Actors compromised Cisco with stolen creds from Trivy attack, Anthropic leaked part of Claude's source code, Apple alters its upgrade-or-stay vulnerable method, Recruiting firm Mecor hit by incident linked to LiteLLM attack, Vim and GNU Emacs text editors' flaws surfaced by Claude prompts, much more
Italy fines its biggest bank $36.4m over data breach, Oz launches probe into internet giants over social media ban failures, Match Group settles with FTC over unauthorized data access, JavaScript library axios became an attack vector after npm account hijacking, much more
Anthropic exposed cache of materials through a misconfigured CMS, Lockdown Mode locks out mercenary spyware, Crypto account protection products fall short, Stats SA hit by ransomware, ClickFix campaign targets crypto users on macOS through fake Cloudflare CAPTCHA pages, much more
How Israel turned Iran's vast camera network into a targeting tool, Project Maven and the gods of AI warfare, How cops can surveil you using your body's data, Liberal San Francisco is now ground zero for tech-driven surveillance, Prompt optimizations are security flaws
Judge issues preliminary injunction against DoD's Anthropic ban, EU rejects extension that would allow CSAM scanning, Drone maker TechEx claims SBU wiretapped its chief engineer, Dutch court orders Musk's Grok to stop producing nudified images, EC probes breach of its AWS infrastructure, much more
An Armenian man was extradited to US in connection with RedLine infostealer, Ransomware attack disrupts Spain's Port of Vigo, AI-assisted campaign distributed 300+ trojanized GitHub packages, 4 vulns affect Cisco Catalyst 9300 Series switches, Puerto Rico's DoT hit by cyberattack, much more
Trivy breach cascades into LiteLLM compromise as attackers hijack CI/CD and bury evidence, Russian national sentenced to two years in connection with BitPaymer botnet, Cyberattacks in Poland more than doubled last year, HackerOne employee data exposed in third-party attack, much more
FCC bans import of all new foreign-made routers, Foster City officially declares state of emergency following attack, German federal police visited Windchill and FlexPLM users in the wee hours to warn them of a severe flaw, Scioto County employees fell victim to phishing, much more
Supply chain attack compromised Trivy vulnerability scanner, UK Financial Conduct Authority gave Palantir access to sensitive data, Hackers stole $23m in Ether from DeFi protocol Resolv Labs, Bluenoroff group stole 18.5k purchase records from gift card platform Bitrefill, much more
Industrialized scam compounds pull out all the stops to impersonate police, How Switzerland's SCION aims to replace BGP, Grassroots local resistance to Flock surveillance is growing, Existing law is inadequate to govern commercial spyware, Russia's sovereign internet is backfiring
Cops take down 373k scam darknet sites posting as CSAM sites, FBI seizes two Handala sites, Man convicted on extortion counts after sensitive contractor data theft, Man pleads guilty to AI-assisted streaming fraud, Admin unveils AI legislative framework, much more
CISA says orgs should secure Intune after Stryker attack, Stryker attack delayed some surgeries, Hacker claims theft of 93 GB of data from police tip platform, Fed cyber reviewers couldn't examine Microsoft cloud platform for security, Patel confirms FBI buys US citizens' location data, much more