News

Seemingly complex strings are actually highly predictable, crackable within hours

Generative AI tools are surprisingly poor at suggesting strong passwords, experts say.…

Miscreants will need to find another avenue for malware shenanigans

Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and effectively unexploitable."…

No worries if the US doesn't want to be friends with Europe anymore

Lockheed Martin's F-35 fighter aircraft can be jailbroken "just like an iPhone," the Netherlands' defense secretary has claimed.…

CEO lauds security researchers, insists they're not 'inputs'

HackerOne has clarified its stance on GenAI after researchers fretted their submissions were being used to train its models.…

Sees little enterprise AI adoption other than coding assistants, buys Koi for what comes next

If enterprises are implementing AI, they’re not showing it to Palo Alto Networks CEO Nikesh Arora, who on Tuesday said business adoption of the tech lags consumer take-up by at least a couple of years – except for coding assistants.…

Full scale of infections remains 'unknown'

China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It's all part of a long-running effort to backdoor infected machines for long-term access, according to Google's Mandiant incident response team.…

Plus 3 new goon squads targeted critical infrastructure last year

Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew - Volt Typhoon - continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025, according to Dragos' annual threat report published on Tuesday.…