Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
Clinical trial participant data stolen, but pharma giant says exposed records were pseudonymized
All news
40 articlesMicrosoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
And it was Microsoft Copilot that unwittingly revealed the longstanding vulnerability
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Telegram-based 'Outsider Enterprise' accused of sending millions of scam texts and impersonating trusted brands
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
The spy law known as Section 702, which authorizes the NSA and FBI's warrantless surveillance, will all but certainly expire on Friday for the first time.
Plymouth council exposes hundreds in latest local government email gaffe
Authority admits mass message to home-schooling families revealed recipients' addresses, prompting ICO report and apology
Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. [...]
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04. [...]
Over 73,000 French govt employees affected in Tchap messenger breach
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. [...]
Japanese energy firm loses drive with data of 10.9 million clients
Kyushu Electric Power Co., Inc. has disclosed a physical security incident that affects private data of more than 10 million customers. [...]
Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims. [...]
Grok Is Still Hosting Sexualized Deepfakes of Famous Women
A WIRED investigation found dozens of “nudified” deepfake images and videos on Grok's website, including nonconsensual depictions of celebrities and at least one prominent US politician.
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. [...]
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
Another day, another Windows exploit code
Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts
A joint congressional report describes a spam operation that turned tens of thousands of fake podcasts into search-engine bait for illegal pharmacy and scam sites.
VRChat says somebody faked a breach notice with the Maine AG's office
'We have no reason to believe that our data or systems have been compromised. We are in the process of contacting the Maine Attorney General's office to have this removed.'
Authorities dismantle 'AudiA6' ransomware crypto-laundering service
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. [...]
Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps
The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance.
Every employee’s password was stored in a single Excel file
The CEO thought this was the best way to deal with some email issues
Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate
PRC eyes are watching you
Reclaiming Social Engineering for Good
“Social engineering” sounds like something out of a conspiracy thriller, charged with totalitarian control and fringe paranoia. More mundanely, it’s come to be associated with phishing and other scams, in which fraudsters manipulate people into disclosing personal information. Yet the concept is older and more benign: it is the deliberate shaping of human behavior, often at scale. It predates…
