The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations. The post Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures appeared first on SecurityWeek. This article has…
Category: EN
TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China
Ireland’s Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users’ data to China. “TikTok infringed the GDPR regarding its transfers of EEA…
White House Warns China of Cyber Retaliation Over Infrastructure Hacks
NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” This article has been indexed from www.infosecurity-magazine.com Read the original article: White House Warns China of Cyber Retaliation Over Infrastructure…
Apple Warns Trump’s Tariffs Will Raise Costs By $900m
Apple says iPhones sold in US will no longer come from China, as Q2 results show it has so far mostly avoided Trump’s tariff impact This article has been indexed from Silicon UK Read the original article: Apple Warns Trump’s…
In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down
Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post In Other News: NullPoint Source Code Leak, $17,500 for iPhone…
macOS Sandbox Escape Vulnerability Allows Keychain Deletion and Replacement
A security vulnerability in macOS has been discovered. It allows malicious actors to escape the App Sandbox protection by manipulating security-scoped bookmarks. Tracked as CVE-2025-31191, this vulnerability enables a threat actor to delete and replace a keychain entry critical for authenticating file…
Unmasking AI in Cybersecurity – From Dark-Web Tactics to Next-Gen Defenses
Artificial intelligence is fundamentally reshaping the cybersecurity landscape, introducing both unprecedented defensive capabilities and alarming new attack vectors. The rapid evolution of generative AI and large language models (LLMs) has created a technological inflection point where digital identity verification mechanisms-including…
State-Sponsored Hacktivism Attacks on The Rise, Rewrites Cyber Threat Landscape
The global cybersecurity landscape is witnessing an alarming paradigm shift as state-sponsored hacktivism attacks have surged dramatically in recent months, blurring the traditional boundaries between politically motivated activism and sophisticated nation-state operations. These hybrid threats combine the ideological zeal of…
NCSC Guidance on “Advanced Cryptography”
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic…
New Microsoft accounts will be “passwordless by default”
Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of [a recently simplified sign-in user experience], we’re changing the default behavior for new accounts,” Vasu…
MIWIC25: Marine Ruhamanya, Cybersecurity Senior Manager
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected…
15 Billion User Gain Passwordless Access to Microsoft Account Using Passkeys
As the first-ever World Passkey Day replaces the traditional World Password Day, Microsoft joins the FIDO Alliance in celebrating a milestone achievement: over 15 billion online accounts now have access to passwordless authentication through passkeys. This significant shift marks a…
15 PostgreSQL Monitoring Tools – 2025
PostgreSQL monitoring tools are essential for database administrators to ensure the optimal performance, availability, and reliability of PostgreSQL databases. These tools provide real-time insights into performance metrics, such as query execution times, CPU usage, memory consumption, and disk I/O, helping…
UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks
Major UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks. The post UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Use AI-Driven Reconnaissance to Identify Cyber Threats
Surviving in the digital world is not about stopping the next attack. It’s about preventing any new attack from surfacing. It’s about cyberdefense – predictively and not just reactively. Like the time when GPS revolutionized navigation by showing us what…
How to Automate CVE and Vulnerability Advisory Response with Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. A recent standout…
200+ Fake Retail Sites Used in New Wave of Subscription Scams
Bitdefender uncovers a massive surge in sophisticated subscription scams disguised as online shops and evolving mystery boxes. Learn… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: 200+ Fake…
CISA Releases ICS Advisories Targeting Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released two Industrial Control Systems (ICS) advisories today, addressing critical security vulnerabilities that could potentially impact multiple critical infrastructure sectors including healthcare, manufacturing, energy, transportation, and water systems. The advisories, labeled ICSA-25-121-01…
Hackers Abuse IPv6 Stateless Address For AiTM Attack Via Spellbinder Tool
A sophisticated cyber threat has emerged in recent weeks as threat actors have developed a new technique leveraging IPv6 stateless addressing to conduct Adversary-in-the-Middle (AiTM) attacks. The attack relies on a novel tool called “Spellbinder” that manipulates IPv6 neighbor discovery…
7 Malicious PyPI Packages Abuse Gmail’s SMTP Protocol to Execute Malicious Commands
A sophisticated software supply chain attack leveraging Python Package Index (PyPI) repositories to deploy malware using Google’s SMTP infrastructure as a command-and-control mechanism. The campaign involved seven malicious packages – Coffin-Codes-Pro, Coffin-Codes-NET2, Coffin-Codes-NET, Coffin-Codes-2022, Coffin2022, Coffin-Grave, and cfc-bsb – which…