Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXZip Security Raises $13.5 Million in Series A Funding
Zip Securityβs Series A funding round led by Ballistic Ventures will help the company grow its engineering and go-to-market teams. The post Zip Security Raises $13.5 Million in Series A Funding appeared first on SecurityWeek.
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Ransomware Group Claims Attack on Belk
DragonForce says it stole more than 150 gigabytes of data from US department store chain Belk in a May cyberattack. The post Ransomware Group Claims Attack on Belk appeared first on SecurityWeek.
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks. The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of a malware
MITRE Unveils AADAPT Framework to Tackle Cryptocurrency ThreatsΒ
The MITRE AADAPT framework provides documentation for identifying, investigating, and responding to weaknesses in digital asset payments. The post MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats appeared first on SecurityWeek.
Sesame Workshop Regains Control of Elmoβs Hacked X Account After Racist Posts
The account was compromised over the weekend and Elmoβs 650,000 followers were given antisemitic threats and a reference to the Jeffrey Epstein investigation. The post Sesame Workshop Regains Control of Elmoβs Hacked X Account After Racist Posts appeared first on SecurityWeek.
DOGE Denizen Marko Elez Leaked API Key for xAI
Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed...
House passes bill to formalize NTIAβs cyber role following Salt Typhoon attacks
The bipartisan legislation would codify the agencyβs position as the one in charge of coordinating responses to incidents like the breach on U.S. telecoms. The post House passes bill to formalize NTIAβs cyber role following Salt Typhoon attacks appeared first on CyberScoop.
CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe
The number of Citrix customers impacted by CVE-2025-5777 remains unknown, but researchers have already observed more than 11.5 million attack attempts, targeting thousands of sites. The post CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe appeared first on CyberScoop.
Web-Inject Campaign Debuts Fresh Interlock RAT Variant
A cyber-threat campaign is using legitimate websites to inject victims with remote access Trojans belonging to the Interlock ransomware group, in order to gain control of devices.
Why skipping security prompting on Grokβs newest model is a huge mistake
An AI red-teaming company found that xAIβs Grok 4 is βnot suitable for enterprisesβ without substantial security prompting. The post Why skipping security prompting on Grokβs newest model is a huge mistake appeared first on CyberScoop.
Military Veterans May Be What Cybersecurity Is Looking For
As the field struggles with a shortage, programs that aim to provide veterans with the technical skills needed to succeed in cybersecurity may be the solution for everyone.
Google Gemini AI Bug Allows Invisible, Malicious Prompts
A prompt-injection vulnerability in the AI assistant allows attackers to create messages that appear to be legitimate Google Security alerts but instead can be used to target users across various Google products with vishing and phishing.
Report from the Cambridge Cybercrime Conference
The Cambridge Cybercrime Conference was held on 23 June. Summaries of the presentations are here.
The Unusual Suspect: Git Repos
While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping
New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries
Threat actors behind the Interlock ransomware group have unleashed a new PHP variant of its bespoke remote access trojan (RAT) as part of a widespread campaign using a variant of ClickFix called FileFix. "Since May 2025, activity related to the Interlock RAT has been observed in connection with the LandUpdate808 (aka KongTuke) web-inject threat clusters," The DFIR Report said in a technical
Train Hack Gets Proper Attention After 20 Years: ResearcherΒ
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake. The post Train Hack Gets Proper Attention After 20 Years: Researcher appeared first on SecurityWeek.
Train Brakes Can Be Hacked Over RadioβAnd the Industry Knew for 20 Years
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake. The post Train Brakes Can Be Hacked Over RadioβAnd the Industry Knew for 20 Years appeared first on SecurityWeek.
CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA
CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek.
The Dark Side of Global Power Shifts & Demographic Decline
As global power realigns and economies falter, the rise in cybercrime is no longer hypothetical β it's inevitable.
Google Gemini Tricked Into Showing Phishing Message Hidden in EmailΒ
Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email. The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email appeared first on SecurityWeek.
β‘ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
In cybersecurity, precision mattersβand thereβs little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs weβre seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real security. For anyone responsible
New Interlock RAT Variant Distributed via FileFix Attacks
The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks. The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek.
Is XBOWβs success the beginning of the end of human-led bug hunting? Not yet.
XBOWβs AI bug-hunter landed a big funding round while dominating HackerOneβs leaderboards. But even its founder says it hasnβt fully replaced the need for humans to be involved in the bug-hunting process. The post Is XBOWβs success the beginning of the end of human-led bug hunting? Not yet. appeared first on CyberScoop.
New White House cyber executive order pushes rules as code
Organizations must turn Cyber Governance, Risk, and Compliance (GRC) into executable pipelines, a Microsoft security product manager argues. The post New White House cyber executive order pushes rules as code appeared first on CyberScoop.
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase. The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek.
Louis Vuitton Data Breach Hits Customers in Several Countries
Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach. The post Louis Vuitton Data Breach Hits Customers in Several Countries appeared first on SecurityWeek.
Hackers Inject Malware Into Gravity Forms WordPress PluginΒ
Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack. The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
CBI Shuts Down Β£390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
India's Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out "sophisticated" tech support scams targeting citizens of Australia and the United Kingdom. The fraudulent scheme is estimated to have led to losses worth more than 390,000 ($525,000) in the United Kingdom alone. The law
eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish company's website, more than two billion SIMs in IoT devices have been enabled as of December 2020. The findings come from Security Explorations, a research lab
13 Romanians Arrested for Phishing the UKβs Tax Service
Investigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi. The post 13 Romanians Arrested for Phishing the UKβs Tax Service appeared first on SecurityWeek.
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). "Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design specification, and system settings," the GPU maker said in an advisory released this week. Dubbed
Grok-4 Falls to a Jailbreak Two Days After Its Release
The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak. The post Grok-4 Falls to a Jailbreak Two Days After Its Release appeared first on SecurityWeek.
Grok-4 Falls to a Jailbreak Two days After Its Release
The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak. The post Grok-4 Falls to a Jailbreak Two days After Its Release appeared first on SecurityWeek.
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications. "Laravel's APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub)," GitGuardian said. "If attackers get access to this key, they can exploit a deserialization flaw to
Squid Dominated the Oceans in the Late Cretaceous
New research: One reason the early years of squids has been such a mystery is because squidsβ lack of hard shells made their fossils hard to come by. Undeterred, the team instead focused on finding ancient squid beaksβhard mouthparts with high fossilization potential that could help the team figure out how squids evolved. With that in mind, the team developed an advanced fossil discovery technique that completely...