New attack can steal cryptocurrency by planting false memories in AI chatbots
Malicious “context manipulation” technique causes bot to send payments to attacker’s wallet.
DOGE software engineer’s computer infected by info-stealing malware
The presence of credentials in leaked “stealer logs” indicates his device was infected.
WhatsApp provides no cryptographic management for group messages
The weakness creates the possibility of an insider or hacker adding rogue members.
Jury orders NSO to pay $167 million for hacking WhatsApp users
The verdict is a major victory for opponents of exploit sellers.
Man pleads guilty to using malicious AI software to hack Disney employee
Fake image-generating app allowed man to download 1.1TB of Disney-owned data.
Hundreds of e-commerce sites hacked in supply-chain attack
Attack that started in April and remains ongoing runs malicious code on visitors’ devices.
Microsoft’s new “passwordless by default” is great but comes at a cost
The move is part of an industry-wide push for users to adopt passkeys.
Why MFA is getting easer to bypass and what to do about it
Why multifactor authentication based on one-time-passwords and push notifications fails.
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
Researchers say the behavior amounts to a persistent backdoor.
AI-generated code could be a disaster for the software supply chain. Here’s why.
LLM-produced code could make us much more vulnerable to supply-chain attacks.
iOS and Android juice jacking defenses have been trivial to bypass for years
New ChoiceJacking attack allows malicious chargers to steal data from phones.
FBI offers $10 million for information about Salt Typhoon members
FBI accepts tips by TOR in likely attempt to woo China-based informants.
New Android spyware is targeting Russian military personnel on the front lines
Trojanized mapping app steals users’ locations, contacts, and more.
That groan you hear is users’ reaction to Recall going back into Windows
Snapshotting and AI processing a screen every 3 seconds. What could possibly go wrong?
Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs
Even weirder: why would Google give so many the “Featured” stamp for trustworthiness?
OpenAI helps spammers plaster 80,000 sites with messages that bypassed filters
Company didn’t notice its chatbot was being abused for (at least) 4 months.
“The girl should be calling men.” Leak exposes Black Basta’s influence tactics.
Disclosure of tactics, techniques, and procedures provides rare glimpse into secretive group.
NSA warns “fast flux” threatens national security. What is fast flux anyway?
Used by nation-states and crime groups, fast flux bypasses many common defenses.
Google unveils end-to-end messages for Gmail. Only thing is: It’s not true E2EE.
Yes, encryption/decryption occurs on end-user devices, but there’s a catch.
Oracle has reportedly suffered 2 separate breaches exposing thousands of customers‘ PII
Alleged breaches affect Oracle Cloud and Oracle Health.
Gemini hackers can deliver more potent attacks with a helping hand from… Gemini
Hacking LLMs has always been more art than science. A new attack on Gemini could change that.
Large enterprises scramble after supply-chain attack spills their secrets
tj-actions/changed-files, corrupted to run credential-stealing memory scraper.
Android apps laced with North Korean spyware found in Google Play
Google’s Firebase platform also hosted configuration settings used by the apps.
Apple patches 0-day exploited in “extremely sophisticated attack”
0-day exploited by maliciously crafted web content to break out of security sandbox.
Nearly 1 million Windows devices targeted in advanced “malvertising” spree
Malware stole login credentials, cryptocurrency, and more from infected machines.
Recent Posts
- The trillion-dollar question: Who pays when the industry’s AI bill comes due?
- What is enterprise architecture? A framework for transformation
- En 2030, las empresas gastarán más en inteligencia terrestre que los gobiernos y los cuerpos militares juntos
- How Danyel Bischof-Forsyth mapped her award-winning CIO journey
- This is the easiest drone I’ve ever flown – and it’s not even close
Recent Comments
No comments to show.