The North Korean state-sponsored hackers known as Kimsuky has reportedly suffered a data breach after two hackers, who describe themselves as the opposite of Kimsuky's values, stole the group's data and leaked it publicly online. [...]
The Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach "critical organizations" in the country. [...]
Security teams often need to analyze potentially malicious files, binaries, or behaviors in a tightly controlled environment. While this has traditionally been done in on-premises sandboxes, the flexibility and scalability of AWS make it an attractive alternative for running such workloads. However, conducting malware analysis in the cloud brings …
A few weeks earlier 'zeroplayer' advertised an $80K WinRAR 0-day exploit Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.... [...]
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware payloads. [...]
The alleged perpetrators remain at large The US Department of Justice is trying to recoup around $1 million that three IT specialists secretly working for the North Korean government allegedly stole from a New York company.... [...]
The guest data of AWS customers running on the AWS Nitro System and Nitro Hypervisor is not at risk from a new attack dubbed “L1TF Reloaded.” No additional action is required by AWS customers; however, AWS continues to recommend that customers isolate their workloads using instance, enclave, or function …
The bad news? The machines, and their operators, are coming on fast Black Hat/DEF CON At the opening of Black Hat, the largest security shindig in the Hacker Summer Camp week ahead of DEF CON and BSides, the opening keynote speaker suggested the current state of AI slightly …
While AI can help empower defenders, it can also create new security challenges. Those two critical, interconnected themes are driving our announcements and presentations for this year's Google Cloud Security Summit. Join us live for Security Summit 2025 on August 19 to learn about the latest advancements in AI-powered …
But it can contest if it lands up in 'Category 1,' and the move hurts operations, says judge Wikipedia today lost a legal battle against the UK's tech secretary to tighten the criteria around the Online Safety Act 2023 (OSA), as it seeks to exclude itself from the strictest …
Native phishing turns trusted tools into attack delivery systems. Varonis shows how attackers weaponize Microsoft 365 apps, like OneNote & OneDrive, to send convincing internal lures and how to spot them before they spread. [...]
Cybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang's encryptors, allowing them to recover a victim's files for free without paying a ransom. [...]
Amid hints by president he may announce 100% tariffs on imported chips, semiconductors Intel boss Lip-Bu Tan reportedly has an appointment at the White House today, just days after President Donald Trump called for his resignation. The move comes as Intel's former CEO Craig Barrett weighs in on the …
By video, picture, and voice – the fakers are coming for your money DEF CON While AI was on everyone's lips in Las Vegas this week at the trio of security conferences in Sin City – BSides, Black Hat, AND DEF CON – there were a lot of people using the F-word …
The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks. [...]
Many core offerings now back in action, says retailer British retailer Marks and Spencer updated its website today, confirming its Click & Collect service is once again available to customers.... [...]
Fears around children is opening up a new market for automatic license place readers. [...]
Over 29,000 Exchange servers exposed online remain unpatched against a high-severity vulnerability that can let attackers move laterally in Microsoft cloud environments, potentially leading to complete domain compromise. [...]
And yes, that means (retch) catering to AI searchers The job market is queasy and since you're reading this, you need to upgrade your CV. It's going to require some work to game the poorly trained AIs now doing so much of the heavy lifting. I know you don't …
Connex, one of Connecticut's largest credit unions, warned tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June. [...]
PLUS: Crypto mixer founders plead guilty; Another French telco hacked; Meta fights WhatsApp scams; And more! Infosec In Brief A critical vulnerability in the on-prem version of Trend Micro's Apex One endpoint security platform is under active exploitation, the company admitted last week, and there's no patch available.... [...]
Google fixed a bug that allowed maliciously crafted Google Calendar invites to remotely take over Gemini agents running on the target's device and leak sensitive user data. [...]
Five pilot deployments are just a drop in the bucket, so it's time to turbo scale def con A DEF CON hacker walks into a small-town water facility...no, this is not the setup for a joke or a (super-geeky) odd-couple rom-com. It's a true story that happened at …
It turns out no one was clean on OPSEC DEF CON On Saturday at DEF CON, security boffin Micah Lee explained just how he hacked into TeleMessage, the supposedly secure messaging app used by White House officials, which in turn led to a massive database dump of their communications …
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. [...]
Sixty malicious Ruby gems containing credential-stealing code have been downloaded over 275,000 times since March 2023, targeting developer accounts. [...]
