Security
White House delays release of report on voting machine vulnerabilities ahead of US midterms
White House officials have for months delayed the release of a US government report that outlines what it describes as significant vulnerabilities in the nation's voting machines ahead of the November midterms, according to three sources familiar with the matter.
Read more about White House delays release of report on voting machine vulnerabilities ahead of US midterms
Google thanks researcher for finding major flaw but doesn’t fix it and pays no reward
Researcher and cloud bug hunter Justin O’Leary says he found and reported a major flaw to Google but the tech giant, after initially praising the engineer, then changed course, told him there’s no vulnerability and that he wouldn’t be paid. The flaw is still active.
Read more about Google thanks researcher for finding major flaw but doesn’t fix it and pays no reward
10,000 malicious GitHub repos detected: AI agents compromising their owners
Developers on GitHub are finding their projects cloned by the thousands. Hackers slip trojans into fake repos and wait for a sleepy developer or a gullible AI agent to download one. So far, 10,000 repositories have been flagged, and GitHub is actively removing them.
Read more about 10,000 malicious GitHub repos detected: AI agents compromising their owners
One woman’s chilling story of being robbed via Uber Eats: customers basically provide a map
Soggy fries might not be the worst thing to come with your food delivery.
Read more about One woman’s chilling story of being robbed via Uber Eats: customers basically provide a map
Google cracks down on unrestricted API keys to stop Gemini billing hackers
Google Cloud is implementing changes to better protect Gemini users from unauthorized API key abuse. Starting June 19th, 2026, the Gemini API will reject requests from unrestricted standard keys.
Read more about Google cracks down on unrestricted API keys to stop Gemini billing hackers
Amazon’s company hit by data breach claims: hackers issue last warning
One Medical, Amazon's healthcare bet, has just landed in the crosshairs of one of the internet's most prolific extortion gangs, which claims to have stolen 8.8TB of data from the company.
Read more about Amazon’s company hit by data breach claims: hackers issue last warning
Bulgarian licenses enabled EU surveillance exports to repressive regimes
Bulgarian licenses cleared the way for surveillance company Circles to legally export its tech to countries accused of spying on journalists, activists, and crack down on dissent, according to a report by Human Rights Watch. Clients included intelligence services, military and police bodies, regional governments, and private companies.
Read more about Bulgarian licenses enabled EU surveillance exports to repressive regimes
Over 140 Mastra npm packages compromised in supply chain attack
On June 17th, an attacker compromised 141 Mastra npm packages, infecting them with malware.
Read more about Over 140 Mastra npm packages compromised in supply chain attack
Fortinet VPN and firewall devices hit by sweeping cyber campaign across 15+ countries, security researchers say
Researchers say a sweeping hacking campaign targeting devices made by Fortinet has led to compromises across the internet, with evidence of password theft at Fortune 500 companies and government agencies in more than 15 countries.
Read more about Fortinet VPN and firewall devices hit by sweeping cyber campaign across 15+ countries, security researchers say
Thousands hit by Vodafone Australia network disruption
Vodafone Australia said on Thursday that many customers experienced intermittent network issues after an outage at one of its network hubs, adding that the problem had been resolved and services were being progressively restored.
Read more about Thousands hit by Vodafone Australia network disruption
Hackers build database of 30,000 working Fortinet logins, researchers warn
Hackers have built an illicit database containing more than 30,000 verified Fortinet logins from companies across 194 countries, new research finds – all part of a massive credential-harvesting operation targeting Fortinet firewalls and VPN gateways.
Read more about Hackers build database of 30,000 working Fortinet logins, researchers warn
Researcher found a way to hijack FIFA World Cup streams but didn't touch it
A security researcher stumbled into the digital control room of the FIFA World Cup, revealing just how vulnerable the systems of the world’s biggest football event are.
Read more about Researcher found a way to hijack FIFA World Cup streams but didn't touch it
24 billion records, including usernames and passwords, exposed in colossal data leak: What does that mean for you?
Cybernews researchers discovered an exposed database containing 24 billion records, including usernames, email addresses, plaintext passwords, and login URLs.
Read more about 24 billion records, including usernames and passwords, exposed in colossal data leak: What does that mean for you?
Novo Nordisk hackers turn to private sale after Ozempic maker refuses $25M ransom demand
FulcrumSec, the hackers behind Novo Nordisk's recent cyberattack, claim the GLP-1 drugmaker refused a $25 million ransom demand and say they are now “exploring private sales” of 1.3TB of allegedly stolen data.
Read more about Novo Nordisk hackers turn to private sale after Ozempic maker refuses $25M ransom demand
Hetzner shocks users with tripling of VPS prices
Major cloud hosting provider Hetzner has sharply raised prices across its virtual server portfolio for the second time this year. The cheapest VPS (virtual private server) plan in the US, with 2 shared virtual cores and 2GB of RAM, now costs $20.49 per month, up 193%.
Read more about Hetzner shocks users with tripling of VPS prices
More than 40 World Cup streaming sites caught pushing scam ad networks
World Cup fans who need to catch up with part or all of a match on the go, or who are trying to access coverage outside their home territory, are being warned about sites pushing free streams of live matches, as many are in the business of serving scams.
Read more about More than 40 World Cup streaming sites caught pushing scam ad networks
Hackers boast of data dump involving 5.4 million Swedes, but there’s a catch
More than 5 million Swedes have allegedly been included in a newly advertised list on hacker forums, putting them at risk. If the dump is legitimate, of course.
Read more about Hackers boast of data dump involving 5.4 million Swedes, but there’s a catch
Does the jailbreak that got Anthropic’s Fable 5 pulled exist in every AI model?
After the US government slapped export controls on Anthropic, the company had no choice but to close access to Fable 5 and Mythos to everyone. But experts who saw the fateful vulnerability report allegedly describing how to bypass Fable 5’s guardrails now say the administration has massively overreacted because the jailbreak actually describes every model ever shipped.
Read more about Does the jailbreak that got Anthropic’s Fable 5 pulled exist in every AI model?
“We hit the UK hard:” 9 million targeted in Boots gift scam hosted on hacked government website
Nearly 9 million people were targeted in a phishing campaign impersonating UK retail giant Boots, offering free gifts and customer rewards to steal personal and financial information from unsuspecting consumers.
Read more about “We hit the UK hard:” 9 million targeted in Boots gift scam hosted on hacked government website
If a blue dot shows up on your Android phone, Google is warning you that it knows your location
Android will add an additional privacy-related indicator. However, some users already find it annoying.
Read more about If a blue dot shows up on your Android phone, Google is warning you that it knows your location
