Security
Fake DeepSeek ads spotted on Google: all you’ll find are malware infections
Clicking on sponsored results in a Google search can lead to a trojan infection and other scams. In the latest campaign, cybercriminals are impersonating DeepSeek, a popular artificial intelligence model, Malwarebytes researchers warn.
Read more about Fake DeepSeek ads spotted on Google: all you’ll find are malware infections
FacePass security lapse exposes users' identification data
FacePass, a Brazil-focused app used for identification purposes, has leaked over 1.6 million files.
Read more about FacePass security lapse exposes users' identification data
Chrome users under attack: dangerous zero-day discovered
Google has patched a dangerous zero-day vulnerability that has already been exploited by sophisticated threat actors in the wild. According to security researchers, Russian organizations were among the targets.
Read more about Chrome users under attack: dangerous zero-day discovered
Over 20% of commuting Americans say strangers peek at their devices in public
Significant amount of smartphone users involuntarely expose themselves to so-called shoulder surfing phenomenon.
Read more about Over 20% of commuting Americans say strangers peek at their devices in public
Signal head Meredith Whittaker defends messaging app's security after US war plan leak
The president of Signal Meredith Whittaker defended the messaging app's security on Tuesday after top Trump administration officials mistakenly included a journalist in an encrypted chatroom they used to discuss looming US military action against Yemen's Houthis.
Read more about Signal head Meredith Whittaker defends messaging app's security after US war plan leak
Data of 34M+ orders exposed in major Sydney Tools data leak
Sydney Tools, Australia’s Home Depot equivalent, has exposed data on tens of millions of online orders, revealing customer names, home addresses, and other details.
Read more about Data of 34M+ orders exposed in major Sydney Tools data leak
China-linked cybercriminals backdoor telecom provider in an espionage operation
A China-linked threat actor has secretly had access to a major telecom provider in Asia for years without leaving a trace.
Read more about China-linked cybercriminals backdoor telecom provider in an espionage operation
Troy Hunt has been pwned: phishers snatched 16,000 email addresses
Troy Hunt, a security consultant who runs the popular data-breach search service Have I Been Pwned, has disclosed that he’s the victim of a phishing attack that exposed the email addresses of 16,000 subscribers. Here’s what we can learn.
Read more about Troy Hunt has been pwned: phishers snatched 16,000 email addresses
Massive OPSEC oversight: top-secret Yemen war plans sent to journalist on Signal
Two hours before the first bombs started falling on Houthi targets across Yemen, Jeffrey Goldberg, editor-in-chief at the Atlantic, had been accidentally added to a secret Signal group with top Donald Trump cabinet members discussing the upcoming attacks.
Read more about Massive OPSEC oversight: top-secret Yemen war plans sent to journalist on Signal
Russian hackers shut down major Belgian websites
State-sponsored hackers from Russia have attacked several leading Belgian websites, including MyGov.be and the websites of the Walloon parliament and Wallonia-Brussels Federation.
Read more about Russian hackers shut down major Belgian websites
Unitree Go1 robot dogs can spy on you: secret backdoor discovered
Unitree Go1, a popular consumer-grade robot dog, contains a pre-installed and undocumented remote access tunnel service, security researchers at Berlin startup thinkAwesome GmbH have discovered.
Read more about Unitree Go1 robot dogs can spy on you: secret backdoor discovered
Canary tokens: threat hunting with digital trip wires
Canary tokens are digital "tripwires" that function like honeypots, designed to send a notification when triggered by a threat actor.
Read more about Canary tokens: threat hunting with digital trip wires
Ransomware hackers are desperate lying liars
Unlike usual Mondays, last Monday was fun – a manic Monday, I’d say. We woke up to our Ransomlooker, a tool exclusively developed by Cybernews to monitor the dark web, flashing like crazy.
Read more about Ransomware hackers are desperate lying liars
Massive Keenetic data leak uncovered: 1M households could be exposed
Users of Keenetic routers, mainly in Russia, have been exposed in a major data leak revealing sensitive credentials, device details, network configurations, and logs. With this information, hackers can directly connect and overtake affected networks. However, the vendor estimates the risk of fraudulent activity to be low.
Read more about Massive Keenetic data leak uncovered: 1M households could be exposed
Fake Meta support agent will steal your passwords
A new phishing campaign is targeting businesses using Meta ads. Attackers claim that your account was banned, but instead of fixing the problem, you get hacked.
Read more about Fake Meta support agent will steal your passwords
Rooting Android invites hackers: up to 3,000 times more vulnerable
A new report has revealed that rooted devices are orders of magnitude more vulnerable to various threats.
Read more about Rooting Android invites hackers: up to 3,000 times more vulnerable
Phishing campaign shifts focus to Macs after browsers enhance security on Windows
A phishing campaign, which initially targeted Windows users by masquerading as Microsoft security alerts, is now aiming at Mac users.
Read more about Phishing campaign shifts focus to Macs after browsers enhance security on Windows
Cybercrime karma: Babuk 2 ransomware steals from fellow crooks, makes fraudulent claims
Babuk 2 ransomware is making waves, claiming dozens of high-profile cyberattacks in a short time. Yet, other threat actors are accusing Babuk 2 of stealing their work, calling it a fraud. Evidence supports their claims and some security researchers seem to agree.
Read more about Cybercrime karma: Babuk 2 ransomware steals from fellow crooks, makes fraudulent claims
Top 10 secrets iOS apps leak without you knowing
Downloading an app should be safe. Unfortunately, this isn’t always the case. A Cybernews investigation found that 71% of iOS apps leak sensitive secrets, putting your data at risk.
Read more about Top 10 secrets iOS apps leak without you knowing
Better update now – a critical security flaw found in Apache Tomcat
A critical Apache Tomcat vulnerability puts companies and cloud platforms at risk, allowing attackers to alter files and execute malicious code.
Read more about Better update now – a critical security flaw found in Apache Tomcat
