FBI raids home of prominent computer scientist who has gone incommunicado
Indiana University quietly removes profile of tenured professor and refuses to say why.
Dan Goodin
–
|
403
Security
Oracle has reportedly suffered 2 separate breaches exposing thousands of customers‘ PII
Alleged breaches affect Oracle Cloud and Oracle Health.
Dan Goodin
–
|
54
Gemini hackers can deliver more potent attacks with a helping hand from… Gemini
Hacking LLMs has always been more art than science. A new attack on Gemini could change that.
Dan Goodin
–
|
36
CEO of AI ad-tech firm pledging “world free of fraud” sentenced for fraud
Prosecutors: Firm offering "300% more" fraud detection oversold revenue by 700%.
Kevin Purdy
–
|
56
Large enterprises scramble after supply-chain attack spills their secrets
tj-actions/changed-files corrupted to run credential-stealing memory scraper.
Dan Goodin
–
|
84
Android apps laced with North Korean spyware found in Google Play
Google's Firebase platform also hosted configuration settings used by the apps.
Dan Goodin
–
|
23
Apple patches 0-day exploited in “extremely sophisticated attack”
0-day exploited by maliciously crafted web content to break out of security sandbox.
Dan Goodin
–
|
65
Nearly 1 million Windows devices targeted in advanced “malvertising” spree
Malware stole login credentials, cryptocurrency, and more from infected machines.
Dan Goodin
–
|
55
Most Read
Massive botnet that appeared overnight is delivering record-size DDoSes
Eleven11bot infects video recorders, with the largest concentration of them in the US.
Dan Goodin
–
|
60
Threat posed by new VMware hyperjacking vulnerabilities is hard to overstate
Just one compromised VM can make all other VMs on that hypervisor sitting ducks.
Dan Goodin
–
|
37
Serbian student’s Android phone compromised by exploit from Cellebrite
Android users who haven't installed Google's February patch batch should do so ASAP.
Dan Goodin
–
|
50
Copilot exposes private GitHub pages, some removed by Microsoft
Repositories, once set to public and later to private, still accessible through Copilot.
Dan Goodin
–
|
64
Google Password Manager finally syncs to iOS—here’s how
Chrome for iOS no longer syncs solely to iCloud.
Dan Goodin
–
|
38
How North Korea pulled off a $1.5 billion crypto heist—the biggest in history
Attack on Bybit didn't hack infrastructure or exploit smart contract code. So how did it work?
Dan Goodin
–
|
225
Leaked chat logs expose inner workings of secretive ransomware group
Researchers are poring over the data and feeding it into ChatGPT.
Dan Goodin
–
|
40
Notorious crooks broke into a company network in 48 minutes. Here’s how.
Report sheds new light on the tactics allowing attackers to move at breakneck speed.
Dan Goodin
–
|
40
Russia-aligned hackers are targeting Signal users with device-linking QR codes
Swapping QR codes in group invites and artillery targeting are latest ploys.
Kevin Purdy
–
|
43
Microsoft warns that the powerful XCSSET macOS malware is back with new tricks
XCSSET has been targeting Mac users since 2020.
Dan Goodin
–
|
28
X is reportedly blocking links to secure Signal contact pages
Signal has recently become a popular organizing tool among government workers.
Kevin Purdy
–
|
287
What is device code phishing, and why are Russian spies so successful at it?
Overlooked attack method has been used since last August in a rash of account takeovers.
Dan Goodin
–
|
27
Financially motivated hackers are helping their espionage counterparts and vice versa
Two players who mostly worked independently are increasingly collaborative.
Dan Goodin
–
|
21
Serial “swatter” behind 375 violent hoaxes targeted his own home to look like a victim
He now faces four years in federal prison.
Nate Anderson
–
|
213
New hack uses prompt injection to corrupt Gemini’s long-term memory
There's yet another way to inject malicious prompts into chatbots.
Dan Goodin
–
|
45
DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers
Apple's defenses that protect data from being sent in the clear are globally disabled.
Dan Goodin
–
|
107
Ransomware payments declined in 2024 despite massive. well-known hacks
Amount paid by victims to hackers declined by hundreds of millions of dollars.
Lily Hay Newman, wired.com
–
|
21
7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine
Vulnerability stripped MotW tag Windows uses to flag Internet-downloaded files.
Dan Goodin
–
|
41
Go Module Mirror served backdoor to devs for 3+ years
Supply chain attack targets developers using the Go programming language.
Dan Goodin
–
|
36
22-year-old math wiz indicted for alleged DeFI hack that stole $65M
22-year-old Andean Medjedovic of Canada could spend decades in prison if convicted.
Dan Goodin
–
|
88
Report: DeepSeek’s chat histories and internal data were publicly exposed
Wiz researchers found many similarities to OpenAI with their escalated access.
Kevin Purdy
–
|
45
Apple chips can be hacked to leak secrets from Gmail, iCloud, and more
Side channel gives unauthenticated remote attackers access they should never have.
Dan Goodin
–
|
83
Backdoor infecting VPNs used “magic packets” for stealth and security
J-Magic backdoor infected organizations in a wide array of industries.
Dan Goodin
–
|
36
Data breach hitting PowerSchool looks very, very bad
Schools are now notifying families their data has been stolen.
Dan Goodin
–
|
161
Researchers say new attack could take down the European power grid
Power grid in Central Europe uses unencrypted radio signals to add and shed loads.
Dan Goodin
–
|
63
Trump admin fires security board investigating Chinese hack of large ISPs
Dismantled Cyber Safety Review Board was investigating Salt Typhoon telecom hack.
Jon Brodkin
–
|
156
The Internet is (once again) awash with IoT botnets delivering record DDoSes
Bigger, badder DDoSes are flooding the Internet. Dismal IoT security is largely to blame.
Dan Goodin
–
|
50
Microsoft patches Windows to eliminate Secure Boot bypass threat
File that neutered Secure Boot passed Microsoft's internal review process.
Dan Goodin
–
|
36