ICE wants to build a 24/7 social media surveillance team
ICE plans to hire contractors to scan platforms to target people for deportation.
WIRED
–
|
178
Security
Japan is running out of its favorite beer after ransomware attack
Asahi Super Dry production at Japanese breweries halted after cyberattack.
Financial Times
–
|
100
That annoying SMS phish you just got may have come from a box like this
Smishers looking for new infrastructure are getting creative.
Dan Goodin
–
|
53
Intel and AMD trusted enclaves, a foundation for network security, fall to physical attacks
The chipmakers say physical attacks aren't in the threat model. Many users didn't get the memo.
Dan Goodin
–
|
65
Rocket Report: Keeping up with Kuiper; New Glenn’s second flight slips
Amazon plans to conduct two launches of Kuiper broadband satellites just days apart.
Stephen Clark
–
|
123
As many as 2 million Cisco devices affected by actively exploited 0-day
Search shows 2 million vulnerable Cisco SNMP interfaces exposed to the Internet.
Dan Goodin
–
|
32
Supermicro server motherboards can be infected with unremovable malware
Baseboard management controller vulnerabilities make remote attacks possible.
Dan Goodin
–
|
45
US uncovers 100,000 SIM cards that could have “shut down” NYC cell network
A "nation-state" is said to be involved.
Nate Anderson
–
|
208
Most Read
Here’s how potent Atomic credential stealer is finding its way onto Macs
LastPass warns it's one of the latest to see its well-known brand impersonated.
Dan Goodin
–
|
40
Microsoft’s Entra ID vulnerabilities could have been catastrophic
They could've allowed attacker to gain access to virtually all Azure customer accounts.
WIRED
–
|
99
Two of the Kremlin’s most active hack groups are collaborating, ESET says
Turla is getting a helping hand from Gamaredon. Both are units of Russia's FSB.
Dan Goodin
–
|
11
Two UK teens charged in connection to Scattered Spider ransomware attacks
Ransomware group is one of the world's most prolific.
Dan Goodin
–
|
44
New attack on ChatGPT research agent pilfers secrets from Gmail inboxes
Unlike most prompt injections, ShadowLeak executes on OpenAI's cloud-based infrastructure.
Dan Goodin
–
|
32
How weak passwords and other failings led to catastrophic breach of Ascension
A deep-dive into Active Directory and how "Kerberoasting" breaks it wide open.
Dan Goodin
–
|
50
The US is now the largest investor in commercial spyware
And new countries are linked to the dangerous software.
WIRED
–
|
45
Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”
Wyden says default use of RC4 cipher led to last year's breach of health giant Ascension.
Dan Goodin
–
|
119
SAP warns of high-severity vulnerabilities in multiple products
Users of SAP's S/4HANA and NetWeaver products are at risk and should patch soon.
Dan Goodin
–
|
18
Software packages with more than 2 billion weekly downloads hit in supply-chain attack
Incident hitting npm users is likely the biggest supply-chain attack ever.
Dan Goodin
–
|
105
Former WhatsApp security boss in lawsuit likens Meta’s culture to a “cult”
Meta allegedly prioritized user growth over security, lawsuit said.
Dan Goodin
–
|
70
The number of mis-issued 1.1.1.1 certificates grows. Here’s the latest.
Everything to know about the mishap that threatened to expose millions of users' queries.
Dan Goodin
–
|
82
Sextortion with a twist: Spyware takes webcam pics of users watching porn
Spyware monitors the infected user's browser for NSFW content before activating itself.
WIRED
–
|
155
Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
The three certificates were issued in May but only came to light Wednesday.
Dan Goodin
–
|
120
Google warns that mass data theft hitting Salesloft AI agent has grown bigger
Assume all Drift credentials are compromised after Workspace breach, Google says.
Dan Goodin
–
|
23
High-severity vulnerability in Passwordstate credential manager. Patch now.
Vulnerability can be exploited to gain access to customers' crown jewels.
Dan Goodin
–
|
47
Unpacking Passkeys Pwned: Possibly the most specious research in decades
Researchers take note: When the endpoint is compromised, all bets are off.
Dan Goodin
–
|
135
Senator castigates federal judiciary for ignoring “basic cybersecurity”
Breaches in 2020 and 2025, reportedly by foreign adversaries, exposed confidential files.
Dan Goodin
–
|
42
High-severity WinRAR 0-day exploited for weeks by 2 groups
Exploits allow for persistent backdooring when targets open booby-trapped archive.
Dan Goodin
–
|
87
Encryption made for police and military radios may be easily cracked
An encryption algorithm can have weaknesses that could allow an attacker to listen in.
WIRED
–
|
66
Adult sites are stashing exploit code inside racy .svg files
Running JavaScript from inside an image? What could possibly go wrong?
Dan Goodin
–
|
90
Google discovered a new scam—and also fell victim to it
Disclosure comes two months after Google warned the world of ongoing spree.
Dan Goodin
–
|
29
Here’s how deepfake vishing attacks work, and why they can be hard to detect
Why AI-based voice cloning is the next frontier in social-engineering attacks.
Dan Goodin
–
|
59
Voice phishers strike again, this time hitting Cisco
Stopping people from falling for phishing attacks isn't working. So what are organizations to do?
Dan Goodin
–
|
31
AI site Perplexity uses “stealth tactics” to flout no-crawl edicts, Cloudflare says
The allegations are the latest to accuse Perplexity of improper web crawling.
Dan Goodin
–
|
104
Microsoft catches Russian hackers targeting foreign embassies
End goal is the installation of a malicious TLS root certificate for use in intel gathering.
Dan Goodin
–
|
26
Blame the governor! Oklahoma’s “board meeting porn” scandal goes gonzo.
Also, a cybersecurity firm analyzes the smart TV in question.
Nate Anderson
–
|
259
In search of riches, hackers plant 4G-enabled Raspberry Pi in bank network
Sophisticated group also used novel means to disguise their custom malware.
Dan Goodin
–
|
90