With the end of Windows 10’s regular support cycle fast approaching, and a good five years since the COVID pandemic spurred a wave of hardware

A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows

Samsung has fixed a critical flaw that affects its Android devices – but not before attackers found and exploited the bug, which could allow remote

The Cybersecurity and Infrastructure Security Agency (CISA) nearly let the Common Vulnerabilities and Exposures (CVE) program lapse earlier this year, but a new “vision” document

More than a thousand university students in the Netherlands must continue to travel to wash their clothes after their building management company failed to bring

A national digital ID could hand the government the tools for population-wide surveillance – and if history is anything to go by, ministers probably couldn’t

The UK’s data protection watchdog says more than half of cyberattacks in schools are caused by students, and that parents should act early to prevent

ESET Research has discovered HybridPetya, on the VirusTotal sample sharing platform. It is a copycat of the infamous Petya/NotPetya malware, adding the capability of compromising

Security outfit Huntress has been forced onto the defensive after its latest research – described by senior staff as “hilarious” – split opinion across the

After years of being dominated by outsiders, the computer surveillance software industry is booming in the United States as investors rush into the ethically dodgy

Multiple attackers using a new phishing service dubbed VoidProxy to target organizations’ Microsoft and Google accounts have successfully stolen users’ credentials, multi-factor authentication codes, and

Villager, a new penetration-testing tool linked to a suspicious China-based company and described by researchers as “Cobalt Strike’s AI successor,” has been downloaded about 10,000

A DDoS mitigation provider was given a taste of the poison it tries to prevent, after being smacked by one of the largest packet-rate attacks

If you thought the world was done with side-channel CPU attacks, think again. ETH Zurich has identified yet another Spectre-based transient execution vulnerability that affects

Microsoft is back in the firing line after US Senator Ron Wyden accused Redmond of shipping “dangerous, insecure software” that helped cybercrooks cripple one of

Europe, long seen as a bastion of privacy and digital rights, will debate this week whether to enforce surveillance on citizens’ devices. Representatives from member

One of the UK’s largest rail operators, LNER, is the latest organization to spill user data via a third-party data breach. It confirmed the incident

Industry experts expressed both concern and sympathy for Ofcom, the Brit regulator that is overseeing the Online Safety Act, as questions mount over the effectiveness