Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXThreat Actor Trojanizes Copy of SonicWall NetExtender VPN App
A threat actor hacked a version of SonicWall's NetExtender SSL VPN application in an effort to trick users into installing a Trojanized version of the product.
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Meta confused over WhatsApp ban issued to House staffers
The chamberโs chief administrative officer issued a memo Monday that the messaging app is not approved for official use. The post Meta confused over WhatsApp ban issued to House staffers appeared first on CyberScoop.
China-Nexus 'LapDogs' Network Thrives on Backdoored SOHO Devices
The campaign infected devices in the US and Southeast Asia to build an operational relay box (ORB) network for use as an extensive cyber-espionage infrastructure.
New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public
The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public. The new guideline seeks to help officials verify the identity and eligibility of applicants under U.S. law. The U.S. Embassy said every visa application review is a "national security decision." "Effective immediately, all individuals applying for an
Steel Giant Nucor Confirms Data Stolen in Cyberattack
America's largest steel producer initially disclosed the breach in May and took potentially affected systems offline to investigation the intrusion and contain any malicious activity.
The โ16 billion password breachโ story is a farce
Experts told CyberScoop the research 'doesnโt pass a sniff test' and detracts from needed conversations around credential abuse and information stealers. The post The โ16 billion password breachโ story is a farce appeared first on CyberScoop.
Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue
Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets. The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today. "We developed two techniques by leveraging the mining topologies and pool policies that enable us to reduce a
How the US Military Is Redefining Zero Trust
Trust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.
Siemens Notifies Customers of Microsoft Defender Antivirus Issue
Siemens is working with Microsoft to address a Defender Antivirus problem that can lead to no malware alerts or plant disruptions. The post Siemens Notifies Customers of Microsoft Defender Antivirus Issue appeared first on SecurityWeek.
Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers
Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, in a new analysis published last week, said it identified two different kinds of keylogger code written in JavaScript on the Outlook login page - Those that save collected data to a local file
Oh! Canada Added to List of Nations Targeted in Salt Typhoon Telecom Spree
The Canadian Center for Cybersecurity has confirmed that the Chinese state-sponsored cyber-threat actor targeted one of its telecommunications companies in February via a Cisco flaw, as part of global attack wave.
Hereโs a Subliminal Channel You Havenโt Considered Before
Scientists can manipulate air bubbles trapped in ice to encode messages.
Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives
The future of secure digital engagement depends on continuous identity verification and proofing that can scale with risk. The post Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives appeared first on SecurityWeek.
Between Buzz and Reality: The CTEM Conversation We All Need
I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldnโt have asked for a better kickoff panel: three cybersecurity leaders who donโt just talk security, they live it. Let me introduce them. Alex Delay, CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead, Director of Cybersecurity at Avidity
Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network
Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments. "Attackers are exploiting misconfigured Docker APIs to gain access to containerized environments, then using Tor to mask their activities while deploying crypto miners," Trend Micro researchers Sunil Bharti and Shubham Singh said in an
Chinese APT Hacking Routers to Build Espionage Infrastructure
A Chinese APT has been infecting SOHO routers with the ShortLeash backdoor to build stealthy espionage infrastructure. The post Chinese APT Hacking Routers to Build Espionage Infrastructure appeared first on SecurityWeek.
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios. The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app's security. "The Office of Cybersecurity has deemed WhatsApp a high-risk to users
APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal chat messages to deliver two previously undocumented malware families dubbedd BEARDSHELL and COVENANT. BEARDSHELL, per CERT-UA, is written in C++ and offers the ability to download and execute PowerShell scripts, as well as
Apple, Netflix, Microsoft Sites โHackedโ for Tech Support Scamsย
Tech support scammers are using sponsored ads and search parameter injection to trick users into calling them. The post Apple, Netflix, Microsoft Sites โHackedโ for Tech Support Scams appeared first on SecurityWeek.
China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom
The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign. The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0) to access configuration
SparkKitty Swipes Pics From iOS, Android Devices
Like its predecessor, SparkCat, the new malware appears to be going after sensitive data โ such as seed phrases for cryptocurrency wallets โ in device photo galleries.
Russian court releases several REvil ransomware gang members
Despite being sentenced to five years in prison, the court released the four men on time served. The post Russian court releases several REvil ransomware gang members appeared first on CyberScoop.
'Echo Chamber' Attack Blows Past AI Guardrails
An AI security researcher has developed a proof of concept that uses subtle, seemingly benign prompts to get GPT and Gemini to generate inappropriate content.
IBM Pushes for More Collaboration Between Security, Governance
IBM is integrating its governance and AI security tools to address the risks associated with the AI adoption boom.
Citrix Patches Critical Vulns in NetScaler ADC and Gateway
Citrix is recommending its customers upgrade their appliances to mitigate potential exploitation of the vulnerabilities.
DHS Warns of Rise in Cyberattacks in Light of US-Iran Conflict
After President's Trump decision to enter the US into the conflict in the Middle East, the Department of Homeland Security expects there to be an uptick in Iranian hacktivists and state-sponsored actors targeting US systems.
North Korean Hackers Take Over Victimsโ Systems Using Zoom Meeting
North Korean hackers employ social engineering to trick Zoom Meeting participants into executing system-takeover commands. The post North Korean Hackers Take Over Victimsโ Systems Using Zoom Meeting appeared first on SecurityWeek.
Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content
Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards put in place. "Unlike traditional jailbreaks that rely on adversarial phrasing or character obfuscation, Echo Chamber weaponizes indirect references, semantic
The SAVE database was already a headache for states. Now itโs fueling Trumpโs voter fraud allegations.
Experts believe lawsuits are first steps in a larger plan by the White House to create new metrics that lend support to the presidentโs unproven claims that noncitizens are voting en masse for Democratic politicians. The post The SAVE database was already a headache for states. Now itโs fueling Trumpโs voter fraud allegations. appeared first on CyberScoop.
DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes
The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the IranโIsrael war that commenced on June 13, 2025. Stating that the ongoing conflict has created a "heightened threat environment" in the country, the Department of Homeland Security (DHS) said in a bulletin that cyber actors are likely to
Attackers Use Docker APIs, Tor Anonymity in Stealthy Crypto Heist
The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners.
Chinaโs Salt Typhoon Hackers Target Canadian Telecom Firms
Canadaโs Centre for Cyber Security and the FBI warn of Chinese hackers targeting telecommunications and other companies in Canada. The post Chinaโs Salt Typhoon Hackers Target Canadian Telecom Firms appeared first on SecurityWeek.
A CISO's AI Playbook
In a market where security budgets flatten while threats accelerate, improving analyst throughput is fiscal stewardship.
XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks
Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part of a multi-stage procedure to deploy the malware, French cybersecurity company HarfangLab said. XDSpy is the name assigned to a cyber
Critical Authentication Bypass Flaw Patched in Teleport
A critical-severity vulnerability in Teleport could allow remote attackers to bypass SSH authentication and access managed systems. The post Critical Authentication Bypass Flaw Patched in Teleport appeared first on SecurityWeek.