PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
Google says the intruders were on the hunt for everything from drone tech to pathogens
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Vibe coders are gonna vibe code: How CISOs are tackling code sprawl
Employees are increasingly building automations, agents, and apps with AI tools outside traditional security oversight. Tines explores how CISOs are handling AI-driven code sprawl,…
Chinese hackers breach REDCap servers, steal medical research
A China-linked espionage campaign targeted exposed REDCap servers to deploy the InfiniteRed malware and steal sensitive data from a medical institution in North America. [...]
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week is the same lesson …
Arch Linux locks down AUR signups amid wave of malicious commits
Community repo freezes new accounts after attackers swamp it with poisoned package updates
US clampdown on Anthropic models sends EU sovereignty surge into overdrive
Brussels says access curbs prove Europe needs greater technological independence
New attack turned Microsoft 365 Copilot into 1-click data theft tool
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint …
NewCore Emerges From Stealth Mode With $66 Million in Funding
The startup has built a security-first identity platform to protect humans, machines, and AI agents. The post NewCore Emerges From Stealth Mode With $66 Million in Funding appeared…
Infinite Campus data breach affects 137,000 school staff accounts
The ShinyHunters extortion gang stole personal information from more than 137,000 school staff accounts in a Salesforce data theft attack that targeted the widely used Infinite Cam…
US Cracks Down on Anthropic AI Models Amid Abuse Concerns
Anthropic abruptly suspended all access to Fable 5 and Mythos 5 after receiving an export control directive that banned foreign nationals from using the technology.
Flatpak-NG sounds like bad news for systemd refuseniks
Linux app packaging rethink could leave alternative-init distros in the cold
Webinar: How behavioral AI stops phishing and account takeovers
Modern phishing, BEC, and account takeover attacks increasingly bypass traditional email defenses and create operational strain for security teams. This webinar explores how behavi…
Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges
Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. The post Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges appear…
UK AI hiring surges as firms seek people to babysit the bots
PwC says AI hiring jumped 61 percent despite wider slowdown in vacancies, with employers increasingly looking for workers who can use AI rather than build it
The Onboarding Password Mistake That Creates Unnecessary Risk
Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means…
Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems
The pharmaceutical giant says the attackers gained access to personal data stored on the compromised systems. The post Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems …
French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker
French officials say roughly 73,000 government accounts were affected, while the threat actor claims to have stolen messages and user data from the sovereign Tchap platform. The po…
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program (PUP) fa…
The FCC Wants to Eliminate Burner Phones
A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person. The FCC plans to do this by legally forcing the country’s telecoms to s…
UK Treasury hunts CTO on salary that may not compute for top tech talent
The pension may be cushy, but the looming headaches for £77K are not
ShinyHunters Claims Council of Europe Hack
The extortion group threatens to leak 297 GB of data allegedly stolen from the Council of Europe, including employee personal information. The post ShinyHunters Claims Council of E…
Palantir's NHS data deal called in for a second opinion
Experts welcome contract review after claims NHS England missed chance to grow UK health tech market
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites.…
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
The platform used more than 9,000 phishing sites, stealing nearly 4 million credit cards and causing roughly $1.9 billion in losses. The post FBI, Google Dismantle ‘Outsider Enterp…
Britain plots digital bedtime after kicking under-16s off social media
UK plans to go further than Australia, while also targeting stranger contact, livestreaming, and addictive platform features
Maine Disables Data Breach Portal Due to Fake Submissions
Someone posted fake VRChat and Discord data breach reports on the system, prompting the Maine AG to take action. The post Maine Disables Data Breach Portal Due to Fake Submissions …
Google found liable for bad AI Overview results. Let’s play Truth Or Consequences
Hush. children, what’s that sound? Has the flood gates’ key been found?
Munch Museum Windows display gives visitors something to scream about
When art reflects modern realities
Chinese e-tailer claimed 14-inch box stretched the size of a 9-inch tablet
This is why you don’t let junior staff ‘save the company a few dollars’
Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts
Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts im…