Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UX743,000 Impacted by McLaren Health Care Data Breach
The personal information of 743,000 individuals was compromised in a 2024 ransomware attack on McLaren Health Care. The post 743,000 Impacted by McLaren Health Care Data Breach appeared first on SecurityWeek.
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout
It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmedβnot just by threats, but by the systems and processes in place that are meant to help them respond. Tooling is fragmented. Workflows are heavy. Context lives in five places, and alerts never slow down. What started as a
Largest DDoS Attack to Date
It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It speeds up communications by not formally establishing a connection before data is transferred. Unlike the more common...
Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks
Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. "Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections
US Braces for Cyberattacks After Bombing Iranian Nuclear Sites
Iranian hackers are expected to intensify cyberattacks against the US after the recent air strikes on Iranβs nuclear sites. The post US Braces for Cyberattacks After Bombing Iranian Nuclear Sites appeared first on SecurityWeek.
β‘ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that donβt seem urgentβuntil they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain sight. Itβs worth asking: what patterns are we missing, and what signals are we ignoring because they donβt match old
Steelmaker Nucor Says Hackers Stole Data in Recent Attack
Nucor has shared an update on the impact of the recent cyberattack and confirmed that some data has been taken from its IT systems. The post Steelmaker Nucor Says Hackers Stole Data in Recent Attack appeared first on SecurityWeek.
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
The April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as a "single combined cyber event." That's according to an assessment from the Cyber Monitoring Centre (CMC), a U.K.-based independent, non-profit body set up by the insurance industry to categorize major cyber events. "Given that one threat actor claimed responsibility for both M&S and
Aflac Finds Suspicious Activity on US Network That May Impact Social Security Numbers, Other Data
Aflac said that itβs in the early stages of a review of the incident, and so far is unable to determine the total number of affected individuals. The post Aflac Finds Suspicious Activity on US Network That May Impact Social Security Numbers, Other Data appeared first on SecurityWeek.
AWS Enhances Cloud Security With Better Visibility Features
At this week's re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.
Friday Squid Blogging: Gonate Squid Video
This is the first ever video of the Antarctic Gonate Squid. As usual, you can also use this squid post to talk about the security stories in the news that I havenβt covered.
Hackers Post Dozens of Malicious Copycat Repos to GitHub
As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers.
Financial deepfake scams targeted in bipartisan Senate bill
New legislation seeks the creation of a Treasury-led task force to examine and combat AI-fueled scams that trick Americans out of their money. The post Financial deepfake scams targeted in bipartisan Senate bill appeared first on CyberScoop.
Qilin Ransomware Adds "Call Lawyer" Feature to Pressure Victims for Larger Ransoms
The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals. The new feature takes the form of a "Call Lawyer" feature on the affiliate panel, per Israeli cybersecurity company Cybereason. The
Aflac duped by social-engineering attack, marking another hit on insurance industry
Three insurance companies have publicly disclosed cyberattacks in the past week. Scattered Spider, an amorphous band of cybercriminals, has been actively targeting the sector. The post Aflac duped by social-engineering attack, marking another hit on insurance industry appeared first on CyberScoop.
Telecom Giant Viasat Is Latest Salt Typhoon Victim
The communications company shared the discoveries of its investigation with government partners, but there is little information they can publicly disclose other than that there seems to be no impact on customers.
How Cyber Warfare Changes the Face of Geopolitical Conflict
As geopolitical tensions rise, the use of cyber operations and hacktivists continues to grow, with the current conflict between Israel and Iran showing the new face of cyber-augmented war.
How to Lock Down the No-Code Supply Chain Attack Surface
Securing the no-code supply chain isn't just about mitigating risks β it's about enabling the business to innovate with confidence.
In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer
Noteworthy stories that might have slipped under the radar: Chinaβs Salt Typhoon targeted Viasat, Washington Post emails compromised in hack, Rowhammer attack named Crowhammer. The post In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer appeared first on SecurityWeek.
Iran's State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian government, according to multiple reports. It's currently not known who is behind the attack, although Iran pointed fingers at Israel, per Iran International. "If you experience disruptions or irrelevant messages while watching various TV
Godfather Android Trojan Creates Sandbox on Infected Devices
The Godfather Android trojan uses on-device virtualization to hijack legitimate applications and steal usersβ funds. The post Godfather Android Trojan Creates Sandbox on Infected Devices appeared first on SecurityWeek.
Surveillance in the US
Good article from 404 Media on the cozy surveillance relationship between local Oregon police and ICE: In the email thread, crime analysts from several local police departments and the FBI introduced themselves to each other and made lists of surveillance tools and tactics they have access to and felt comfortable using, and in some cases offered to perform surveillance for their colleagues in other departments. The...
FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks
WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit. The post FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks appeared first on SecurityWeek.
6 Steps to 24/7 In-House SOC Success
Hackers never sleep, so why should enterprise defenses? Threat actors prefer to target businesses during off-hours. Thatβs when they can count on fewer security personnel monitoring systems, delaying response and remediation. When retail giant Marks & Spencer experienced a security event over Easter weekend, they were forced to shut down their online operations, which account for
Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
Cloudflare on Thursday said it autonomously blocked the largest distributed denial-of-service (DDoS) attack ever recorded, which hit a peak of 7.3 terabits per second (Tbps). The attack, which was detected in mid-May 2025, targeted an unnamed hosting provider. "Hosting providers and critical Internet infrastructure have increasingly become targets of DDoS attacks," Cloudflare's Omer Yoachimik
Cloudflare Tunnels Abused in New Malware Campaign
A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain. The post Cloudflare Tunnels Abused in New Malware Campaign appeared first on SecurityWeek.
161,000 People Impacted by Krispy Kreme Data Breach
Krispy Kreme is sharing more information on the data breach resulting from the ransomware attack targeting the company in 2024. The post 161,000 People Impacted by Krispy Kreme Data Breach appeared first on SecurityWeek.
200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead. The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as targeting the Python Package
Hackers Access Legacy Systems in Oxford City Council Cyberattack
Personal data of former and current council workers, including election staff, may have been accessed by hackers. The post Hackers Access Legacy Systems in Oxford City Council Cyberattack appeared first on SecurityWeek.
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns," PRODAFT said in a report
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns," PRODAFT said in a report
Predatory Sparrow Burns $90 Million on Iranian Crypto Exchange in Cyber Shadow War
Israel-linked Predatory Sparrow hackers torched more than $90 million at Iranβs largest cryptobank as Israel-Iran cyberwar escalates. The post Predatory Sparrow Burns $90 Million on Iranian Crypto Exchange in Cyber Shadow War appeared first on SecurityWeek.
Security Evolution: From Pothole Repair to Road Building
Instead of constantly fixing security vulnerabilities, organizations should proactively build secure foundations that enable businesses to move faster while reducing risk.
Scammers Spread False Support Info Using Legitimate Websites
In a new wrinkle on the tech support scam front, these search parameter injection attacks dupe victims into believing they are receiving technical help when they are actually speaking to fraudsters.
Paragon Commercial Spyware Infects Prominent Journalists
An unnamed customer of Paragon's Graphite product used the commercial spyware to target at least two prominent European journalists in recent months.