News

Redmond says cheap virtual desktops powered a global wave of phishing and fraud

Microsoft has taken its cybercrime fight to the UK in its first major civil action outside the US, moving to shut down RedVDS, a virtual desktop service used to power phishing and fraud at global scale.…

Cold milk poured over 'spicy mode,' but it might not be enough to escape a huge fine

Ofcom is continuing with its investigation into X, despite the social media platform saying it will block Grok from digitally undressing people.…

EU-only ops, German subsidiaries, and a pinky promise your data won't end up in Uncle Sam's hands

Amid continued trade and geopolitical volatility between Europe and the US, Amazon Web Services is making its European Sovereign Cloud generally available today and plans to expand so-called Dedicated Local Zones.…

Cloud-native, 37 plugins … an attacker's dream

A brand-new Linux malware named VoidLink targets victims' cloud infrastructure with more than 30 plugins that allow attackers to perform a range of illicit activities, from silent reconnaissance and credential theft to lateral movement and container abuse. …

Three major GDPR violations, including a lack of basic security controls, lead to hefty dent in profits

The French data protection regulator, CNIL, today issued a collective €42 million ($48.9 million) fine to two French telecom companies for GDPR violations stemming from a data breach.…

New crooks on the block get crafty with blockchain to evade defenses

Researchers at Group-IB say the DeadLock ransomware operation is using blockchain-based anti-detection methods to evade defenders' attempts to analyze their tradecraft.…

Attack enters second day with major disruption to healthcare provision

Two hospitals in Belgium have cancelled surgeries and transferred critical patients to other facilities after shutting down servers following a cyberattack.…

Travel biz tells customers to change passwords beyond its own services

Eurail has confirmed customer information was stolen in a data breach, according to notification emails sent out this week.…

U-turn leaves questions on costs, funding, and benefits unanswered

The UK government has backed down from making digital ID mandatory for proof of a right to work in the country, adding to confusion over the scheme's cost and purpose.…

Endesa says payment info stolen after alleged crook boasted of 1 TB-plus haul

Spanish energy giant Endesa is warning customers about a data breach after a cybercrim claimed to have walked off with a vast cache of personal information allegedly tied to more than 20 million people.…

AI upstart also upscales its Labs to find the next frontier

The Python Software Foundation (PSF) has an extra $1.5 million heading its way, after AI upstart Anthropic entered into a partnership aimed at improving security in the Python ecosystem.…

First Patch Tuesday of 2026 goes big

Microsoft and Uncle Sam have warned that a Windows bug disclosed today is already under attack.…

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow remote attackers to hide malicious code in metadata. The code then executes automatically when a file containing the poisoned metadata is loaded.…

Forrester models slow, structural shift rather than sudden employment collapse

AI-pocalypse  AI and automation could wipe out 6.1 percent of jobs in the US by 2030 – equating to 10.4 million fewer positions that are held by humans today.…

33-year-old was under surveillance for some time before returning home from the UAE

Dutch police believe they have arrested a man behind the AVCheck online platform - a service used by cybercrims that Operation Endgame shuttered in May.…

Git server flaw that attackers have been abusing for months has now caught the attention of US cyber cops

CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the self-hosted Git service was added to its Known Exploited Vulnerabilities (KEV) catalog.…

AuraInspector automates the most common abuses and generates fixes for customers

Mandiant has released an open source tool to help Salesforce admins detect misconfigurations that could expose sensitive data.…

Dutchman fails to convince judges his trial was unfair because cops read his encrypted chats

A Dutch appeals court has kept a seven-year prison sentence in place for a man who hacked port IT systems with malware-stuffed USB sticks to help cocaine smugglers move containers, brushing off claims that police shouldn't have been reading his encrypted chats.…

Project Nightfall aims to deliver a UK-built long-range strike capability at speed

The British government is asking defense firms to rapidly produce a new ground-launched ballistic missile to aid Ukraine's fight against Russia - hardware that might also be adopted by UK's armed forces in future.…

Government is fed up with bad actors using digi-cash to fund dodgy deeds

India’s government has updated the regulations it imposes on cryptocurrency services providers, as part of its efforts to combat fraud, money laundering, and terrorism.…