#threats-and-security
#threats-and-security

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Silicon Valley

22 hours ago

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Remote teams

OPM seeks cybersecurity talent to join Tech Force

Cryptocurrency

fromnews.bitcoin.com

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

18 hours ago

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

fromFast Company

11 hours ago

Why the Iran cyberattack everyone warned about hasn't really happened yet

Iran-linked hackers have conducted minor cyberattacks in the U.S. but have focused on other regions with more significant incursions.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Silicon Valley

22 hours ago

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Remote teams

OPM seeks cybersecurity talent to join Tech Force

Cryptocurrency

fromnews.bitcoin.com

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

18 hours ago

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

more#cybersecurity

EU data protection

fromComputerWeekly.com

9 hours ago

UK reliance on US big tech companies is 'national security risk', claims report | Computer Weekly

The UK is at risk due to over-reliance on US tech companies for critical infrastructure, impacting national security.

fromwww.businessinsider.com

18 hours ago

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

Europe news

3 hours ago

The West is preparing for cheap drone attacks, but many businesses and civilians can only watch, not stop them

Civilian and corporate organizations struggle to counter small drone threats due to legal restrictions, leading to increased demand for drone detection devices.

fromFortune

11 hours ago

Fortune

AI agents operate autonomously, creating governance gaps and enterprise risk as organizations struggle to manage their authority and actions.

NYC parents

fromMail Online

fromwww.independent.co.uk

NYPD cop's sleeper cell' warning as NYC teen bombers are indicted

Americans in major cities should remain vigilant against potential sleeper cell attacks following recent terror incidents.

UK news

23 hours ago

Phone firms should use technology to stop children taking nudes, police chief says

Tech firms must enhance children's online safety by preventing the creation of nude images on their devices, according to law enforcement officials.

US news

Top Secret Clearance Holder Charged With Leaking Classified National Defense Information

Courtney Williams was arrested for allegedly sharing classified national defense information with unauthorized individuals, including a journalist, from 2022 to 2025.

Washington DC

DHS intelligence office restructuring would still keep it under ODNI oversight

The White House plans to restructure DHS's intelligence unit while maintaining its oversight under the Office of the Director of National Intelligence.

SF politics

Politicians Are Spending More Money on Security as They Increasingly Become Targets

Federal campaign spending on security for the 2024 election cycle exceeds five times that of the 2016 election due to rising threats against public servants.

Apple

fromTheregister

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

US politics

fromwww.npr.org

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

#ai

Information security

Runtime security becomes critical as AI accelerates threats

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

fromwww.npr.org

US news

How AI is getting better at finding security holes

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

fromHarvard Business Review

2 weeks ago

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

fromFortune

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

fromwww.npr.org

US news

How AI is getting better at finding security holes

fromIntelligencer

fromHarvard Business Review

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

2 weeks ago

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

fromFortune

Anthropic caused panic that Mythos will expose cybersecurity weak spots, but one industry veteran says real problem is fixing, not finding, them | Fortune

Anthropic's Claude Mythos Preview AI model identifies cybersecurity vulnerabilities, but experts question its impact on fixing existing issues.

more#ai

fromArs Technica

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

#data-breach

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

17 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

17 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

White House Seeks to Slash CISA Funding by $707 Million

The Trump administration proposes a $707 million budget cut for CISA to refocus on core missions and eliminate inefficiencies.

Trump's Proposed CISA Cuts Spark Alarm Among Cybersecurity Experts

Proposed budget cuts to CISA raise concerns about U.S. cybersecurity readiness against increasing digital threats.

SF politics

White House Seeks to Slash CISA Funding by $707 Million

The Trump administration proposes a $707 million budget cut for CISA to refocus on core missions and eliminate inefficiencies.

Trump's Proposed CISA Cuts Spark Alarm Among Cybersecurity Experts

Proposed budget cuts to CISA raise concerns about U.S. cybersecurity readiness against increasing digital threats.

more#cisa

fromFuturism

fromPrivacy International

Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes

Meta's Ray-Ban AI glasses face backlash for privacy violations and plans for facial recognition technology, prompting outrage from civil rights groups.

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

World politics

2 weeks ago

We Are At War

Rising geopolitical tensions are increasingly intertwined with cyber operations and the politicization of technology.

fromMail Online

16 hours ago

Warning to iPhone users over iCloud storage scam exposing bank details

A new email scam targets iPhone users, posing as iCloud notifications to steal personal and banking information.

#fbi

Information security

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

New FBI Warning: Chinese Apps Could Expose User Data

FBI warns Americans about potential data risks from foreign apps, especially those developed in China.

Privacy professionals

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

Privacy professionals

FBI Declares Surveillance System Breach a 'Major Incident'

Information security

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

New FBI Warning: Chinese Apps Could Expose User Data

FBI warns Americans about potential data risks from foreign apps, especially those developed in China.

Breach of FBI Surveillance System Considered a "Major Incident," Security Experts Weigh In

FBI confirms major breach of surveillance system, exposing sensitive data and potentially revealing criminal probes and surveillance targets.

FBI Declares Surveillance System Breach a 'Major Incident'

A China-linked breach of an FBI surveillance system has been classified as a major incident, posing significant risks to US national security.

more#fbi

fromKotaku

20 hours ago

GTA 6 Hackers Say They Will Release The Breached Data After Ransom Demands Not Met - Kotaku

ShinyHunters plans to publish stolen data from Rockstar after ransom demands were not met.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

1 hour ago

OpenAI replaces certificates following Axios incident

OpenAI renewed its macOS certificates as a precaution after a third-party tool vulnerability, though no user data was compromised.

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

19 hours ago

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

1 hour ago

OpenAI replaces certificates following Axios incident

OpenAI renewed its macOS certificates as a precaution after a third-party tool vulnerability, though no user data was compromised.

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

fromElectronic Frontier Foundation

Banning New Foreign Routers Mistargets Products to Fix Real Problem

The FCC has banned foreign-made routers from U.S. sale due to security concerns, impacting consumer options without effectively addressing vulnerabilities.

fromwww.housingwire.com

FBI: Seniors lost $7.75B to cybercrime in 2025 a 59% jump

Tech and customer support scams caused $1.04 billion in losses for older victims, with AI enhancing the sophistication of these frauds.

fromInfoWorld

3 weeks ago

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

fromTheregister

10 hours ago

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

fromBitcoin Magazine

14 hours ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

fromThe New Yorker

2 months ago

National Security Begins Behind the Toaster

Dear Secretary Pete Hegseth, I realize that this is a big ask, but would you please invade and take possession of my son and daughter-in-law's apartment? Or maybe you'd like to make them an offer first? Either way, as a concerned mother and patriot who believes that national security begins at home, I feel it's my duty to let you know that Otis and Luna, the co-dictators of Unit 4-C, at 439 Bergen Street, in Park Slope, Brooklyn, must be overthrown.

Humor

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."

Information security

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

US news

2 months ago

This Website Exposed ICE Data - Now, It's Faced a Cyberattack

A publicly accessible ICE List database exposes PII for roughly 4,500 federal ICE agents and supervisors and recently suffered a DDoS attack reportedly originating from Russia.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

FBI: Cybercrime Losses Neared $21 Billion in 2025

Cyber-enabled crime losses increased by 26% in 2025, nearing $21 billion, with investment fraud being the most significant contributor.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

1 month ago

Potential US-built hacking tools obtained by foreign spies and cybercriminals, research says

A sophisticated iPhone hacking toolkit called Coruna, likely originating from U.S. government development, has proliferated to foreign intelligence agencies and criminal groups, compromising iOS devices through multiple exploit chains.