US politicians want to track Nvidia chips smuggled to China
Are microchip smugglers bypassing US export bans en masse?
Supply-chain attack lies dormant for six years before striking hundreds of e-commerce sites
Cybercriminals waited years before activating massive e-commerce backdoor in Magento software
Crypto millionaires targeted in brutal kidnappings across France and Europe
Attackers' modus operandi: cutting off victims' fingers to pressure payments
In brief: There has been a spate of kidnappings taking place across France and Western Europe in which victims are cryptocurrency investors. The most recent incident involved the owner of a crypto marketing firm having his finger cut off by attackers. Police say the man could have been mutilated further had he not been rescued.
Hacker breaches TeleMessage system used by US officials, raising security concerns
The dangers of archiving encrypted messaging for compliance
At RSA Conference, experts reveal how "evil AI" is changing hacking forever
AI without guardrails is opening new doors for cybercriminals
Visa is piloting AI agents with payment systems for autonomous shopping
Forward-looking: Visa plans to allow AI agents to conduct financial transactions on behalf of consumers, a move that could streamline and automate everyday purchases. The company is currently running pilot programs that connect its payment network to AI platforms developed by firms such as Anthropic, Microsoft, OpenAI, Perplexity, and Mistral, with broader adoption expected soon.
Windows Remote Desktop Protocol contains a login backdoor Microsoft refuses to fix
It's not a bug, but a feature, Microsoft confirmed to concerned researchers
WTF?! The proprietary protocol developed by Microsoft to facilitate remote connections to Windows machines contains an outstanding security flaw. However, Microsoft has stated that it has no plans to fix the issue, as doing so would break compatibility with many applications.
Sam Altman's World brings iris-scanning digital ID to the US
Orb scanners promise "proof of humanity"
After studying 19 billion passwords, one big problem: Over 90% are terrible
TL;DR: A new study analyzing more than 19 billion passwords from relatively recent data breaches between April 2024 and 2025 has found that the vast majority are weak. Alarmingly, only six percent of the leaked passwords were unique, leading researchers to describe a widespread epidemic of weak password reuse.
FCC moves to ban Chinese labs from testing electronics sold in the US
75% of all electronics are tested at labs located inside China
Cutting corners: Not content with banning sales of high-end AI chips to China and imposing 145% tariffs on many imports from the country, the US government is now trying to stop companies from using Chinese labs to test electronic devices available in the United States.
Google Play shrinks by 47 percent following Android's store policy overhaul
Last year Google blocked 2.36 million apps that violated store policies
Microsoft brings hot patching to Windows Server, reboot-free updates
Greedy patching: Hot patching is a way to quickly install security updates without requiring an OS reboot. Microsoft has offered the feature for years through its Azure cloud platform, but it's soon coming to non-cloud versions of Windows Server. It won't be free, but Microsoft's target audience is enterprise customers.
Google research exposes ongoing global risk from zero-day vulnerabilities
Traditional targets are becoming more secure, while government-backed hackers are feasting
New York wants to use AI and cameras to detect subway crime before it happens
Ten people were murdered in NYC subways last year
FBI warns China is using AI to sharpen cyberattacks on US infrastructure
Federal authorities are beginning to see AI signs in every step of an attack chain
Researchers find numerous Apple AirPlay vulnerabilities allowing "wormable" exploits over Wi-Fi
Apple already issued patches, so be sure to update your systems immediately
In brief: Security researchers have uncovered a wide-ranging set of vulnerabilities in Apple's AirPlay protocol that could allow attackers to hijack Apple and third-party devices remotely without user interaction. The exploit chain, dubbed "AirBorne," includes 23 individual bugs – 17 with official CVEs – and enables zero-click remote code execution on vulnerable systems.
WorkComposer employee monitoring app leak exposes 21 million screenshots online
A misconfigured Amazon S3 storage bucket was the culprit
TP-Link router pricing and China ties under US government investigation
12 of the 20 top-selling routers on Amazon are TP-Link models
Blue Shield of California shared private health data of 4.7 million members with Google without consent
A lot of personal details were used for targeted advertising
AI is enabling cybercriminals to act quickly - and with little technical knowledge, Microsoft warns
Fake stores, deepfakes, and chatbots: AI fuels new wave of scams
New study reveals cybersecurity threats in next-gen DNA sequencing
Researchers have identified multiple cyberthreats in every stage of the DNA sequencing process
ChatGPT gets scarily good at guessing photo locations, sparking doxxing concerns
Simple photos could reveal real-world locations
Mass phone tracking via cell tower dumps ruled unconstitutional
Phone dragnet violates Fourth Amendment, says court
Microsoft deprecates "revolutionary" virtualization-based security feature in older Windows 11 versions
All things considered, the decision should not affect that many customers
Discord begins experimenting with face scanning for age verification
The test is limited to the UK and Australia where limitation to online platforms is pretty strict already