Featured
Critical Security Flaws Found in Smart Car Camera Systems
Researchers uncover serious vulnerabilities in cloud-connected vehicle cameras that could allow hackers to access private location data and footage. While one vendor has patched the security holes, another remains exposed despite being notified over a year ago.
OpenAI Whistleblower Dies at 26 After Exposing ChatGPT Copyright Concerns
Former OpenAI researcher Suchir Balaji, who publicly challenged the company's data collection practices for ChatGPT, was found dead in San Francisco. The 26-year-old whistleblower had recently accused OpenAI of copyright violations and was expected to play a key role in ongoing lawsuits.
Hackers Turn the Tables: 390,000 WordPress Credentials Stolen in Supply Chain Attack
A sophisticated hacking group dubbed MUT-1244 executed a year-long campaign targeting cybercriminals and researchers through trojanized software tools. The attackers successfully stole over 390,000 WordPress credentials along with other sensitive data using deceptive GitHub repositories and infected npm packages.
HeartCrypt: The $20 Malware Service Making Cyber Attacks More Accessible
A new malware packing service called HeartCrypt has emerged, allowing criminals to hide malicious code in legitimate-looking software for just $20. The service's sophisticated concealment techniques and growing adoption by cybercriminals highlight evolving threats in the cybersecurity landscape.
Qubes OS Revolutionizes PDF Security with Safe Conversion Feature
Qubes OS introduces an innovative security solution for handling potentially dangerous PDF files through secure conversion and isolated virtual machines. This groundbreaking approach allows users to safely transform untrusted PDFs into secure documents while maintaining efficiency.
Major Data Breach at Byte Federal Exposes 58,000 Bitcoin ATM Users' Personal Data
A significant security breach at Byte Federal, a leading US Bitcoin ATM operator, has compromised sensitive data of 58,000 customers through a GitLab vulnerability. The breach exposed personal information including government IDs and transaction records, prompting immediate security measures and customer warnings.
Critical Security Flaws Found in 336,000 Exposed Prometheus Monitoring Servers
Researchers discovered over 336,000 Prometheus monitoring servers and exporters exposed online, leaking sensitive data and vulnerable to DoS attacks. The investigation revealed plaintext passwords, authentication tokens, and internal API addresses were accessible, while also identifying risks from 'repojacking' vulnerabilities.
Chinese Hacker Indicted for Massive Sophos Firewall Attack Affecting 81,000 Devices
The U.S. Department of Justice has charged Chinese national Guan Tianfeng for exploiting Sophos firewall vulnerabilities that compromised 81,000 devices globally. The attack, linked to China's Ministry of Public Security, prompted multi-agency U.S. response including sanctions and a $10 million reward for information.
Russian Hackers Hijack Criminal Networks to Target Ukrainian Starlink Devices
Russian state-backed group Secret Blizzard has adopted an unusual tactic of compromising other cybercrime groups' infrastructure to infiltrate Ukrainian military Starlink connections. Microsoft's report reveals the hackers leveraged malware tools from multiple threat actors to gather intelligence on military hardware.