El Reg shows you how to run Zypher’s speech-replicating AI on your own box Hands on Palo Alto-based AI startup Zyphra unveiled a pair of open text-to-speech (TTS) models this week said to be capable of cloning your voice with…
Category: EN
AI Self-Replication: Scientists Warn of Critical “Red Line”
Scientists have raised concerns after artificial intelligence (AI) crossed a major threshold — self-replication. A new study from researchers at Fudan University in China reveals that two popular large language models (LLMs) successfully created functional copies of themselves, raising…
Two Russian Hackers Arrested for Large-Scale Ransomware Attacks
Authorities in the United States have charged two Russian nationals with carrying out widespread cyberattacks using Phobos ransomware. The suspects, Roman Berezhnoy (33) and Egor Nikolaevich Glebov (39), were arrested in Thailand for allegedly orchestrating more than a thousand…
XE Group Rebrands Its Cybercrime Strategy by Targeting Supply Chains
Over the past decade, there has been a rise in the number of cyber threats targeting the country, including the XE Group, a hacker collective with Vietnamese connections. According to recent investigations, the group was responsible for exploiting two…
RBI Launches “bank.in” Domain to Combat Digital Banking Scam
The Reserve Bank of India (RBI) has made the “bank.in” domain exclusive to all authorised banking institutions in India in an effort to strengthen digital banking security and shield customers from online banking fraud. This effort aims to minimise…
The Multi-Layer Complexity of Cybersecurity for The Automotive Supply Chain
Thousands and thousands of components go into the assembly of contemporary vehicles. It is impossible for any original equipment manufacturer (OEM) to produce all these components themselves. The demand for… The post The Multi-Layer Complexity of Cybersecurity for The Automotive…
Storm-2372 used the device code phishing technique since August 2024
Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Microsoft Threat Intelligence researchers warn that threat actor Storm-2372, likely linked to Russia, has been targeting governments, NGOs, and…
Keeping Your Cloud Data Safe: What You Need to Know
Why is Cloud Data Safety a Paramount Concern? With the increasing movement of organizations to the cloud, ensuring data security has become a top priority. It’s a well-known fact that organizations thrive on data. But what if this data falls…
The Role of AI in DFIR
The role of AI in DFIR is something I’ve been noodling over for some time, even before my wife first asked me the question of how AI would impact what I do. I guess I started thinking about it when…
How Amazon Prime Day Scams Are Getting Smarter and How Can You Protect Yourself
Amazon Prime Day has become a major shopping event, with 2023 setting a record as customers purchased over 375 million items worldwide, up from 300 million in 2022. As more… The post How Amazon Prime Day Scams Are Getting Smarter…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site …
Storenvy – 11,052,071 breached accounts
In mid-2019, the e-commerce website Storenvy suffered a data breach that exposed millions of customer records. A portion of the breached records were subsequently posted to a hacking forum with cracked password hashes, whilst the entire corpus of 23M rows…
Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days…
SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild Following PoC Release
A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively exploited in the wild, cybersecurity firms warn. The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by…
A Deadly Unserious 419?
Over a decade ago, I was more than a little amused at a 419 message of the “I’ve been hired to assassinate you” sub-category to which my friend and colleague Urban Schrott, then at ESET Ireland, drew my attention, so…
Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds…
DEF CON 32 – Fitness of Physical Red Teamers
Authors/Presenters: Lucas Rooyakkers & Billy Graydon Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube…
Cybercriminals Intensify Attacks on Password Managers
Cybercriminals are increasingly setting their sights on password managers as a way to infiltrate critical digital accounts. According to Picus Security’s Red Report 2025, which analyzed over a million malware samples from the past year, a quarter (25%) of…
U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities…
Rising Robocall Cyber Threat and Essential Protection Strategies
A persistent cybersecurity concern has long been robocall scams. However, recent developments indicate that this type of attack is becoming increasingly sophisticated and dangerous as a result of these developments. In a recent incident, Telnyx, a provider of Voice…