Chrome will keep third-party cookies, a win for web giant's ad rivals After six years of work, Google's Privacy Sandbox, technology for delivering ads while protecting privacy, looks like dust in the wind.... [...]

Erlang? Er, man, no problem. ChatGPT, Claude to go from flaw disclosure to actual attack code in hours The time from vulnerability disclosure to proof-of-concept (PoC) exploit code can now be as short as a few hours, thanks to generative AI models.... [...]

Hallucinated package names fuel 'slopsquatting' The rise of LLM-powered code generation tools is reshaping how developers write software - and introducing new risks to the software supply chain in the process.... [...]

Lawsuit claims sick cyber-voyeurism went undetected for years, using hundreds of PCs, due to lax infosec A now-former pharmacist at the University of Maryland Medical Center (UMMC) has been accused of compromising the US healthcare organization's IT systems to ogle female clinicians using webcams at their workplace and at …

After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people's web browsing histories will get shut down in the forthcoming Chrome 136, released last Thursday to the Chrome beta channel.... [...]

Shape shifting technique described as menace to national security The US govt's Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks.... [...]

Shape shifting technique described as menace to national security The US govt's Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks.... [...]

Double-oh-sh... The name's not Bond. It's O'Brien - Keith O'Brien, now-former global payroll compliance manager at the Dublin, Ireland office of HR software-as-a-service maker Rippling.... [...]

1990s incident response in 2025 Two Oracle data security breaches have been reported in the past week, and the database goliath not only remains reluctant to acknowledge the disasters publicly – it may be scrubbing the web of evidence, too.... [...]

Miscreants warming to Delphi, Haskell, and the like to evade detection Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell.... [...]

Just an FYI, like Generative AI assistants packaged up as browser extensions harvest personal data with minimal safeguards, researchers warn.... [...]

Kari, OK, we'll see you in court An organization that bankrolls various internet security projects has asked a Washington DC court to prevent the Trump administration from cancelling its federal funding – and expressed fears that if the cash stops flowing, the tools it supports could become harder to access …

Kari, OK, we'll see you in court An organization that bankrolls various internet security projects has asked a Washington DC court to prevent the Trump administration from cancelling its federal funding – and expressed fears that if the cash stops flowing, the tools it supports could become harder to access …

Looking to sort through large volumes of security info? Redmond has your backend Microsoft's Security Copilot is getting some degree of agency, allowing the underlying AI model to interact more broadly with the company's security software to automate various tasks.... [...]

How to avoid another SolarWinds, Log4j, and XZ Utils situation Organizations concerned about software supply chain attacks should focus on role-based access control, system monitoring, and boundary protection, according to a new preprint paper on the topic.... [...]

One more time, with feeling... Garbage in, garbage out Researchers have found that large language models (LLMs) tend to parrot buggy code when tasked with completing flawed snippets.... [...]

Nothing like an OpenAI-powered agent leaking data or getting confused over what someone else whispered to it AI models with memory aim to enhance user interactions by recalling past engagements. However, this feature opens the door to manipulation.... [...]

Study finds 4 out of 6 providers don't do enough to stop impersonation Four out of six companies offering AI voice cloning software fail to provide meaningful safeguards against the misuse of their products, according to research conducted by Consumer Reports.... [...]

Likening memory safety bugs to smallpox may not soothe sensitive C coders Rust is alive and well in the Linux kernel and is expected to translate into noticeable benefits shortly, though its integration with the largely C-oriented codebase still looks uneasy.... [...]

iPhone giant compartmentalizes OS for the sake of security Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called "exclaves."... [...]

iPhone giant compartmentalizes OS for the sake of security Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called "exclaves."... [...]

Bjarne Stroustrup says standards committee needs to show it can respond to memory safety push Bjarne Stroustrup, creator of C++, has issued a call for the C++ community to defend the programming language, which has been shunned by cybersecurity agencies and technical experts in recent years for its memory …

Model was fine-tuned to write vulnerable software – then suggested enslaving humanity Updated Computer scientists have found that fine-tuning notionally safe large language models to do one thing badly can negatively impact the AI’s output across a range of topics.... [...]

Nobody wants memory bugs. Penguinistas continue debate on how to squish 'em Some Linux kernel maintainers remain unconvinced that adding Rust code to the open source project is a good idea, but its VIPs are coming out in support of the language's integration.... [...]

Rustaceans could just wait for unwelcoming C coders to slowly SIGQUIT... The Rust for Linux project is alive and well, despite suggestions to the contrary, even if not every Linux kernel maintainer is an ally.... [...]