Featured
Meta Abandons Professional Fact-Checking in Favor of Community-Based Verification System
Meta announces significant shift away from its established fact-checking program, replacing professional fact-checkers with a crowdsourced Community Notes system across its platforms. The controversial move raises concerns internationally while aiming to address perceived political bias issues.
Critical Ivanti Zero-Day Vulnerability Exploited by Chinese State Hackers
A severe authentication bypass vulnerability in multiple Ivanti network products enables remote code execution, with active exploitation detected in the wild. Chinese state-sponsored group UNC5221 is deploying sophisticated malware to compromise systems, prompting urgent calls for immediate patching.
20-Year-Old 'Scattered Spider' Hacker Pleads Guilty in $13M Cybercrime Case
A young Florida hacker has admitted to major cybercrimes including cryptocurrency theft and data breaches targeting companies like Twilio and LastPass. As a member of the notorious Scattered Spider group, he faces prison time and must pay $13 million in restitution.
Ethical Hacker or Cybercriminal? Microsoft Acknowledges EncryptHub's Windows Vulnerability Reports
Microsoft credits a controversial hacker known as EncryptHub for discovering critical Windows security flaws, despite their alleged involvement in over 618 breaches. The case highlights the complex duality of a technically skilled individual operating in both legitimate security research and cybercrime.
North Korean Hackers Deploy Malicious npm Packages in Sophisticated Developer-Targeting Campaign
Security researchers have discovered North Korean hackers distributing malware through 11 malicious npm packages that were downloaded over 5,600 times. The sophisticated campaign, known as 'Contagious Interview', uses fake job interviews and social engineering to target developers and infiltrate systems.
Critical WinRAR Vulnerability Evades Windows Security Protections
A newly discovered WinRAR security flaw allows attackers to bypass Windows' Mark of the Web security feature, potentially exposing users to malware. Microsoft has patched the high-severity vulnerability, which was being exploited through fake WinRAR websites distributing malicious software.
IRS Data Consolidation Hackathon Sparks Privacy and Security Concerns
DOGE's ambitious 30-day hackathon to create a unified IRS data access API has raised alarm among experts. The controversial project, led by Elon Musk, could potentially expose sensitive taxpayer information while bypassing existing security protocols.
Critical Apache Parquet Vulnerability Exposes Systems to Remote Code Execution
A severe security flaw in Apache Parquet's Java Library enables attackers to execute arbitrary code through malicious files. The vulnerability, rated with maximum severity, affects all versions up to 1.15.0 and requires immediate patching to version 1.15.1.
TikTok Thwarts Massive Election Interference Campaign in Romanian Presidential Race
TikTok uncovered and blocked over 130,000 fake and spam accounts attempting to manipulate Romania's 2024 presidential elections, leading to the poll's postponement. The platform's transparency report revealed multiple coordinated disinformation networks and prompted enhanced security measures for the rescheduled May elections.