Hackers have released what appears to be the largest data breach in the history of Chinese cybersecurity — exfiltrating archives from Knownsec, a firm closely tied to state structures in the People’s Republic of...
Microsoft has revealed a new side-channel attack targeting remote large language models, allowing a passive adversary who merely observes encrypted network traffic to infer the topic of a user’s conversation with an AI, even...
MAD-CAT (Meow Attack Data Corruption Automation Tool) is a comprehensive security tool designed to simulate data corruption attacks against multiple database systems. The tool supports both single-target attacks and bulk CSV-based attack campaigns, with...
GDIOCSpider is an open-source, configurable, Python Incident Response (IR) and Security Research tool specifically catered around IOC extraction and identification in GDrives with poor data context. Taken as an end-to-end application, this tool crawls through...
Microsoft is testing an accelerated version of its Quick Machine Recovery (QMR) feature alongside an updated iteration of Smart App Control (SAC). Both functions can now be enabled or disabled directly through system settings—eliminating...
Researchers discovered several NuGet packages in the public registry that conceal covert sabotage code scheduled to activate in 2027 and 2028. The tainted packages target three popular .NET data engines—Microsoft SQL Server, PostgreSQL, and...
Helping companies negotiate with ransomware gangs has always seemed like a peculiar business. In theory, one mediates with cybercriminals, attempting to lower ransom demands so that victims can resume operations more swiftly. In practice,...
A next-generation spyware operated undetected for nearly a year, hiding deep within Samsung Galaxy smartphones and exploiting a vulnerability unknown to the manufacturer. Researchers from Palo Alto Networks Unit 42 revealed that the malware,...
A seemingly simple idea — to streamline the management of a home network and enhance its security — unexpectedly turned into a sequence of near-catastrophic mistakes, all triggered by the advice of popular AI...
In 2025, users continue to rely on the most elementary password combinations to protect their accounts. A study by Comparitech, based on the analysis of more than two billion real passwords leaked on data...
Authorities in the U.S. state of Nevada have released a detailed technical report dissecting a large-scale cyberattack that encrypted government systems with ransomware. The document provides an exhaustive account of the attackers’ actions, their...
Google has released an emergency security update for the Chrome browser, addressing a series of vulnerabilities that could allow remote code execution and potential system takeover. The update, issued on 5 November 2025, is...
