Security
Dutch teens detained over alleged WiFi sniffing for Russia
Police in the Netherlands arrested two 17-year-olds last week over allegations that they were spying on the headquarters of European law enforcement agencies after being recruited by Russian intelligence.
Read more about Dutch teens detained over alleged WiFi sniffing for Russia
Meta AI chatbot outsmarted to instruct on incendiary device making
Meta’s personal assistant, which is integrated into Messenger, WhatsApp, Instagram, and other apps, can sometimes be too helpful, researchers have discovered. For example, the Llama 4-based chatbot was easily tricked into providing instructions on making a Molotov cocktail.
Read more about Meta AI chatbot outsmarted to instruct on incendiary device making
Chinese drone maker DJI loses appeal to get off Pentagon blacklist
A US federal judge has rebuffed drone maker DJI’s efforts to be removed from a Department of Defense list of Chinese military companies. The firm claims it’s not owned or controlled by the Chinese military.
Read more about Chinese drone maker DJI loses appeal to get off Pentagon blacklist
Was Medusa's claim on cable giant a PR stunt? Demanding $1.2 million for data likely belonging to another company
Notorious ransomware gang Medusa posted ransom demands of $1.2 million, extorting a multinational mass media, telecommunications, and entertainment conglomerate. There’s just one problem: the alleged victim doesn’t recognize the data.
Read more about Was Medusa's claim on cable giant a PR stunt? Demanding $1.2 million for data likely belonging to another company
Your questions, answered by Cybernews: Why do we still need CAPTCHAs?
Clicking Google CAPTCHA images can sometimes feel pointless. But are there other ways to secure your accounts from brute force attacks? Each week, our team selects one pressing and common reader issue and deconstructs it to help you stay safe online.
Read more about Your questions, answered by Cybernews: Why do we still need CAPTCHAs?
Fake farewells from Scattered LAPSUS$ hunters: gangs likely plotting new attacks
A short-lived hacker conglomerate uniting LAPSUS$, ShinyHunters, and Scattered Spider, responsible for breaching numerous companies through major platforms like Salesforce, abruptly announced its retirement. Security researchers from Resecurity warn that the farewell is likely a smokescreen: once the hackers regroup after recent arrests, they can launch fresh waves of attacks.
Read more about Fake farewells from Scattered LAPSUS$ hunters: gangs likely plotting new attacks
Your questions, answered by Cybernews: Why your weak passwords is Google’s problem too
Why is your weak password Google's problem too? Or why the platforms keep on insisting on a strong password while you might not care? Each week, our team selects one pressing and common reader issue and deconstructs it to help you stay safe online.
Read more about Your questions, answered by Cybernews: Why your weak passwords is Google’s problem too
Multiple Cisco zero-day vulnerabilities trigger "urgent" mass patching, CISA warns
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning of three previously unknown CISCO vulnerabilities being exploited in the wild, releasing an emergency directive on Thursday to patch affected devices in the next 24 hours.
Read more about Multiple Cisco zero-day vulnerabilities trigger "urgent" mass patching, CISA warns
Data leak puts 10% of Texas truckers in danger
A massive data leak from a driver compliance platform has exposed personal documents belonging to over ten thousand Texas truckers, including drug tests and other sensitive information.
Read more about Data leak puts 10% of Texas truckers in danger
Russia-linked hackers claim Port of Baltimore operator
The Maryland Department of Transportation (MDOT), which operates one of the largest ports in the USA, was breached by a Russia-linked hacking group, with attackers posting personal data as proof.
Read more about Russia-linked hackers claim Port of Baltimore operator
Fake Malwarebytes, LastPass, and dozens of other malware-containing apps found on GitHub
Malwarebytes has warned users to be wary of fake versions of legitimate software being disseminated on GitHub. Dozens of apps were found impersonating popular brands like password managers, Audacity, Dropbox, and others, to lure victims into downloading and running malware themselves.
Read more about Fake Malwarebytes, LastPass, and dozens of other malware-containing apps found on GitHub
Scammers are blackmailing Dutch companies with fake reviews on Google
Dutch business owners are being bombarded with fake online reviews. Then they receive a message from a foreign number: pay up to have the negative reviews removed, or more will appear online.
Read more about Scammers are blackmailing Dutch companies with fake reviews on Google
The evolution of Hacker9: from hacking blog to cybersecurity hub
In the ever-changing world of cybersecurity, few platforms have managed to balance technical depth with everyday accessibility as effectively as...
Read more about The evolution of Hacker9: from hacking blog to cybersecurity hub
US Senators demand Tinder parent Match Group reveal how it protects users from dating scams
Match Group, the parent company of a portfolio of popular online dating apps, including Tinder and Hinge, is being called on by US lawmakers to prove that the company has adequate user protections against romance scams and dating fraud.
Read more about US Senators demand Tinder parent Match Group reveal how it protects users from dating scams
Law offices, tech firms targeted in new “BRICKSTORM” Chinese espionage campaign
BRICKSTORM, a new “highly evasive” malware campaign linked to Beijing, has been targeting the legal services and technology sectors for more than a year, according to new research published by Google’s Mandiant on Wednesday.
Read more about Law offices, tech firms targeted in new “BRICKSTORM” Chinese espionage campaign
CISA, GitHub take action after massive NPM supply chain compromise
After a massive supply-chain compromise of over 500 NPM packages, the US cybersecurity watchdog has released an alert urging organizations to check for potential malicious leftovers and compromised credentials. GitHub is enforcing stricter authentication for publishing packages.
Read more about CISA, GitHub take action after massive NPM supply chain compromise
Hackers claim German aviation firm, leak customer data
A cybercriminal cartel has claimed FAI Aviation Group, a German charter operator. The attackers say they’ve accessed a trove of sensitive data, ranging from company details to medical information.
Read more about Hackers claim German aviation firm, leak customer data
iPhone security settings: finding the sweet spot between safe and sane
When you buy a door, it ships unlocked by default. An iPhone is no different. It's up to the user to decide how much protection they actually want. Complete security is impossible, even if you ditch smartphones for curl commands on Kali Linux virtual machines. Here's what I do to harden my device without losing my sanity – at least, not all of it.
Read more about iPhone security settings: finding the sweet spot between safe and sane
App built to report Kirk’s critics outs its own users
The app built to “expose” Charlie Kirk’s critics ended up exposing its own users instead.
Read more about App built to report Kirk’s critics outs its own users
US Secret Service dismantles “imminent” nation-state threat targeting NYC telecom infrastructure
The US Secret Service on Tuesday said it has dismantled a massive nation-state threat campaign targeting senior US officials with more than 100,000 hidden networking devices aimed at disrupting New York City’s telecommunications infrastructure.
Read more about US Secret Service dismantles “imminent” nation-state threat targeting NYC telecom infrastructure
