22 Jan

Ancient telnet bug happily hands out root to attackers

A recently disclosed critical vulnerability in the GNU InetUtils telnet daemon (telnetd) is “trivial” to exploit, experts say. The bug, which had gone unnoticed for

Author rabih
22 Jan

Another week, another emergency patch as Cisco plugs Unified Comms zero-day

Cisco has finally shipped a fix for a critical-rated zero-day in its Unified Communications gear, a flaw that’s already being weaponized in the wild, and

Author rabih
22 Jan

Common Apple Pay scams, and how to stay safe

Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step ahead Phil Muncaster 22 Jan

Author rabih
21 Jan

Davos discussion mulls how to keep AI agents from running wild

AI agents arrived in Davos this week with the question of how to secure them – and prevent agents from becoming the ultimate insider threat

Author rabih
21 Jan

Don’t click on the LastPass ‘create backup’ link – it’s a scam

Password managers make great targets for attackers because they can hold many of the keys to your kingdom. Now, LastPass has warned customers about phishing

Author rabih
21 Jan

Everest ransomware gang said to be sitting on mountain of Under Armour data

Have I Been Pwned (HIBP) says 72.7 million accounts registered with Under Armour were affected by an alleged ransomware attack in November. The data breach

Author rabih
21 Jan

EU considers whether there’s Huawei of axing Chinese kit from networks within 3 years

The European Commission (EC) wants a revised Cybersecurity Act to address any threats posed by IT and telecoms kit from third-country sources, potentially forcing member

Author rabih
21 Jan

Ireland wants to give its cops spyware, ability to crack encrypted messages

The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. The

Author rabih
21 Jan

Best of British: UK’s infosec envoys include Cisco, Palo Alto, and Accenture

Britain’s digital economy minister has sent forth a raft of companies as “ambassadors” to help organizations across the land embrace the UK’s Software Security Code

Author rabih
21 Jan

Curl shutters bug bounty program to remove incentive for submitting AI slop

The maintainer of popular open-source data transfer tool cURL has ended the project’s bug bounty program after maintainers struggled to assess a flood of AI-generated

Author rabih
20 Jan

Cloudflare whacks WAF bypass bug that opened side door for attackers

Cloudflare has fixed a flaw in its web application firewall (WAF) that allowed attackers to bypass security rules and directly access origin servers, which could

Author rabih
20 Jan

Remember VoidLink, the cloud-targeting Linux malware? An AI agent wrote it

VoidLink, the newly spotted Linux malware that targets victims’ clouds with 37 evil plugins, was generated “almost entirely by artificial intelligence” and likely developed by

Author rabih
20 Jan

AI framework flaws put enterprise clouds at risk of takeover

Two “easy-to-exploit” vulnerabilities in the popular open-source AI framework Chainlit put major enterprises’ cloud environments at risk of leaking data or even full takeover, according

Author rabih
20 Jan

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to remotely execute malicious

Author rabih
20 Jan

For the price of Netflix, crooks can now rent AI to run cybercrime

Cybercrime has entered its AI era, with criminals now using weaponized language models and deepfakes as cheap, off-the-shelf infrastructure rather than experimental tools, according to

Author rabih
20 Jan

Old habits die hard: 2025’s most common passwords were as predictable as ever

Digital Security Once again, data shows an uncomfortable truth: the habit of choosing eminently hackable passwords is alive and well Christian Ali Bravo 20 Jan

Author rabih
20 Jan

Akamai CEO wants help to defeat piracy, reckons he can handle edge AI alone

Interview After Cloudflare CEO Matthew Prince recently threatened to disrupt the Winter Olympics to protect free speech after Italian authorities fined his company for not

Author rabih
19 Jan

Broker who sold malware to the FBI set for sentencing

A Jordanian national faces sentencing in the US after pleading guilty to acting as an initial access broker (IAB) for various cyberattacks. Feras Khalil Ahmad

Author rabih
Load moreLoadingAll items loaded