08 Jan

OpenAI putting bandaids on bandaids as prompt injection problems keep festering

Security researchers at Radware say they’ve identified several vulnerabilities in OpenAI’s ChatGPT service that allow the exfiltration of personal information. The flaws, identified in a

Author rabih
08 Jan

Are criminals vibe coding malware? All signs point to yes

Interview With everyone from would-be developers to six-year-old kids jumping on the vibe coding bandwagon, it shouldn’t be surprising that criminals like automated coding tools

Author rabih
08 Jan

Credential stuffing: What it is and how to protect yourself

Digital Security Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts Christian Ali Bravo 08

Author rabih
08 Jan

Logitech macOS mouse mayhem traced to expired dev certificate

Logitech says an expired developer certificate is to blame after swaths of customers were left infuriated when their mice malfunctioned. Various users took to social

Author rabih
08 Jan

Cloudflare pours cold water on ‘BGP weirdness preceded US attack on Venezuela’ theory

Cloudflare has poured cold water on a theory that the USA’s incursion into Venezuela coincided with a cyberattack on telecoms infrastructure. The theory came from

Author rabih
07 Jan

IBM’s AI agent Bob easily duped to run malware, researchers show

IBM describes its coding agent thus: “Bob is your AI software development partner that understands your intent, repo, and security standards.” Unfortunately, Bob doesn’t always

Author rabih
07 Jan

ESA calls cops as crims lift off 500 GB of files, say security black hole still open

exclusive The European Space Agency on Wednesday confirmed yet another massive security breach, and told The Register that the data thieves responsible will be subject

Author rabih
07 Jan

Stalkerware slinger pleads guilty for selling snooper software to suspicious spouses

The US government has secured a guilty plea from a stalkerware maker in federal court, marking just the second time in more than a decade

Author rabih
07 Jan

Microsoft scraps Exchange Online spam clamp after customers cry foul

Microsoft has backed away from planned changes to Exchange Online after customers objected to limits designed to curb outbound email abuse. In its cancellation announcement,

Author rabih
07 Jan

Ministry of Justice splurged £50M on security – still missed Legal Aid Agency cyberattack

The UK’s Ministry of Justice spent £50 million ($67 million) on cybersecurity improvements at the Legal Aid Agency (LAA) before the high-profile cyberattack it disclosed

Author rabih
07 Jan

Jaguar Land Rover wholesale volumes plummet 43% in cyberattack aftermath

Brit luxury automaker Jaguar Land Rover has reported devastating preliminary Q3 results that lay bare the cascading consequences of a crippling cyberattack, revealing wholesale volumes

Author rabih
07 Jan

HSBC app takes a dim view of sideloaded Bitwarden installations

Some HSBC mobile banking customers in the UK report being locked out of the bank’s app after installing the Bitwarden password manager via an open

Author rabih
07 Jan

HackerOne ‘ghosted’ me for months over $8,500 bug bounty, says researcher

Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a popular Kubernetes controller, via HackerOne’s Internet Bug Bounty (IBB) program. Both were assigned

Author rabih
06 Jan

Brightspeed investigates breach as crims post stolen data for sale

Internet service provider Brightspeed confirmed that it’s investigating criminals’ claims that they stole more than a million customers’ records and have listed them for sale

Author rabih
06 Jan

Fake Windows BSODs check in at Europe’s hotels to con staff into running malware

Russia-linked hackers are sneaking malware into European hotels and other hospitality outfits by tricking staff into installing it themselves through fake Windows Blue Screen of

Author rabih
06 Jan

Crypto wallet shop Ledger confirms customer data lifted in Global-e snafu

Blockchain security biz Ledger says customer information was accessed in a breach at its ecommerce payment partner Global-e, and is warning that other brands using

Author rabih
06 Jan

UK injects just £210M into cyber plan to stop Whitehall getting pwnd

The UK today launches its Government Cyber Action Plan, committing £210 million ($282 million) to strengthen defenses across digital public services and hold itself to

Author rabih
06 Jan

Students bag extended Christmas break after cyber hit on school IT

Students at a school in Warwickshire, England, have scored an extended Christmas break after a cyberattack crippled its IT systems, forcing classrooms to close and

Author rabih
Load moreLoadingAll items loaded