News without the noise
Security news and threats
50 articles
The Telnyx Python SDK on PyPI was compromised in a sophisticated supply chain attack that used WAV audio steganography to deliver malware. Malicious versions 4.87.1 and 4.87.2, uploaded by threat actor TeamPCP, executed arbitrary code on import and hid their payloads within the frame metadata of audio files.
Security researchers at RSA Conference 2026 have disclosed that 100 percent of tested AI coding environments are vulnerable to prompt injection attacks, with a shared attack chain that can transform tools like Claude Code, Cursor, and GitHub Copilot into persistent backdoors.
An Iranian hacking group has breached FBI Director Kash Patel's personal email accounts and published purported personal documents including his resume and photographs on a website that identified itself as Iranian but appeared to be hosted in Russia.
A recently filed court record reveals that Apple provided the FBI with the real iCloud email address behind its Hide My Email feature, which lets paying iCloud+ subscribers generate anonymous email addresses. The data was turned over during an investigation into threatening messages sent to Alexis Wilkins, the girlfriend of FBI Director Kash Patel.
Georgia State Patrol used a Flock automated license plate reader surveillance camera to issue a traffic ticket to a motorcyclist allegedly looking at his phone while riding, according to a citation obtained by 404 Media.
Indian authorities have ordered a nationwide audit of CCTV cameras after police uncovered what they claim was a Pakistan-backed surveillance operation, with cameras found pointing at critical infrastructure rather than public safety locations.
Senator Ron Wyden has issued a pointed warning that a still-classified abuse of Section 702 surveillance authority directly affects the privacy rights of Americans, saying the public will be stunned when it is eventually revealed and that Congress has been debating the programme with insufficient information.
A security researcher who scanned 100 GitHub repositories built primarily with AI coding tools found that 67 had at least one critical vulnerability, with 45 per cent containing hardcoded API keys and secrets in their source code.
LiteLLM, a widely used Python library for interacting with multiple AI model providers, was compromised on the Python Package Index with a credential stealer that activated simply by installing the package, even without importing it in code.
A Russian national who sold access to compromised corporate networks faces nearly seven years in a US prison after prosecutors tied his work to a string of ransomware attacks that cost victims millions of dollars. Aleksei Volkov was sentenced to 81 months for his role as an initial access broker.
The Anthropic report revealing Chinese cyberspies had abused Claude AI to automate cyberattacks served as a Rorschach test for the information security community, according to former NSA cybersecurity director Rob Joyce speaking at RSAC 2026.
Iran finds itself on both sides of the cyber battlefield this week, with a new self-propagating wiper called CanisterWorm destroying data on systems matching Iran's timezone or Farsi language settings, while the FBI has simultaneously warned that Iranian government hackers are weaponising Telegram in malware campaigns targeting dissidents and journalists.
Security researcher Gaasedelen has achieved what was long considered impossible: a complete compromise of the Microsoft Xbox One console more than a decade after its 2013 release. The hack, dubbed the Bliss exploit, uses two precisely timed voltage glitches to bypass security at the silicon level, making the attack fundamentally unpatchable.
Russian intelligence-affiliated actors are impersonating customer support representatives on encrypted messaging platforms including Signal to compromise user accounts and launch phishing attacks, according to a joint warning from the FBI and the Cybersecurity and Infrastructure Security Agency.
A cyberattack on a US car breathalyzer company has left drivers across the country stranded and unable to start their vehicles. The incident highlights the growing risk of cyberattacks on connected devices that have real-world physical consequences.
Proton Mail, the Swiss encrypted email service marketed as a privacy-first alternative to Gmail, provided subscriber payment metadata to Swiss authorities who then passed it to the FBI, according to a report from 404 Media. The disclosure highlights the gap between what privacy-focused services promise and what they can deliver when faced with lawful government requests.
Iran launched a missile strike, a cyberattack, and a coordinated disinformation push targeting Israel all at the same time, according to analysts who say the simultaneous operation represents a new evolution in hybrid warfare.
Security researchers at Qualys have disclosed CVE-2026-3888, a vulnerability in Canonical's snap package manager that enables local privilege escalation to root on affected systems.
A new open-source benchmark called AgentShield has revealed a stark gap in commercial AI agent security tools: while the top providers catch more than 95 percent of prompt injection attacks, they detect only 9 to 18 percent of unauthorised tool calls. The findings arrive alongside reports of widespread AI recommendation poisoning and Okta's launch of a dedicated agent management platform.
Meta's new AI-powered Ray-Ban glasses have been called a privacy disaster by security experts, with prominent cryptographer Bruce Schneier noting that the always-on camera and AI capabilities represent a surveillance tool that will exist whether society likes it or not. Meanwhile, a new Android app called Nearby Glasses has launched that detects when smart glasses are being used in your vicinity.
