Items tagged with cybersecurity
Modern AI is far from science-fiction AGI, and yet it can still be an incredibly powerful tool. Like any tool, if misused, it can pose a threat to legitimate users, like how we recently covered photographers' concerns that Google's Gemini Flash 2.0 could be used to easily remove watermarks from copyrighted...
Read more...
You probably have experienced situations where you needed to convert files from one format to another. In these cases, free online file converters are a common solution. However, the FBI Denver Field Office has just taken to X (formerly Twitter) to warn users that threat actors now use these seemingly harmless online...
Read more...
Netgear has issued an urgent security update for six of its popular WiFi home gateways, including three Nighthawk Pro gaming routers, after researchers uncovered severe Remote Code Execution (RCE) vulnerabilities. These flaws, which allow attackers to run arbitrary code on the devices without authentication, have been...
Read more...
Before we get started, let's clarify this headline. "DeepSeek" is the name of a Chinese AI startup that has produced some very impressive AI models, given the limited resources at its disposal. It is also the name of that startup's mobile app, and it's the latter that we're specifically concerned about today. That is...
Read more...
Malicious actors have a variety of techniques to try and ensnare victims online, one of which is scareware. It entails displaying web pages designed to convince a user that their system has been somehow compromised, but promises to offer a tech support solution that will “fix” the issue. Microsoft is now providing a...
Read more...
Medical device manufacturer Artivion, who specializes in making products used by cardiac and vascular surgeons to treat patients, has been hit with a ransomware attack. It was severe enough attack that it has disrupted the company’s operations to the point it needed to disable some of its systems. The company...
Read more...
Security researchers at Any.Run have found a new zero-day attack currently being used by threat actors to evade detection tools used by security professionals. This new technique “evades antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your...
Read more...
It might seem as if threat actors have been more heavily targeting mobile users lately with malware and exploits, but it doesn’t mean desktop users can drop their guard. Researchers at ESET have discovered a vulnerability in several Mozilla products, which are currently being exploited by a Russian hacking group known...
Read more...
Companies that offer AI services to the public, like Anthropic and OpenAI, try to prevent out-of-pocket behavior from their AI models by establishing "guardrails" on them, hopefully preventing their AIs from doing things like asking their human users to "please die." These guardrails prevent the networks from engaging...
Read more...
Wordfence, a cybersecurity company that specializes in making WordPress security products, has found a critical vulnerability in a plugin used by over 4 million internet websites. The company says that “this is one of the more serious vulnerabilities that we have reported on in our 12 year history.”
The affected...
Read more...
Security researchers at Kaspersky have discovered malware, dubbed SteelFox, which has been spreading “via forums posts, torrent trackers and blogs” since February of last year. It’s a potent piece of malicious software that attackers can use to extract a whole host of data from a victim’s computer, and can even enable...
Read more...
In what feels like a serious case of déjà vu, a piece of Android malware initially discovered two years ago, and spotted this time by cybersecurity firm Zimperium, is making the rounds again with a new version sporting several alarming advancements. While the malicious app has a new coat of paint, the aim is still the...
Read more...
A joint statement by the Federal Bureau of Investigations (FBI) and Critical Infrastructure Security and Resilience (CISA) have revealed that parties affiliated with People's Republic of China have gained access to U.S. commercial telecommunication infrastructure. Some of the phones targeted by the attack...
Read more...
With threat actors constantly targeting Android users with spam to distribute new malware, and even going so far as to repurpose older malware, Google is upgrading Messages to better protect users. The company is bringing “new controls and features to make your conversations on Google Messages even more secure and...
Read more...
Security software provider Kaspersky, which will soon be banned from selling or providing its services in the United States, promised a smooth transition for current customers. However, many of these customers were shocked to find that their Kaspersky antivirus software had suddenly deleted itself and was...
Read more...
In what feels like déjà vu, a particular piece of Android malware has managed to sneak its way back into apps available in the Google Play Store after initially being discovered in 2019. The security research team at Kaspersky shared that the "Necro" trojan was found within several popular apps that, according to...
Read more...
Researchers at Cado Security have found new malware targeting maOS users, which is dubbed “Cthulhu Stealer.” The malicious app attempts to deceiver users by masquerading as legitimate software, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP. It’s incredibly similar to Atomic Stealer, malware first released in...
Read more...
Security researchers at Cisco Talos have discovered a set of vulnerabilities affecting macOS users who have Microsoft applications installed on their computers, providing more attack vectors for malicious actors. The researchers say that “an attacker could bypass the operating system’s permission model by using...
Read more...
More malware targeting Mac users has been found by searchers at security firm Elastic Security Labs. The malicious software has been dubbed “Banshee Stealer,” and it is able to compromise systems using either Intel or Apple Silicon chips. The researchers says that “this malware presents a severe risk to macOS users...
Read more...
This one's important, so let's get right to it: a new security flaw in all versions of Windows opens the door for a wormable remote code execution vulnerability. That means it can be exploited by an automated worm with zero user interaction required, and it gives the remote attacker the ability to execute code on the...
Read more...
Yet another leak of stolen data has made its way to Breach Forums, a popular site for bad actors who traffic in this kind of data theft. The data originates from the breach of National Public Data, which is a service that gathers information from separate sources to form profiles on individuals located in several...
Read more...
Security firm Cleafy has discovered a new piece of Android malware being used in the wild, dubbed BingoMod. BingoMod is designed to steal money from a victim by committing On Device Fraud, which makes it easier to bypass security measures used by banking institutions. The threat actors appear to be targeting users...
Read more...
