Category: news

Archives

Newsnews

Coca-Cola Suspends Fairlife Dairy Production After Ransomware Attack

Coca-Cola halts Fairlife dairy operations in the U.S. following a ransomware attack affecting production systems....

Newsnews

Two 'Scattered Spider' Hackers Sentenced for £29 Million TfL Cyberattack

Two hackers, Owen Flowers and Thalha Jubair, have been sentenced to five and a half years for a 2024 cyberattack on Transport for London (TfL)....

Newsnews

OpenAI Unveils GPT-Red for Enhanced AI Security

OpenAI introduces GPT-Red, an AI tool to strengthen defenses against cyberattacks, while heat pumps surge in US sales despite tax credit expiration....

Newsnews

SonicWall Warns of Active Exploitation of Two Zero-Day Vulnerabilities in SMA 1000 Series

SonicWall warns of active exploitation of two zero-day vulnerabilities in SMA 1000 series appliances, urging immediate patching....

Newsnews

Microsoft Patches Record 622 Flaws in July Patch Tuesday

Microsoft releases its largest Patch Tuesday ever, fixing 622 vulnerabilities, including two actively exploited zero-day flaws in SharePoint and Active Directory....

Newsnews

Uber's Product Chief on Expansion into Hotels, Robotaxis, and Strategic Focus

Uber's Chief Product Officer Sachin Kansal discusses the company's expansion into hotels, boat rentals, and AI-driven features, while clarifying its strategic focus....

Newsnews

Google and Microsoft Remove ModHeader Extension Over Hidden Data Collection

Google and Microsoft have removed the ModHeader browser extension after researchers discovered a hidden browsing-history collector inside it....

Newsnews

CrashStealer: New macOS Malware Targets Sensitive Data with Sophisticated Techniques

A newly discovered macOS malware, CrashStealer, steals sensitive data, bypasses Gatekeeper, and uses advanced encryption techniques....

Newsnews

Silver Fox Group Deploys New MODBEACON RAT Using gRPC Streaming

The China-linked Silver Fox group has introduced MODBEACON, a new Rust-based remote access trojan using gRPC streaming for encrypted communications....

Newsnews

Unpatched XRING Flaw in XQUIC Allows Remote Server Crashes

A critical flaw in Alibaba's XQUIC library allows remote clients to crash servers with legal HTTP/3 traffic. No patch is available....

Newsnews

Three Critical Vulnerabilities in OpenClaw AI Assistant Patched

OpenClaw AI assistant patched three high-severity flaws enabling credential theft, privilege escalation, and arbitrary code execution....

Newsnews

Laser Attack Resets Tangem Wallet Passwords, Researchers Warn

Researchers demonstrate a laser attack on Tangem crypto wallet cards, allowing attackers to reset passwords and gain control....

Newsnews

Critical Zimbra Flaw Could Allow Arbitrary Code Execution via Crafted Emails

Zimbra warns of a critical stored XSS vulnerability in its Classic Web Client that could lead to arbitrary code execution through crafted emails....

Newsnews

Compromised jscrambler 8.14.0 npm Release Contains Malicious Infostealer

Version 8.14.0 of the jscrambler npm package was released with a malicious preinstall hook that deploys an infostealer targeting developer secrets....

Newsnews

Progress Software Orders Shutdown of ShareFile Servers Amid Security Threat

Progress Software has instructed ShareFile customers to shut down Windows servers running Storage Zone Controllers due to a credible security threat....

Newsnews

Injective Labs GitHub Compromise Exposes Cryptocurrency Wallets to Theft

Unknown threat actors compromised Injective Labs’ GitHub repository, publishing a malicious npm package to steal cryptocurrency wallet keys....

Newsnews

npm 12 Disables Install Scripts by Default, Deprecates Granular Access Tokens

GitHub releases npm 12 with install scripts disabled by default and deprecates granular access tokens to enhance security....

Newsnews

OpenAI Launches GPT-5.6 and ChatGPT Work After Government Approval

OpenAI's GPT-5.6 and ChatGPT Work are now publicly available after receiving government approval, aiming to set new standards in AI capabilities....

Newsnews

GhostApproval Flaw in AI Coding Assistants Puts Developers at Risk

Researchers at Wiz uncover a symlink flaw in popular AI coding assistants that could allow attackers to take control of a developer's computer....

