Security
OpenAI expands Daybreak – but experts warn it may find bugs faster than defenders can fix them
OpenAI on Tuesday announced the expansion of its AI-powered cybersecurity initiative, Daybreak – but experts are now warning Cybernews that fixing software flaws before hackers can exploit them may become the industry's biggest challenge.
Read more about OpenAI expands Daybreak – but experts warn it may find bugs faster than defenders can fix them
Hacker employs Claude to breach booking firms, leaves millions of records publicly accessible
A Russian hacker utilized HexStrike AI, combined with Anthropic's Claude, to steal data from numerous companies in the accommodation sector, our research team has found.
Read more about Hacker employs Claude to breach booking firms, leaves millions of records publicly accessible
Critical FFmpeg flaw discovered: just watching a video can fully compromise your system
Open a sketchy video file in VLC, stream it using Jellyfin or Kodi, or don’t even open it at all – simply storing it can get you compromised when the Linux file manager generates a thumbnail. A critical bug in FFmpeg, a massively popular open-source video processing engine, allows attackers to crash systems with ease and, in the worst cases, run malicious code.
Read more about Critical FFmpeg flaw discovered: just watching a video can fully compromise your system
Man tries to make a sale on Facebook Marketplace, gets scammed out of $300 via Zelle
After sharing his story on TikTok, the man didn’t receive much sympathy from other users. But why not?
Read more about Man tries to make a sale on Facebook Marketplace, gets scammed out of $300 via Zelle
Belgian State Security hit by data breach, employee data potentially exposed
Between May 2025 and Spring 2026, the Belgian State Security was the victim of a cyberattack in which employee data may have been stolen.
Read more about Belgian State Security hit by data breach, employee data potentially exposed
North Korean hackers infiltrated software used to build AI apps, Microsoft says
The recent supply chain attack on Mastra npm packages has been attributed to a financially motivated North Korean hacking group called Sapphire Sleet.
Read more about North Korean hackers infiltrated software used to build AI apps, Microsoft says
Hackers dump 200,000 alleged secret Apple, Tesla files after Tata Electronics breach
Tata Electronics has confirmed a “cybersecurity incident” after the World Leaks ransomware group published more than 200,000 files allegedly tied to Apple and Tesla, including manufacturing records, technical drawings, and employee passport scans.
Read more about Hackers dump 200,000 alleged secret Apple, Tesla files after Tata Electronics breach
Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
If you received an email with a link to register for an extra day off, would you click it? For a brief moment, exhausted healthcare workers thought their employer was finally rewarding them, only for the promised holiday to turn out to be a phishing test to see if they fell for it.
Read more about Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
Major GNU software repository Savannah fixes 2-year flaw that left the platform exposed
GNU Savannah, a major platform for developing and distributing free software, said it had patched exploitable flaws that left it vulnerable for roughly 2 years.
Read more about Major GNU software repository Savannah fixes 2-year flaw that left the platform exposed
Massive security flaw discovered in popular SSH library libssh2
Two critical vulnerabilities affect libssh2, a widely used SSH library that may be embedded in millions of systems worldwide. Hackers can target exposed vulnerable instances remotely without any privileges or user interaction.
Read more about Massive security flaw discovered in popular SSH library libssh2
Texas vendor breach exposes personal data of more than 3 million people
A data breach involving a vendor used by the Texas Parks and Wildlife Department (TPWD) has exposed the personal information of more than 3 million people, according to state officials. The compromised data may include names, addresses, and government-issued ID details such as driver’s license numbers.
Read more about Texas vendor breach exposes personal data of more than 3 million people
Critical unfixable vulnerability allows hackers to take over iPhone XS, XR, 11, and older iPad devices
iPhone XS, XR, and 11, some older iPads, and other Apple devices are vulnerable to an unpatchable low-level hardware bug in the USB controller that allows physical hackers to completely take over devices, warns a report by Paradigm Shift.
Read more about Critical unfixable vulnerability allows hackers to take over iPhone XS, XR, 11, and older iPad devices
5.5 million records tied to Canada Life are allegedly for sale
A threat actor claims to be selling a massive Canada Life database containing more than 5.5 million records on a cybercrime forum, allegedly putting customers of the biggest Canadian insurance company at risk.
Read more about 5.5 million records tied to Canada Life are allegedly for sale
Hackers are selling what appears to be ENI France customer data
An alleged customer database linked to the French branch of ENI, an Italian multinational energy company, has surfaced on a cybercrime forum. Hackers claim that the breach exposes business account information of government agencies, universities, hotels, and private companies across France.
Read more about Hackers are selling what appears to be ENI France customer data
Frontier Airlines left passenger data exposed for more than 100 days, ethical hacker says
A Frontier Airlines security flaw allegedly exposed passengers' passport numbers, home addresses, TSA PreCheck identifiers, and payment details using information printed on a standard boarding pass.
Read more about Frontier Airlines left passenger data exposed for more than 100 days, ethical hacker says
What happens when you delete a file?
If you keep thinking about what happens to your files when you delete them, whether they are gone for good...
Read more about What happens when you delete a file?
White House delays release of report on voting machine vulnerabilities ahead of US midterms
White House officials have for months delayed the release of a US government report that outlines what it describes as significant vulnerabilities in the nation's voting machines ahead of the November midterms, according to three sources familiar with the matter.
Read more about White House delays release of report on voting machine vulnerabilities ahead of US midterms
Google thanks researcher for finding major flaw but doesn’t fix it and pays no reward
Researcher and cloud bug hunter Justin O’Leary says he found and reported a major flaw to Google but the tech giant, after initially praising the engineer, then changed course, told him there’s no vulnerability and that he wouldn’t be paid. The flaw is still active.
Read more about Google thanks researcher for finding major flaw but doesn’t fix it and pays no reward
10,000 malicious GitHub repos detected: AI agents compromising their owners
Developers on GitHub are finding their projects cloned by the thousands. Hackers slip trojans into fake repos and wait for a sleepy developer or a gullible AI agent to download one. So far, 10,000 repositories have been flagged, and GitHub is actively removing them.
Read more about 10,000 malicious GitHub repos detected: AI agents compromising their owners
One woman’s chilling story of being robbed via Uber Eats: customers basically provide a map
Soggy fries might not be the worst thing to come with your food delivery.
Read more about One woman’s chilling story of being robbed via Uber Eats: customers basically provide a map
