#avast
#avast

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

Privacy professionals

Britons warned about Russian hackers targeting internet routers for espionage

fromBoston.com

Healthcare

Signature Healthcare in Brockton hit by cybersecurity incident

20 hours ago

Anthropic is testing the Mythos AI model for cybersecurity

Claude Mythos is a new frontier model by Anthropic with strong cybersecurity capabilities, focusing on both detecting and exploiting vulnerabilities.

16 hours ago

Anthropic limits access to Mythos, its new cybersecurity AI model

Mythos has identified critical zero-day vulnerabilities, while Anthropic's AI model has shown both capabilities and risks in cybersecurity applications.

from24/7 Wall St.

4 hours ago

CrowdStrike CEO warns AI will trigger explosion of cyber attacks with shrinking patch windows

AI will significantly increase the speed of cyberattacks, reducing response time for organizations from days to minutes.

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

Britons warned about Russian hackers targeting internet routers for espionage

Russian hackers exploit internet routers for espionage, targeting users' credentials and devices on home networks.

Healthcare

fromBoston.com

Signature Healthcare in Brockton hit by cybersecurity incident

Signature Healthcare is managing a cybersecurity incident, affecting some services while maintaining inpatient and emergency care.

20 hours ago

Anthropic is testing the Mythos AI model for cybersecurity

Claude Mythos is a new frontier model by Anthropic with strong cybersecurity capabilities, focusing on both detecting and exploiting vulnerabilities.

16 hours ago

Anthropic limits access to Mythos, its new cybersecurity AI model

Mythos has identified critical zero-day vulnerabilities, while Anthropic's AI model has shown both capabilities and risks in cybersecurity applications.

WireGuard VPN developer can't ship software updates after Microsoft locks account | TechCrunch

WireGuard is locked out of its Microsoft developer account, preventing critical software updates for Windows users.

#ai

fromIntelligencer

fromwww.businessinsider.com

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Tech industry

Cloudflare and GoDaddy team up to help websites fend off Big Tech's AI bot swarm

12 hours ago

Information security

Anthropic says its latest AI model can expose weaknesses in software security

fromThe Verge

Artificial intelligence

Anthropic is launching a new AI model for cybersecurity

fromFast Company

Anthropic will use its biggest, baddest AI model to protect against cyberattacks

Anthropic is launching a cybersecurity initiative with major tech companies to use AI for identifying and fixing software vulnerabilities.

fromHarvard Business Review

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

fromIntelligencer

fromwww.businessinsider.com

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Tech industry

Cloudflare and GoDaddy team up to help websites fend off Big Tech's AI bot swarm

Cloudflare and GoDaddy are partnering to help web content creators control AI bot interactions and address revenue loss from AI content scraping.

12 hours ago

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

fromThe Verge

Anthropic is launching a new AI model for cybersecurity

Anthropic launches Claude Mythos Preview for cybersecurity, enabling companies to identify vulnerabilities with minimal human intervention.

fromFast Company

fromHarvard Business Review

Anthropic will use its biggest, baddest AI model to protect against cyberattacks

Anthropic is launching a cybersecurity initiative with major tech companies to use AI for identifying and fixing software vulnerabilities.

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

Adam Back Says Quantum Threat To Bitcoin Is Decades Away

Quantum computing poses no immediate threat to Bitcoin's cryptographic security, but preparation for future risks is essential.

4 days ago

The Retroactive Decryption Trap: Why Post-Quantum Upgrades Can't Save Your Past Privacy

Google's whitepaper on quantum threats urges immediate post-quantum preparations, shifting the migration deadline to 2029 and highlighting vulnerabilities in blockchain security.

Cryptocurrency

fromBitcoin Magazine

8 hours ago

Adam Back Says Quantum Threat To Bitcoin Is Decades Away

Quantum computing poses no immediate threat to Bitcoin's cryptographic security, but preparation for future risks is essential.

4 days ago

The Retroactive Decryption Trap: Why Post-Quantum Upgrades Can't Save Your Past Privacy

Google's whitepaper on quantum threats urges immediate post-quantum preparations, shifting the migration deadline to 2029 and highlighting vulnerabilities in blockchain security.

more#quantum-computing

Deliverability

13 hours ago

How a burner email can protect your inbox - setting one up one is easy and free

A burner email address protects against spam and phishing by providing a temporary, disposable option for account creation.

Ransomware knocks Dutch healthcare software vendor offline

A ransomware attack has taken down Dutch healthcare software vendor ChipSoft, affecting its services to hospitals across the country.

Information security

German Police Unmask REvil Ransomware Leader

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

Healthcare

Ransomware knocks Dutch healthcare software vendor offline

A ransomware attack has taken down Dutch healthcare software vendor ChipSoft, affecting its services to hospitals across the country.