Newsnews

OnlyFans Creators' DMCA Requests Expose Hacked Government Websites

Adult content creators' DMCA takedown requests inadvertently reveal widespread hacking of government and university websites....

Newsnews

AI Coding Agents Trigger False Alarms in Cybersecurity Systems

AI coding agents like Claude Code and OpenAI Codex are triggering cybersecurity alarms by mimicking attacker behaviors during routine tasks....

Newsnews

Open Source Collaboration Surges in Q1 2026, Driven by Global Growth and Platform Improvements

Open source collaboration on GitHub saw a 16% quarter-over-quarter growth in Q1 2026, with significant contributions from emerging economies like Syria....

Newsnews

Google Disrupts NetNut Residential Proxy Network in Collaboration with FBI

Google and the FBI have disrupted NetNut, a massive residential proxy network, reducing its pool of usable devices by millions....

Newsnews

U.S. Government Entity Paid $1 Million to Prevent Data Leak by Kairos Group

A U.S. government entity paid $1 million to the Kairos group to prevent stolen files from being leaked, raising questions about the nature of the attack....

Newsnews

North Korean Hackers Publish 108 Malicious Packages in Ongoing Campaign

North Korean hackers linked to the Contagious Interview campaign have published 108 malicious packages and extensions across npm, Packagist, Go, and Chrome....

Newsnews

EU Politician Investigating Pegasus Spyware Hacked by the Same Tool

Greek politician Stelios Kouloglou, a member of the EU's PEGA Committee investigating Pegasus spyware, was himself hacked by the same tool....

Newsnews

Unpatched Flaws in FatFs Filesystem Library Pose Risks to Millions of Devices

Security firm runZero discloses seven vulnerabilities in FatFs, a widely used filesystem library, impacting devices like security cameras, drones, and crypto wallets....

Newsnews

New 'Bad Epoll' Linux Kernel Flaw Allows Full System Takeover

A critical Linux kernel flaw, 'Bad Epoll,' enables attackers to gain root access on affected systems, including desktops, servers, and Android devices....

Newsnews

Former EU Parliament Member Targeted with Pegasus Spyware

A report reveals former EU Parliament member Stelios Kouloglou's phone was hacked with Pegasus spyware while investigating its misuse....

Newsnews

North Korea-Linked Malicious npm Packages Mimic Rollup Polyfill Tools

North Korea-linked threat actors have uploaded malicious npm packages masquerading as Rollup polyfill tools to steal data and enable remote access....

Newsnews

Meta Contractors Posed as Teens to Test Competitor Chatbots

Meta contractors were instructed to pose as minors to test competitor chatbots on sensitive topics like suicide, sex, and eating disorders....

Newsnews

Unpatched Argo CD Flaw Allows Full Cluster Takeover

An unpatched flaw in Argo CD's repo-server component enables unauthenticated attackers to execute code and potentially take over Kubernetes clusters....

Newsnews

Critical Cursor Flaws Could Allow Zero-Click Code Execution

Two severe vulnerabilities in Cursor, an AI code editor, could enable attackers to execute arbitrary commands on a developer's machine without user interaction....

Newsnews

GuardFall Exposes Security Flaw in Open-Source AI Coding Agents

New research reveals a decades-old shell trick can bypass safety checks in 10 out of 11 popular AI coding agents, risking data theft and system damage....

Newsnews

Malicious Chrome Extension Posed as Perplexity AI to Steal Search Data

A malicious Chrome extension mimicked Perplexity AI to intercept and log users' search queries, redirecting traffic through an attacker-controlled server....

Newsnews

Google Warns EU Plans Could Lead to Search Data Hacks

Google security experts warn that EU proposals to open search data and Android systems could increase hacking risks and cybercrime....

Newsnews

Amazon Q Developer Flaw Allowed Cloud Credential Theft

A high-severity flaw in Amazon Q Developer could have allowed attackers to run commands and steal cloud credentials via a malicious repository....

Newsnews

GitHub Joins Coalition to Amend California AI Transparency Act and Protect Open Source

GitHub and other open source advocates call for amendments to California’s AI Transparency Act to protect open source licensing....