Google research exposes ongoing global risk from zero-day vulnerabilities
Traditional targets are becoming more secure, while government-backed hackers are feasting
New York wants to use AI and cameras to detect subway crime before it happens
Ten people were murdered in NYC subways last year
FBI warns China is using AI to sharpen cyberattacks on US infrastructure
Federal authorities are beginning to see AI signs in every step of an attack chain
Researchers find numerous Apple AirPlay vulnerabilities allowing "wormable" exploits over Wi-Fi
Apple already issued patches, so be sure to update your systems immediately
In brief: Security researchers have uncovered a wide-ranging set of vulnerabilities in Apple's AirPlay protocol that could allow attackers to hijack Apple and third-party devices remotely without user interaction. The exploit chain, dubbed "AirBorne," includes 23 individual bugs – 17 with official CVEs – and enables zero-click remote code execution on vulnerable systems.
WorkComposer employee monitoring app leak exposes 21 million screenshots online
A misconfigured Amazon S3 storage bucket was the culprit
TP-Link router pricing and China ties under US government investigation
12 of the 20 top-selling routers on Amazon are TP-Link models
Blue Shield of California shared private health data of 4.7 million members with Google without consent
A lot of personal details were used for targeted advertising
AI is enabling cybercriminals to act quickly - and with little technical knowledge, Microsoft warns
Fake stores, deepfakes, and chatbots: AI fuels new wave of scams
New study reveals cybersecurity threats in next-gen DNA sequencing
Researchers have identified multiple cyberthreats in every stage of the DNA sequencing process
ChatGPT gets scarily good at guessing photo locations, sparking doxxing concerns
Simple photos could reveal real-world locations
Mass phone tracking via cell tower dumps ruled unconstitutional
Phone dragnet violates Fourth Amendment, says court
Microsoft deprecates "revolutionary" virtualization-based security feature in older Windows 11 versions
All things considered, the decision should not affect that many customers
Discord begins experimenting with face scanning for age verification
The test is limited to the UK and Australia where limitation to online platforms is pretty strict already
Apple's latest iPhone update fixes two zero-day security flaws exploited in targeted attacks
The vulnerabilities also affect iPads, Macs, Apple TVs, and Vision Pros
The US almost let the CVE system die - the cybersecurity world's universal bug tracker
A last-minute funding extension saved the system–but only for 11 months
New approach from DeepMind partitions LLMs to mitigate prompt injection
Secure interpreter tracks data flow to block unsafe actions triggered by manipulated text
EU provides burner phones to officials traveling to US amid espionage concerns
Washington isn't Beijing, but you can never be too careful
Android phones will auto-reboot after 3 days of inactivity
Frustrating criminals and law enforcement
Microsoft's latest Windows security update creates an empty folder you should not delete
It's unclear how an empty folder helps prevent security flaws
Apple to analyze on-device data for AI training, vows to uphold user privacy
User data stays private with synthetic training methods
New Chrome update to fix a long-standing bug in user privacy for visited links
The problem has plagued the web for 20 years
Whistleblower tells Congress Facebook worked with China on censorship and data access
"It's been happening for years, covered up by lies, and continues to this day"
Researcher uncovers network of risky Chrome extensions with over 4 million installs
Many ironically promise to scan Chrome for sketchy browser extensions
AMD confirms Zen 5 silicon is also vulnerable to "EntrySign" BIOS microcode bug
A delay in acknowledgment, but at least the fix is out