Security & Incidents
-
Russia's elite hacker group Sandworm adopts ClickFix technique
Security & Incidents Nation-state adoption of ClickFix signals the technique is maturing beyond cybercrime into advanced espionage operations.
-
Windows 0-day exploit drops on Microsoft's record patch day
Security & Incidents A recurring public zero-day pattern from one researcher signals ongoing gaps in Microsoft's vulnerability disclosure and patching process.
-
Secure Boot, broken for 13 of its 14 years, ESET reveals
Security & Incidents A decade-long gap in firmware signing revocation undermines a foundational PC security standard industry-wide.
-
Period Tracker Apps Under Fire for Privacy Violations
Security & Incidents Reproductive health data privacy is a critical legal and safety concern, especially post-Roe v. Wade.
-
TP-Link Kasa EC71 cameras leaked home GPS via UDP for 6 years
Security & Incidents IoT home cameras silently exposing GPS data underscores persistent authentication gaps in consumer smart-home devices.
-
LG monitors silently install software via Windows Update
Security & Incidents Highlights the risk of OEM software being silently deployed via trusted OS update channels.
-
Zoom name hack to resist AI transcription recording
Security & Incidents AI transcription adoption is accelerating, raising urgent consent, legal, and data-overload concerns across industries.
-
FBI Arrests Florida Man for Steam Malware Crypto Theft
Security & Incidents The case highlights the growing use of gaming platforms as vectors for large-scale crypto theft and malware distribution.
-
CISA Warns: Russian FSB Hackers Targeting Home and Office Routers
Security & Incidents State-sponsored router botnets are increasingly central to critical infrastructure attacks, making consumer device security a national security issue.
-
Defenders Use Prompt Injection to Stop AI Hacking Agents
Security & Incidents Context bombing signals a new defensive paradigm as AI-driven cyberattacks become increasingly automated and capable.
-
Coca-Cola's Fairlife Dairy Halts Production After Ransomware Attack
Security & Incidents Ransomware attacks on major food producers increasingly threaten supply chains and consumer goods availability.
-
NTSB: Fatal Texas Tesla crash driver floored accelerator at 100%
Security & Incidents The case raises ongoing questions about driver responsibility and oversight requirements for advanced driver assistance systems.
-
AI Voice Cloning Fraud: A $893M Crisis Outpacing All Defenses
Security & Incidents AI voice fraud has scaled from rare attacks to a $893M+ documented threat, exposing systemic gaps in consumer and institutional defenses.
-
AI Music Generator Suno Hacked, YouTube Scraping Alleged
Security & Incidents The breach intensifies legal and ethical scrutiny over AI companies' data sourcing practices amid ongoing copyright litigation.
-
Researcher Demos Claude Memory Exfiltration via Indirect Prompt Injection
Security & Incidents Highlights critical security risks in AI assistants that combine persistent memory with autonomous web-browsing agent capabilities.
-
Cursor IDE 0day: Malicious git.exe Auto-Executed, No Fix After 7 Months
Security & Incidents An unpatched auto-execution flaw in a 7M-user AI IDE poses significant supply chain and developer security risks.
-
YouTube and X Become 'Gateways' to Nudify Apps, Study Finds
Security & Incidents Mainstream platforms' role in distributing NCII-enabling tools highlights critical gaps in content policy enforcement around AI-generated explicit imagery.
-
Apple vs. OpenAI: Key Allegations in the Trade Secret Lawsuit
Security & Incidents The lawsuit directly challenges OpenAI's hardware ambitions and raises broad questions about IP protection in AI development.
-
PamStealer: New Stealthy macOS Infostealer Discovered
Security & Incidents PamStealer signals a clear evolution in Mac-targeted malware, adopting native APIs and local credential validation to reduce detection surface.
-
Apple sues OpenAI over alleged trade secret theft via zero-day bug
Security & Incidents The case spotlights critical risks of insider threats and access management gaps when employees transition to rival AI firms.
-
SFPD Drone Footage Leaked Online via Skydio Platform
Security & Incidents The leak reveals growing urban drone surveillance capabilities and the data security risks of cloud-connected law enforcement tools.
-
GhostLock: 15-Year Linux Kernel Stack-UAF Vulnerability Disclosed
Security & Incidents A 15-year-old, no-privilege Linux kernel UAF with a near-perfect exploit rate highlights systemic kernel security gaps across all major distributions.
-
CISA revealed it had no incident playbook during a May credential exposure
Security & Incidents The gap in CISA's own incident readiness raises questions about federal cybersecurity resilience amid ongoing workforce reductions.
-
Chromium 148+: Math.tanh now leaks the underlying OS via floating-point rounding
Security & Incidents A single JS math call can now silently expose OS identity, raising stakes for bot detection and browser privacy.
-
Shopping startup Phia accused of 'cookie stuffing' fraud
Security & Incidents The case highlights growing scrutiny of affiliate marketing practices used by well-funded consumer startups.
-
xAI Grok Build CLI Wire Analysis: Full Repo Uploaded to xAI Servers
Security & Incidents Undisclosed bulk code and secrets uploads by a major AI coding CLI raise significant enterprise privacy and security concerns.
-
AI Discovers 15-Year-Old Linux Root Bug Missed by Everyone
Security & Incidents Demonstrates AI's growing capability to find critical, long-dormant vulnerabilities in foundational open-source infrastructure.
-
AI scrapers still hammering the web via residential proxies
Security & Incidents Residential proxy abuse is making AI scraper mitigation structurally harder, threatening independent web publishers at scale.
-
AI browsers vulnerable to 'BioShocking' reality-distortion attack
Security & Incidents Demonstrates that AI browser safety guardrails can be bypassed via context manipulation, raising fundamental security concerns for the category.