Two years ago, researchers in the Netherlands discovered an intentional backdoor in an encryption algorithm baked into radios used by critical infrastructure–as well as police, intelligence agencies, and military forces around the world–that made any communication secured with the algorithm vulnerable to eavesdropping. When the researchers publicly …
In a rare squid/security combined post, a new vulnerability was discovered in the Squid HTTP proxy server. [...]
A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius Kivimäki, a prolific Finnish hacker recently convicted of leaking tens of thousands of patient records from an online psychotherapy practice while attempting to extort …
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. [...]
In misinformation, Russia might be the top dog but the Chinese are coming warns former NSA boss DEF CON A cache of documents uncovered by Vanderbilt University has revealed disturbing details about how a Chinese company is building up a database of US politicians and influencers with whom to …
Dozens of porn sites are turning to a familiar source to generate likes on Facebook—malware that causes browsers to surreptitiously endorse the sites. This time, the sites are using a newer vehicle for sowing this malware—.svg image files. The Scalable Vector Graphics format is an open standard …
Americans aged 60 and older lost a staggering $700 million to online scams in 2024, marking a sharp rise in fraud targeting seniors, according to the Federal Trade Commission. [...]
The U.S. Federal Judiciary confirms that it suffered a cyberattack on its electronic case management systems hosting confidential court documents and is strengthening cybersecurity measures. [...]
Fun feature found in Debian 13: send your selected text to China – in plaintext As Trixie gets ready to début, a little-known app is hogging the limelight: StarDict, which sends whatever text you select, unencrypted, to servers in China.... [...]
Tells The Reg China's ability to p0wn Redmond's wares 'gives me a political aneurysm' Comment Roger Cressey served two US presidents as a senior cybersecurity and counter-terrorism advisor and currently worries he'll experience a "political aneurysm" due to Microsoft's many security messes.... [...]
Not a very smart home: crims could hijack smart-home boiler, open and close powered windows and more. Now fixed Black hat A trio of researchers has disclosed a major prompt injection vulnerability in Google's Gemini large language model-powered applications.... [...]
Google’s vulnerability finding team is again pushing the envelope of responsible disclosure: Google’s Project Zero team will retain its existing 90+30 policy regarding vulnerability disclosures, in which it provides vendors with 90 days before full disclosure takes place, with a 30-day period allowed for patch adoption …
Microsoft has announced that the Microsoft 365 apps for Windows will start blocking access to files via the insecure FPRPC legacy authentication protocol by default starting late August. [...]
Campaigners brand Home Office’s lack of transparency as ‘astonishing’ and ‘dangerous’ updated Privacy groups report a surge in UK police facial recognition scans of databases secretly stocked with passport photos lacking parliamentary oversight.... [...]
Posted by Jann Horn, Google Project Zero Introduction In early June, I was reviewing a new Linux kernel feature when I learned about the MSG_OOB feature supported by stream-oriented UNIX domain sockets. I reviewed the implementation of MSG_OOB, and discovered a security bug (CVE-2025-38236) affecting Linux >=6.9. I …
It's 'more than a temporary trend,' Decodo claims Amid the furor around surging VPN usage in the UK, many users are eyeing proxies as a potential alternative to the technology.... [...]
An unknown threat actor has stolen the sensitive personal, financial, and health information of nearly 870,000 Columbia University current and former students and employees after breaching the university's network in May. [...]
The U.S. Department of Homeland Security (DHS) says the cybercrime gang behind the Royal and BlackSuit ransomware operations had breached hundreds of U.S. companies before their infrastructure was dismantled last month. [...]
Will someone think of the deals politicians are making? Opinion You might think, since I write about tech all the time, my degrees are in computer science. Nope. I'm a bona fide, degreed historian, which is why I can say with confidence that the UK's recently passed Online Safety …
A pair of German researchers showed how easy it is Black Hat Four countries have now tested anti-satellite missiles (the US, China, Russia, and India), but it's much easier and cheaper just to hack them.... [...]
Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code that recursively deletes files on a developer's computers. [...]
Hello loophole could let a rogue admin, or a pwned one, inject new facial scans Black Hat Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business …
CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical Microsoft Exchange hybrid vulnerability tracked as CVE-2025-53786 by Monday morning at 9:00 AM ET. [...]
In June, Google said it unearthed a campaign that was mass-compromising accounts belonging to customers of Salesforce. The means: an attacker pretending to be someone in the customer's IT department feigning some sort of problem that required immediate access to the account. Two months later, Google has disclosed that …