News

Cupertino already squashed 'em in more recent releases - which this week get a fresh round of fixes

Apple has delivered a big batch of OS updates, some of which belatedly patch older versions of its operating systems to address exploited-in-the-wild flaws the iGiant earlier fixed in more recent releases.…

With help from UK operatives, because it’s getting tougher to run the scam in the USA

North Korea’s scamming, thieving, and AI-abusing fake IT workers are increasingly targeting European employers.…

But his emails! Sharing them with Google!

Senior members of the US National Security Council, including the White House national security adviser Michael Waltz, have been accused of using their personal Gmail accounts to exchange sensitive information.…

Copilot told us that half a century is 25 years. It feels much longer

Microsoft will officially hit the half-century mark on Friday as the Windows giant turns 50 years old. What do you consider the highs and lows of the company's journey to dominance?…

The UK government must be thrilled

Google will soon offer end-to-end encrypted (E2EE) email for all users, even those who do not use Google Workspace, and says it'll do so without imposing any undue stress on IT admins.…

Tech secretary reveals landmark legislation's full details for first time

The UK's technology secretary revealed the full breadth of the government's Cyber Security and Resilience (CSR) Bill for the first time this morning, pledging £100,000 ($129,000) daily fines for failing to act against specific threats under consideration.…

Not exactly Snowden levels of skill

A student at Britain's top eavesdropping government agency has pleaded guilty to taking sensitive information home on the first day of his trial.…

Resurge an apt name for malware targeting hardware maker that has security bug after security bug

Owners of Ivanti’s Connect Secure, Policy Secure, and ZTA Gateway products have a new strain of malware to fend off, according to the US Cybersecurity and Infrastructure Security Agency, aka CISA.…

Indiana Uni rm -rf online profiles while agents haul boxes of evidence

A tenured computer security professor at Indiana University and his university-employed wife have not been seen publicly since federal agents raided their homes late last week.…

1990s incident response in 2025

Two Oracle data security breaches have been reported in the past week, and the database goliath not only remains reluctant to acknowledge the disasters publicly – it may be scrubbing the web of evidence, too.…

Explanation leaves a 'lot of questions unanswered,' says infosec researcher

A digital burglar is claiming to have nabbed a trove of "highly sensitive" data from Check Point - something the American-Israeli security biz claims is a huge exaggeration.…

Think AWS has security covered? Think again. Discover real-world examples of what it doesn’t secure and how to protect your environment

Advertorial  AWS customers might assume that security is taken care of for them - however, this is a dangerous misconception.…

PLUS: Indonesia crimps social media, allows iPhones; India claims rocket boost; In-flight GenAI for Japan Airlines

Asia In Brief  China last week commenced a crackdown on inappropriate collection and subsequent use of personal information.…

PLUS: OpenAI bumps bug bounties bigtime; INTERPOL arrests 300 alleged cyber-scammers; And more!

Infosec in brief  Oracle Health appears to have fallen victim to an info stealing attack that has led to patient data stored by American hospitals being plundered.…

Miscreants warming to Delphi, Haskell, and the like to evade detection

Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell.…

Department director admits Welsh capital's council still trying to get heads around threat of dark web leaks

Cardiff City Council's director of children's services says data was leaked or stolen from the organization, although she did not clarify how or what was pilfered.…

Single click on a phishing link in Google browser blew up sandbox on Windows

Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia.…

WOW! DID! SOMEONE! REALLY! STEAL! DATA! ON! 400K! USERS?!

A cyber-crime ring calling itself Arkana has made a cringe music video to boast of an alleged theft of subscriber account data from Colorado-based cableco WideOpenWest (literally, WOW!)…

Crew also cooked up two fresh SparrowDoor backdoor variants, says ESET

The China-aligned FamousSparrow crew has resurfaced after a long period of presumed inactivity, compromising a US financial-sector trade group and a Mexican research institute. The gang also likely targeted a governmental institution in Honduras, along with other yet-to-be-identified victims.…

Researchers say 'proactive' approach is needed to combat global cybercrime

Here's one you don't see every day: A cybersecurity vendor is admitting to breaking into a notorious ransomware crew's infrastructure and gathering data it relayed to national agencies to help victims.…