Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Military Veterans May Be What Cybersecurity Is Looking For
As the field struggles with a shortage, programs that aim to provide veterans with the technical skills needed to succeed in cybersecurity may be the solution for everyone.
Published on: July 14, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Google Gemini AI Bug Allows Invisible, Malicious Prompts
A prompt-injection vulnerability in the AI assistant allows attackers to create messages that appear to be legitimate Google Security alerts but instead can be used to target users across various Google products with vishing and phishing.
Published on: July 14, 2025 | Source:Report from the Cambridge Cybercrime Conference
The Cambridge Cybercrime Conference was held on 23 June. Summaries of the presentations are here.
Published on: July 14, 2025 | Source:The Unusual Suspect: Git Repos
While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping
Published on: July 14, 2025 | Source:New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries
Threat actors behind the Interlock ransomware group have unleashed a new PHP variant of its bespoke remote access trojan (RAT) as part of a widespread campaign using a variant of ClickFix called FileFix. "Since May 2025, activity related to the Interlock RAT has been observed in connection with the LandUpdate808 (aka KongTuke) web-inject threat clusters," The DFIR Report said in a technical
Published on: July 14, 2025 | Source:Train Brakes Can Be Hacked Over RadioβAnd the Industry Knew for 20 Years
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake. The post Train Brakes Can Be Hacked Over RadioβAnd the Industry Knew for 20 Years appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:Train Hack Gets Proper Attention After 20 Years: ResearcherΒ
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake. The post Train Hack Gets Proper Attention After 20 Years: Researcher appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA
CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:The Dark Side of Global Power Shifts & Demographic Decline
As global power realigns and economies falter, the rise in cybercrime is no longer hypothetical β it's inevitable.
Published on: July 14, 2025 | Source:Google Gemini Tricked Into Showing Phishing Message Hidden in EmailΒ
Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email. The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:β‘ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
In cybersecurity, precision mattersβand thereβs little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs weβre seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real security. For anyone responsible
Published on: July 14, 2025 | Source:New Interlock RAT Variant Distributed via FileFix Attacks
The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks. The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:New White House cyber executive order pushes rules as code
Organizations must turn Cyber Governance, Risk, and Compliance (GRC) into executable pipelines, a Microsoft security product manager argues. The post New White House cyber executive order pushes rules as code appeared first on CyberScoop.
Published on: July 14, 2025 | Source:Is XBOWβs success the beginning of the end of human-led bug hunting? Not yet.
XBOWβs AI bug-hunter landed a big funding round while dominating HackerOneβs leaderboards. But even its founder says it hasnβt fully replaced the need for humans to be involved in the bug-hunting process. The post Is XBOWβs success the beginning of the end of human-led bug hunting? Not yet. appeared first on CyberScoop.
Published on: July 14, 2025 | Source:Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase. The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:Louis Vuitton Data Breach Hits Customers in Several Countries
Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach. The post Louis Vuitton Data Breach Hits Customers in Several Countries appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:Hackers Inject Malware Into Gravity Forms WordPress PluginΒ
Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack. The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:CBI Shuts Down Β£390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
India's Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out "sophisticated" tech support scams targeting citizens of Australia and the United Kingdom. The fraudulent scheme is estimated to have led to losses worth more than 390,000 ($525,000) in the United Kingdom alone. The law
Published on: July 14, 2025 | Source:eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish company's website, more than two billion SIMs in IoT devices have been enabled as of December 2020. The findings come from Security Explorations, a research lab
Published on: July 14, 2025 | Source:13 Romanians Arrested for Phishing the UKβs Tax Service
Investigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi. The post 13 Romanians Arrested for Phishing the UKβs Tax Service appeared first on SecurityWeek.
Published on: July 14, 2025 | Source:GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). "Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design specification, and system settings," the GPU maker said in an advisory released this week. Dubbed
Published on: July 12, 2025 | Source:Grok-4 Falls to a Jailbreak Two days After Its Release
The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak. The post Grok-4 Falls to a Jailbreak Two days After Its Release appeared first on SecurityWeek.
Published on: July 12, 2025 | Source:Grok-4 Falls to a Jailbreak Two Days After Its Release
The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak. The post Grok-4 Falls to a Jailbreak Two Days After Its Release appeared first on SecurityWeek.
Published on: July 12, 2025 | Source:Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications. "Laravel's APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub)," GitGuardian said. "If attackers get access to this key, they can exploit a deserialization flaw to
Published on: July 12, 2025 | Source:Squid Dominated the Oceans in the Late Cretaceous
New research: One reason the early years of squids has been such a mystery is because squidsβ lack of hard shells made their fossils hard to come by. Undeterred, the team instead focused on finding ancient squid beaksβhard mouthparts with high fossilization potential that could help the team figure out how squids evolved. With that in mind, the team developed an advanced fossil discovery technique that completely...
Published on: July 11, 2025 | Source:Pay2Key Ransomware Gang Resurfaces With Incentives to Attack US, Israel
The ransomware-as-a-service (RaaS) operation, which has been tied to an Iranian advanced persistent threat (APT) group, recently boosted its affiliate profit share to 80% for attacks on Western targets.
Published on: July 11, 2025 | Source:Tradecraft in the Information Age
Long article on the difficulty (impossibility?) of human spying in the age of ubiquitous digital surveillance.
Published on: July 11, 2025 | Source:As Cyber-Insurance Premiums Drop, Coverage Is Key to Resilience
Cyber-insurance premiums continue to decline from their explosive growth from 2020 to 2022, but coverage is more important than ever to manage risks, experts say.
Published on: July 11, 2025 | Source:Researchers identify critical vulnerabilities in automotive Bluetooth systems
βPerfektBlueβ impacts tech used in Mercedes-Benz, Volkswagen, and Skoda automobiles. The post Researchers identify critical vulnerabilities in automotive Bluetooth systems appeared first on CyberScoop.
Published on: July 11, 2025 | Source:Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in
Published on: July 11, 2025 | Source:Virtru secures $50 million investment to advance data-centric security standards
Virtru's technology centers on the Trusted Data Format, an open standard that embeds security controls directly into data files rather than relying on traditional perimeter defenses. The post Virtru secures $50 million investment to advance data-centric security standards appeared first on CyberScoop.
Published on: July 11, 2025 | Source:Factoring Cybersecurity Into Finance's Digital Strategy
As financial institutions continue to embrace digital transformation, their success will depend on their ability to establish and maintain robust and responsible cybersecurity practices.
Published on: July 11, 2025 | Source:PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy's BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors. The vulnerabilities, dubbed PerfektBlue, can be fashioned together as an exploit chain to run arbitrary code on cars from at least three major automakers,
Published on: July 11, 2025 | Source:Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent
With IPOs taking longer than ever, the venture firmβs fund aims to keep startup veterans motivated while staying private. The post Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent appeared first on SecurityWeek.
Published on: July 11, 2025 | Source:Securing Data in the AI Era
The 2025 Data Risk Report: Enterprises face potentially serious data loss risks from AI-fueled tools. Adopting a unified, AI-driven approach to data security can help. As businesses increasingly rely on cloud-driven platforms and AI-powered tools to accelerate digital transformation, the stakes for safeguarding sensitive enterprise data have reached unprecedented levels. The Zscaler ThreatLabz
Published on: July 11, 2025 | Source: