Cybersecurity
139 articles RSS
Meta Removes End-to-End Encryption From Instagram DMs as Take It Down Act Deadline Approaches
Meta will strip end-to-end encryption from Instagram direct messages on May 8, citing low adoption, just eleven days before the Take It Down Act compels platforms to police intimate content.
ShinyHunters Breach Rockstar Games via Third-Party Cloud Exploit, Release Financial Data After GTA VI Maker Refuses Ransom
Hackers exploited Anodot's integration with Rockstar's Snowflake cloud to steal nearly 80 million records of financial and analytics data, then published them after the studio refused to pay.
CPUID Website Hijacked to Distribute STX RAT Through Trojanized CPU-Z and HWMonitor Downloads
Attackers compromised CPUID's backend API and replaced download links for four popular hardware tools with malware-laden installers, infecting over 150 users across multiple countries.
APT28 Hijacked 18,000 Routers Worldwide While Deploying PRISMEX Malware Against Ukraine and NATO Allies
APT28 compromised 18,000 routers across 120 countries for credential theft while deploying PRISMEX malware against Ukraine and NATO logistics targets.
European Commission Confirms Data Breach After ShinyHunters Publish Stolen Europa.eu Records
The European Commission confirms a breach of its AWS-hosted Europa.eu platform after ShinyHunters published over 90 GB of stolen data. CERT-EU traces the intrusion to a supply chain attack on the Trivy security scanner.
Back-to-Back API Security Reports Reveal That 92 Percent of Organizations Cannot Defend Their AI Agents as Authenticated Attacks Dominate the Threat Landscape
Salt Security and KushoAI release dueling reports on the same day showing API security has become the critical blind spot of the agentic AI era, with nearly all attacks now originating from authenticated sources.
Wasmtime Ships Largest-Ever Security Patch After LLM-Driven Audit Uncovers 12 Vulnerabilities Including Two Critical Sandbox Escapes
The Bytecode Alliance patches 12 Wasmtime flaws, two critical, found during a three-week LLM-assisted security sprint by Mozilla, UCSD, Akamai, and F5.
IoT Security Regulation Accelerates on Both Sides of the Atlantic as NIST Rewrites Federal Guidance and the EU CRA's First Deadline Approaches
NIST is overhauling its IoT cybersecurity guidance for federal agencies while the EU Cyber Resilience Act's first enforcement deadline in September 2026 forces manufacturers to build vulnerability reporting infrastructure from scratch.
Flashpoint Report Finds Agentic AI Discussions on Criminal Forums Surged 1,500 Percent as Infostealers Fuel 3.3 Billion Stolen Credentials
Flashpoint's 2026 report documents a 1,500 percent spike in AI-related criminal forum activity, 3.3 billion stolen credentials from infostealers, and a 53 percent rise in ransomware incidents.
Passkeys Gain Regulatory Momentum as India Mandates Two-Factor Authentication and NIST Formalizes Syncable Credentials
India's Reserve Bank enforces mandatory two-factor authentication for all digital payments from April 1, while NIST's updated identity guidelines and Microsoft's passwordless-by-default accounts mark a coordinated global shift toward phishing-resistant authentication.
Qilin Ransomware Group Targets German Political Party Die Linke, Claiming 1.5 Terabytes of Stolen Data
Qilin ransomware group claims attack on German political party Die Linke, threatening to leak 1.5 terabytes of internal data in what the party calls a hybrid warfare operation.
Drift Protocol Suffers $285 Million Exploit in Largest DeFi Hack of 2026 as Analysts Point to North Korea
Attackers used Solana's durable nonce feature to hijack Drift's governance and drain $285 million in 12 minutes, with blockchain forensics firms linking the heist to North Korean operatives.