Apple rolled out the security patches for dozens of iPhone and iPad models and generations. The post Apple Patches iOS Flaw Allowing Recovery of Deleted Chats appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
OpenAI tackles a bad habit people have when interacting with AI
Since people tend to paste personal data into AI tools such as ChatGPT, OpenAI has released Privacy Filter, an open-weight model designed to detect and redact personally identifiable information (PII) in text. The model is available under the Apache 2.0…
GopherWhisper APT group hides command and control traffic in Slack and Discord
Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group pushes that trend further, running its operations through Slack workspaces, Discord servers, Outlook drafts, and the…
Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 (CVSS score: N/A), has been described as a logging…
NCSC Backs Passkeys, Hailing a New Era of Sign-in
The UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across the NHS This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Backs Passkeys, Hailing a New…
Nio Hit By Patent Claim Over Battery-Swap Stations
Chinese EV maker Nio accused of infringing patents from defunct Israeli start-up to build network of battery-swapping stations This article has been indexed from Silicon UK Read the original article: Nio Hit By Patent Claim Over Battery-Swap Stations
FCA Raids London Properties In Crypto Crackdown
Authorities search eight properties in capital associated with unregistered peer-to-peer crypto trading, amid money laundering risk This article has been indexed from Silicon UK Read the original article: FCA Raids London Properties In Crypto Crackdown
Micron Pushes US Lawmakers To Restrict China Sales
Micron is reportedly driving force behind bill that aims to bring in increased restrictions on chipmaking equipment sales to China This article has been indexed from Silicon UK Read the original article: Micron Pushes US Lawmakers To Restrict China Sales
Lazarus Lures Developers With Backdoored Coding Tests
North Korea-linked hackers are using AI-assisted malware and backdoored coding challenges to quietly loot millions in cryptocurrency from Web3 developers. Expel assesses with high confidence that HexagonalRodent is a DPRK state-sponsored subgroup that likely evolved from fraudulent IT worker operations…
Fake Wallpaper App, YouTube Channel Used to Spread notnullOSX Malware
Hackers are abusing a fake macOS wallpaper app and a hijacked YouTube channel to quietly deliver notnullOSX, a new crypto-focused stealer that targets Macs via ClickFix commands and weaponized DMG installers. The campaign is highly selective, going after victims with crypto…
Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
A severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft. Threat actors uploaded malicious versions of the tool to the Python Package Index (PyPI), embedding a heavily obfuscated infostealer into the code.…
Pass the key, passwords have passed their sell-by date
NCSC passes judgment: passkeys pass muster, passwords fail The UK’s National Cyber Security Centre (NCSC) has officially endorsed passkeys as the default authentication standard, marking the first time the agency has told consumers to move away from passwords entirely.… This…
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to…
Roblox clamps down on chats and age checks as legal pressure builds
Roblox is paying millions to settle child safety claims while rolling out strict age checks and chat limits that could reshape how kids use the platform. This article has been indexed from Malwarebytes Read the original article: Roblox clamps down…
Recent Microsoft Defender Vulnerability Exploited as Zero-Day
The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges. The post Recent Microsoft Defender Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Fake Document, Real Access: Foxit Impersonation Enables Stealth VNC Control
Attackers who impersonate trusted vendors do not only damage the reputation of the original vendor, but also cause heaps of trouble down the line. This article has been indexed from Security Blog G Data Software AG Read the original article:…
New OpenAI cyber product, unauthorized Mythos access, insurers to cap LLMjacking payouts
OpenAI shares cyber product with government orgs Unauthorized Mythos access, Firebox bugs fixed by Mythos Insurers move to cap LLMjacking cyber payouts Get the show notes here: https://cisoseries.com/cybersecurity-news-new-openai-cyber-product-unauthorized-mythos-access-insurers-to-cap-llmjacking-payouts/ Huge thanks to our sponsor, ThreatLocker ThreatLocker is extending Zero Trust beyond…
Sony Robot Challenges Humans At Table Tennis
Robot built by Sony AI shows how machines can adapt to constantly changing factors to execute high-speed, precise actions This article has been indexed from Silicon UK Read the original article: Sony Robot Challenges Humans At Table Tennis
Checkmarx KICS Docker Repo Hijacked in Malicious Code Injection Attack
A massive software supply chain attack has targeted the official Checkmarx KICS (Keeping Infrastructure as Code Secure) Docker Hub repository. Discovered on April 22, 2026, by Docker and Socket, the compromise involves trojanized Docker images and malicious VS Code extensions…
Fake TradingView AI Site Spreads Needle Stealer Through Phony TradingClaw App
A fake TradingView AI agent website is delivering Needle Stealer malware through a bogus “TradingClaw” assistant that can hijack victims’ browsers, drain financial accounts, and enable follow‑on attacks. The campaign targets traders seeking automated strategies on TradingView, capitalizing on the…
Apple Fixes Notification Privacy Flaw That Allowed FBI to Access Deleted Signal Messages
Apple released iOS 26.4.2 and iPadOS 26.4.2 on April 22, 2026, to patch a critical notification privacy vulnerability that allowed law enforcement to extract Signal message content from iPhones — even after the app had been deleted. The flaw, tracked…
15 Identity Providers Your B2B SaaS Must Support to Close Enterprise Deals
Struggling to close enterprise deals? Discover the 15 essential Identity Providers (IdPs) your B2B SaaS must support to meet strict security requirements. The post 15 Identity Providers Your B2B SaaS Must Support to Close Enterprise Deals appeared first on Security…
IT Security News Hourly Summary 2026-04-23 09h : 5 posts
5 posts were published in the last hour 6:32 : Strategic autonomy: Where you get to choose 6:31 : Tropic Trooper Uses Custom Beacon and VS Code Tunnels for Stealthy Remote Access 6:31 : Apple Patches Privacy Issue Exposing Signal…
Strategic autonomy: Where you get to choose
Cybersecurity has a control problem. Most providers force you into a corner, where you must either accept their ‘black box’ ecosystems… or go without elite protection. It’s a choice between being safe and staying in control. And it’s a choice…