News
Microsoft reportedly cuts China's early access to bug disclosures, PoC exploit code
Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month's SharePoint zero-day attacks, which appear to be related to a leak in Redmond's early-bug-notification program.…
'Impersonation as a service' the next big thing in cybercrime
English speakers adept at social engineering are a hot commodity in the cybercrime job market.…
Honey, I shrunk the image and now I'm pwned
Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge for machine learning systems.…
Congressman proposes bringing back letters of marque for cyber privateers
It's been more than 200 years since the United States issued a letter of marque allowing privateers to attack the vessels of foreign nations, but those letters may return to empower cyber operators if a bill introduced in Congress actually manages to pass. …
Orange Belgium mega-breach exposes 850K customers to serious fraud
A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks.…
US cops wrap up RapperBot, one of world's biggest DDoS-for-hire rackets
RapperBot, a botnet-for-hire blamed for hundreds of thousands of DDoS attacks, has been yanked offline by the Feds, who also hauled in its alleged Oregon-based mastermind.…
Apple rushes out fix for active zero-day in iOS and macOS
Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.…
Colt changes tune, admits data theft as Warlock gang begins auction
A week after its services were disrupted by a cyberattack, UK telco Colt Technology Services has gone back on its initial statement to confirm that data has indeed been stolen.…