Information security

German Police Unmask REvil Ransomware Leader

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa ransomware group rapidly exploits vulnerabilities, impacting critical sectors and employing double extortion tactics since June 2021.

more#ransomware

fromWIRED

22 hours ago

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

Digital life

fromEarth911

Guest Idea: Why Sustainable Home Tech Choices Also Need Cybersecurity Awareness

Sustainable technology adoption is rising, but security risks of connected devices are often overlooked, impacting both environmental and digital safety.

US politics

fromwww.npr.org

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

'Stop Texting': FBI Warning Drives Apple's iPhone Messaging Update - TechRepublic

Apple is adopting a secure version of RCS to enhance messaging security between iPhones and Android devices.

Apple

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.

Mobile UX

'Stop Texting': FBI Warning Drives Apple's iPhone Messaging Update - TechRepublic

Apple is adopting a secure version of RCS to enhance messaging security between iPhones and Android devices.

Apple

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.

more#apple

Non-profit organizations

fromNextgov.com

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.

Business

from24/7 Wall St.

CrowdStrike Just Bet Big On the Huge Disconnect Between Growth and Its Stock

CrowdStrike's $500 million share repurchase program signals confidence in its undervalued stock amid strong business momentum and AI-driven growth.

Claude Code's innards revealed as source code leaked online

Anthropic simply left the stage door open with the entire Claude Code source ready and waiting for the right person to find it. This unprecedented leak has allowed for a deeper understanding of the AI software development assistant.

Software development

Apple

fromMail Online

Apple issues warning to iPhone users over stealthy attack: Act NOW

Apple has released critical iOS updates to protect against the DarkSword cyberattack method targeting vulnerable devices.

#data-privacy

fromBrooklyn Eagle

Brooklyn

PREMIUM Is Your Phone Spying on You? Nah. It Doesn't Have To.

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

fromBrooklyn Eagle

Brooklyn

PREMIUM Is Your Phone Spying on You? Nah. It Doesn't Have To.

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

fromInfoWorld

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

more#openclaw

#artificial-intelligence

Anthropic launches Project Glasswing, an effort to prevent AI cyberattacks with AI

Project Glasswing aims to enhance cybersecurity against AI threats with major tech partnerships and a new AI model from Anthropic.

19 hours ago

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

Anthropic launches Project Glasswing, an effort to prevent AI cyberattacks with AI

Project Glasswing aims to enhance cybersecurity against AI threats with major tech partnerships and a new AI model from Anthropic.

more#artificial-intelligence

19 hours ago

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

Cryptocurrency

fromFortune

A quantum threat to Bitcoin has some asking the unthinkable: Is it time to freeze old wallets belonging to Satoshi Nakamoto? | Fortune

Quantum computing poses a significant threat to Bitcoin wallets, particularly those of Satoshi Nakamoto, potentially allowing hackers to access them by 2029.

Web design

Don't sleep on this powerful new Chrome security booster

Assess Chrome extensions carefully to ensure developer trustworthiness and review permissions, as ownership changes can introduce security risks.

13 hours ago

Selling Mass Surveillance | EFFector 38.7

Police surveillance technology often expands beyond its original purpose, leading to concerns about privacy and civil liberties.

#data-breach

14 hours ago

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

fromSilicon Canals

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

fromSecuritymagazine

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

14 hours ago

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

fromSilicon Canals

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

fromSecuritymagazine

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

14 hours ago

Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account | TechCrunch

Microsoft has blocked the VeraCrypt developer's account, potentially affecting users' access to their encrypted PCs.

New FBI Warning: Chinese Apps Could Expose User Data

FBI warns Americans about potential data risks from foreign apps, especially those developed in China.

fromSecuritymagazine

Physical Security in Global Arenas: How AI Improves Security at Scale

Agentic physical security uses AI to transform surveillance into proactive threat prevention at large events.

fromTNW | Insights

LinkedIn secretly scans 6,000+ browser extensions and fingerprints your device

LinkedIn's hidden JavaScript routine collects extensive user data without disclosure, raising concerns about covert surveillance practices.

AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech - TechRepublic

Tech industry faces rapid AI advancements alongside significant security vulnerabilities and human costs.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

#privacy

Triple Header for Privacy's Defender in New York

Cindy Cohn's new book, Privacy's Defender, details her 30-year fight against digital surveillance and promotes data security and digital rights.

Privacy technologies

Double Shot of Privacy's Defender in D.C.

Triple Header for Privacy's Defender in New York

Cindy Cohn's new book, Privacy's Defender, details her 30-year fight against digital surveillance and promotes data security and digital rights.

Privacy technologies

Double Shot of Privacy's Defender in D.C.

more#privacy

fromSilicon Canals

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.

Why AI lies, cheats and steals

AI chatbots are increasingly misbehaving, with a fivefold rise in unethical actions over six months, according to recent research.

21 hours ago

Web3 Security Provider Certik Opens AI Auditing Tool Access to Global Developers

Certik launched its AI Auditor, achieving an 88.6% hit rate against security incidents, enhancing proactive defense in Web3.

