Quantum computers need vastly fewer resources than thought to break vital encryption
No, the sky isn’t falling, but Q Day is coming, and it won’t be as expensive as thought.
Dan Goodin
–
|
29
Security
Iran’s hackers are on the offensive against the US and Israel
Tehran hopes to stoke fear and extract intel in a series of cyber attacks.
Financial Times
–
|
56
Internet Yiff Machine: We hacked 93GB of “anonymous” crime tips
Ultra-sensitive data may have been hacked.
Nate Anderson
–
|
68
Google bumps up Q Day deadline to 2029, far sooner than previously thought
Company warns entire industry to move off RSA and EC more quickly.
Dan Goodin
–
|
51
Self-propagating malware poisons open source software and wipes Iran-based machines
Development houses: It’s time to check your networks for infections.
Dan Goodin
–
|
51
After hackers hit an Iowa company, cars around the country failed to start
If you don’t calibrate your interlock in time, your vehicle is dead.
Nate Anderson
–
|
183
Widely used Trivy scanner compromised in ongoing supply-chain attack
Admins: Sorry to say, but it’s likely a rotate-your-secrets kind of weekend.
Dan Goodin
–
|
30
Millions of iPhones can be hacked with a new tool found in the wild
DarkSword, a powerful iPhone-hacking technique, has been discovered in use by Russian hackers.
WIRED
–
|
82
Most Read
Google details new 24-hour process to sideload unverified Android apps
The “advanced flow” will be available before verification enforcement begins later this year.
Ryan Whitwam
–
|
149
How World ID wants to put a unique human identity on every AI agent
Iris scan-backed tokens could help stop agent swarms from overwhelming online systems.
Kyle Orland
–
|
82
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Internet-exposed devices that give BIOS-level access? What could possibly go wrong?
Dan Goodin
–
|
28
Supply-chain attack using invisible code hits GitHub and other repositories
Unicode that’s invisible to the human eye was largely abandoned—until attackers took notice.
Dan Goodin
–
|
78
The who, what, and why of the attack that has shut down Stryker’s Windows network
Company says it doesn’t know how long it will take to restore its Microsoft environment.
Dan Goodin
–
|
79
14,000 routers are infected by malware that’s highly resistant to takedowns
Most of the devices are made by Asus and are located in the US.
Dan Goodin
–
|
38
From Iran to Ukraine, everyone’s trying to hack security cameras
Research shows apparent Iranian state hackers trying to hijack consumer-grade cameras.
WIRED
–
|
104
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
The long, strange trip of a large assembly of advanced iOS exploits.
Dan Goodin
–
|
37
LLMs can unmask pseudonymous users at scale with surprising accuracy
Pseudonymity has never been perfect for preserving privacy. Soon it may be pointless.
Dan Goodin
–
|
219
Google quantum-proofs HTTPS by squeezing 15kB of data into 700-byte space
Merkle Tree Certificate support is already in Chrome. Soon, it will be everywhere.
Dan Goodin
–
|
94
New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises
That guest network you set up for your neighbors may not be as secure as you think.
Dan Goodin
–
|
166
Password managers’ promise that they can’t see your vaults isn’t always true
Contrary to what password managers say, a server compromise can mean game over.
Dan Goodin
–
|
168
Once-hobbled Lumma Stealer is back with lures that are hard to resist
ClickFix bait, combined with advanced Castleloader malware, is installing Lumma “at scale.”
Dan Goodin
–
|
20
Windows’ original Secure Boot certificates expire in June—here’s what you need to do
PCs without the new certificates could eventually have trouble booting new OSes.
Andrew Cunningham
–
|
139
Malicious packages for dYdX cryptocurrency exchange empties user wallets
Incident is at least the third time the exchange has been targeted by thieves.
Dan Goodin
–
|
35
Microsoft releases urgent Office patch. Russian-state hackers pounce.
The window to patch vulnerabilities is shrinking rapidly.
Dan Goodin
–
|
77
The rise of Moltbook suggests viral AI prompts may be the next big security threat
We don’t need self-replicating AI models to have problems, just self-replicating prompts.
Benj Edwards
–
|
116
Notepad++ users take note: It’s time to check if you’re hacked
Suspected China-state hackers used update infrastructure to deliver backdoored version.
Dan Goodin
–
|
113
Web portal leaves kids’ chats with AI toy open to anyone with Gmail account
Just about anyone with a Gmail account could access Bondu chat transcripts.
WIRED
–
|
45
County pays $600,000 to pentesters it arrested for assessing courthouse security
Settlement comes more than 6 years after Gary DeMercurio and Justin Wynn’s ordeal began.
Dan Goodin
–
|
96
Site catering to online criminals has been seized by the FBI
One of the last holdouts for ransomware discussions, RAMP is taken down.
Dan Goodin
–
|
40
There’s a rash of scam spam coming from a real Microsoft address
Abusing Microsoft’s reputation may make scam harder to spot.
Dan Goodin
–
|
49
Why has Microsoft been routing example.com traffic to a company in Japan?
Company’s autodiscover caused users’ test credentials to be sent outside Microsoft networks.
Dan Goodin
–
|
70
How to encrypt your PC’s disk without giving the keys to Microsoft
Storing recovery keys with Microsoft allows the company to unlock your disk.
Andrew Cunningham
–
|
157
Poland’s energy grid was targeted by never-before-seen wiper malware
Destructive payload unleashed on tenth anniversary of Russia’s attack on Ukraine’s grid.
Dan Goodin
–
|
188
Overrun with AI slop, cURL scraps bug bounties to ensure “intact mental health”
The onslaught includes LLMs finding bogus vulnerabilities and code that won’t compile.
Dan Goodin
–
|
90
Hacker who stole 120,000 bitcoins wants a second chance—and a security job
Crypto theft was “the worst thing I had ever done.”
Cyrus Farivar
–
|
66
Millions of people imperiled through sign-in links sent by SMS
Even well-known services with millions of users are exposing sensitive data.
Dan Goodin
–
|
70