Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
And it was Microsoft Copilot that unwittingly revealed the longstanding vulnerability
All news
81 articlesUS surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
The spy law known as Section 702, which authorizes the NSA and FBI's warrantless surveillance, will all but certainly expire on Friday for the first time.
4 Best Floodlight Security Cameras (2026) After Thorough Testing
Light up and secure your driveway, backyard, or porch with a floodlight security camera.
Plymouth council exposes hundreds in latest local government email gaffe
Authority admits mass message to home-schooling families revealed recipients' addresses, prompting ICO report and apology
New malware campaign tricks AI scanners with fake nuclear weapon prompts — malicious code triggers safety failsafes so scanners skip the payload
Hades malware campaign now tricks AI bots into not scanning development packages, as prompts for bio- and nuclear weapons trigger failsafe mechanisms.
Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. [...]
AMD denies researcher a $10,000 bug bounty after fixing critical auto-updater vulnerability — security flaw took 124 days to patch
AMD took over four months to fix a critical security bug in its autoupdater, and the security researcher didn't see a dime for his efforts
BOFH: For one ambitious security type, chaos is a ladder
Mission Control sends its regards
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04. [...]
Over 73,000 French govt employees affected in Tchap messenger breach
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. [...]
Phishing Attack Volume Down 20%, But Risk Still Rising
Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiply them.
Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims. [...]
Grok Is Still Hosting Sexualized Deepfakes of Famous Women
A WIRED investigation found dozens of “nudified” deepfake images and videos on Grok's website, including nonconsensual depictions of celebrities and at least one prominent US politician.
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. [...]
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Initial methods suggest attackers had likely mapped out Ivanti's asset landscape upfront and acted quickly once the exploit became public.
Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts
A joint congressional report describes a spam operation that turned tens of thousands of fake podcasts into search-engine bait for illegal pharmacy and scam sites.
VRChat says somebody faked a breach notice with the Maine AG's office
'We have no reason to believe that our data or systems have been compromised. We are in the process of contacting the Maine Attorney General's office to have this removed.'
Authorities dismantle 'AudiA6' ransomware crypto-laundering service
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. [...]
Segmentation Works for OT If Operators Are Paying Attention
Even the best segmentation strategy will fall apart without constant oversight and disciplined operations.
Watching the World Cup online is easier with these VPN deals — deals for watching the FIFA World Cup 2026
A choice of VPN subscriptions to cover you over the FIFA World Cup 2026 and beyond. Stay safe online for less.
