US horse gear giant
The cyber cartel has just added an unlikely victim to its growing hitlist – a California-based horse sport equipment giant.
Read more about Ransomware gang cracks the whip on US horse gear giant
Enterprises are ditching VMware for Proxmox, but forget to apply updates, security firm warns
Broadcom pricing hikes are triggering an exodus from VMware, with an open-source alternative, Proxmox, gaining serious traction within enterprise organizations. However, rushed migrations often result in outdated deployments, which have raised security concerns.
Read more about Enterprises are ditching VMware for Proxmox, but forget to apply updates, security firm warns
SIM farms expose weaknesses in telecom and authentication ecosystems
The recent crackdown on SIM farm networks in Europe has once again exposed deep flaws in telecom security and identity verification.
Read more about SIM farms expose weaknesses in telecom and authentication ecosystems
Norway discovers that its Chinese electric buses can be remotely disabled
Oslo’s public transportation agency, Ruter, decided to conduct a security audit of the city’s electric buses and found that the Chinese ones could be remotely disabled by their manufacturer. Security experts aren’t even surprised.
Read more about Norway discovers that its Chinese electric buses can be remotely disabled