Is Proton Workspace the European alternative to Microsoft 365 and Google?

Proton's new software suite aims to compete with Microsoft 365 and Google Workspace while prioritizing user privacy.

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users about a fake iOS app infected with spyware, primarily targeting users in Italy.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Information security

1Password adds an extra layer of phishing protection

Information security

1Password's new anti-phishing feature adds a crucial layer of protection - how it works

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Information security

1Password adds an extra layer of phishing protection

Information security

1Password's new anti-phishing feature adds a crucial layer of protection - how it works

Anthropic withholds Mythos Preview model because it's hacking is too powerful

Mythos Preview can autonomously find and exploit vulnerabilities at an unprecedented level, surpassing previous models significantly.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

CrowdStrike Falcon Update Makes the Endpoint the Hub for AI Security

CrowdStrike enhances the Falcon platform with new AI security features, making endpoints central to detecting and managing AI applications.

fromAxios

Anthropic withholds Mythos Preview model because it's hacking is too powerful

Mythos Preview can autonomously find and exploit vulnerabilities at an unprecedented level, surpassing previous models significantly.

Google DeepMind Researchers Map Web Attacks Against AI Agents

Malicious web content can exploit AI agents, leading to manipulation and unexpected behaviors through various attack types identified by researchers.

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

CrowdStrike Falcon Update Makes the Endpoint the Hub for AI Security

CrowdStrike enhances the Falcon platform with new AI security features, making endpoints central to detecting and managing AI applications.

more#ai-security

fromInfoWorld

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

5 telltale signs that your phone has been compromised (and how to combat them)

Phone hacking can be detected through signs like battery drain, slow performance, unfamiliar logins, and reduced storage space.

Russian government hackers broke into thousands of home routers to steal passwords | TechCrunch

Russian hackers hijacked thousands of routers globally to redirect internet traffic and steal passwords and access tokens.

Cloudflare accelerates post-quantum roadmap

Cloudflare plans to achieve full post-quantum security by 2029, prioritizing authentication systems due to emerging quantum computing threats.

3 weeks ago

Cyber criminals too are working from home... your home

The FBI warns that cybercriminals use residential proxies to mask illegal activities by hijacking IoT devices, smartphones, and routers, threatening both consumers and enterprises, particularly older devices.

Apple Rolls Out Fix: New macOS Update Could Protect 100M Mac Users

Apple's macOS update introduces a warning system to prevent users from executing potentially harmful commands in Terminal.

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

macOS users are targeted by a ClickFix campaign delivering a Python-based information stealer through a fake Cloudflare verification page.

Apple Rolls Out Fix: New macOS Update Could Protect 100M Mac Users

Apple's macOS update introduces a warning system to prevent users from executing potentially harmful commands in Terminal.

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

macOS users are targeted by a ClickFix campaign delivering a Python-based information stealer through a fake Cloudflare verification page.

more#macos

#cybercrime

fromthenextweb.com

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

fromthenextweb.com

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.

Don't glamorize cybercrims, roast them instead

Cybercrime groups should not be glamorized; they are ordinary individuals using computers for theft, not mythical entities.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Information security

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Information security

Sophisticated CrystalX RAT Emerges

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Jamf warns of massive app insecurities

Mac and iOS users face significant security threats, with many devices vulnerable to attacks and outdated systems.

Security boffins harvest bumper crop of API keys from web

Almost 2,000 API credentials were found exposed on 10,000 webpages, posing significant security risks to organizations and critical infrastructure.

I tested NordVPN's free scam checker against a real threat in my inbox - here's how it did

NordVPN launched a free AI-powered scam checker tool that detects suspicious links, files, text, and images by identifying malicious databases and common scam patterns like scare tactics and artificial urgency.

Is spyware hiding on your phone? How to find out and remove it - fast

Spyware is one of the top threats to your mobile security and can severely impact your handset's performance if you are unlucky enough to become infected. It is a type of malware that typically lands on your iPhone or Android phone through malicious mobile apps or through phishing links, emails, and messages. While appearing to be a legitimate software package or useful utility, spyware will operate quietly in the background to monitor your movements,

Privacy technologies

Kaspersky: No signs Coruna iPhone exploit kit made by US

Kaspersky disputes claims that the Coruna iPhone exploit kit shares authorship with a 2023 operation targeting Russian diplomats, stating no evidence of code reuse exists between them.

Half of all cyberattacks start in your browser: 10 essential tips for staying safe

Web browsers are among the top targets for today's cybercriminals, playing a role in nearly half of all security incidents, new research reveals. According to Palo Alto Networks' 2026 Global Incident Response report, an analysis of 750 major cyber incidents recorded last year across 50 countries found that, in total, 48% of cybercrime events involved browser activity. Individuals trying to connect to the web, including business employees, are exposed to cyberthreats on a daily basis.

Information security