OWASP has published its first Top 10 security risks for the Model Context Protocol, the increasingly popular standard for connecting AI agents to external tools and data sources. The move follows a surge of over 30 CVEs filed against MCP servers, clients, and infrastructure between January and February 2026.
Japan's government has decided to allow its Self-Defense Force to conduct offensive cyber operations starting October 1st, marking a historic shift in the country's traditionally defensive security posture.
Security researchers have demonstrated that AWS Bedrock AgentCore Code Interpreter allows attackers to exfiltrate data via DNS queries even in sandbox mode — and AWS has classified it as intended behaviour rather than a vulnerability.
Medical technology company Stryker has confirmed it is working to restore systems after pro-Iranian hackers wiped thousands of employee devices in what is believed to be the first major cyberattack against a US company in direct response to the Trump administration's military campaign in Iran.
Google has removed the popular "Save image as Type" Chrome extension from the Web Store after discovering it contained malware that was secretly scraping users' browsing data. The extension, which had accumulated over one million users, was flagged for removal with Google warning affected users that their data may have been compromised.
A new malware campaign is using sponsored search advertisements to push fake Claude Code download pages that deploy infostealers capable of capturing browser credentials, session cookies, API tokens, and cryptocurrency wallet data.
Telus Digital, one of Canada's largest business process outsourcers, has confirmed it was the victim of a cyberattack, with the notorious ShinyHunters hacking group claiming to have exfiltrated up to a petabyte of data from the company's systems.
Hacked documents from the Department of Homeland Security's technology incubator reveal the agency has been funding a range of AI-powered surveillance tools, including a platform that ingests all 911 call data nationally and generates "geospatial heat maps" to predict crime patterns.
Criminals are exploiting the Iran war flight disruptions by creating fake airline social media accounts that trick stranded travellers into handing over personal and financial details.
A hacker inadvertently gained access to FBI files related to Jeffrey Epstein in what appears to be an accidental breach rather than a targeted operation. The revelation is part of a broader week in security that includes Russian hackers attempting to hijack Signal accounts and a porn-quitting app exposing the private habits of hundreds of thousands of users.
A newly disclosed vulnerability (CVE-2026-32630) in the widely-used file-type npm package allows unauthenticated attackers to crash Node.js servers through a crafted ZIP archive that bypasses memory allocation limits during decompression, triggering an out-of-memory crash.
A security researcher has discovered 39 Algolia admin API keys exposed in the source code and configuration files of open source documentation websites, granting potential attackers full write access to the search indexes that power these sites.
A comprehensive security audit of 17 popular Model Context Protocol servers — including official implementations from Anthropic, AWS, Cloudflare, and Docker — has found that 100 percent of them lack proper permission declarations, with five scoring as high risk and one containing a real eval() vulnerability.
The FBI is investigating a series of video games published on Valve''s Steam platform that were embedded with malware, believing a single hacker is responsible for the campaign spanning the last two years. The probe highlights ongoing security challenges facing the world''s largest PC gaming marketplace.
Google has released an emergency Chrome update to fix two previously unknown vulnerabilities that attackers were already exploiting before patches landed. The flaws affect the Skia graphics library and the V8 JavaScript engine, two core components of the browser.
Customers of three major UK banks under the Lloyds Banking Group woke on Thursday to find incorrect transactions appearing in their apps, with some account holders seeing names, salaries, and child benefit payments that were not their own.
US medical equipment provider Stryker disclosed that a cyberattack linked to an Iranian hacking group disrupted its global networks on Wednesday, marking what appears to be Iran's first significant cyber retaliation against an American company since the war began.
A critical vulnerability in the Shopware open commerce platform allows unauthenticated attackers to hijack API credentials and integration tokens by exploiting a flaw in the app registration handshake mechanism.
Security experts are warning that quantum computing poses a threat not just to cryptocurrency but to the encrypted messaging apps used by billions of people daily, with adversaries potentially harvesting encrypted communications now to decrypt them when quantum computers become powerful enough.
Electronic warfare operations near Iran are disrupting GPS signals across the region, causing widespread problems for civilian delivery apps, navigation systems, and mapping services. The interference highlights how modern warfare bleeds into everyday digital infrastructure.
Polish police have referred seven suspected juvenile cybercriminals to family court over an alleged scheme to sell DDoS attack kits online, with the youngest suspect just 12 years old.
The CA/Browser Forum has voted unanimously to reduce maximum SSL/TLS certificate lifespans from 398 days to just 47 days by 2029, with the first phase taking effect on March 15, 2026, cutting the maximum to 200 days.
A security researcher scanned 100 publicly available apps built with popular AI coding tools and found 318 total vulnerabilities, with 65 percent of apps having security issues and 58 percent containing at least one critical vulnerability.
Two major state-backed hacking campaigns are targeting global communications infrastructure simultaneously. Dutch intelligence has accused Russia-backed hackers of running a "large-scale global" campaign against Signal and WhatsApp users, while China's Salt Typhoon group continues to breach top telecom companies across multiple countries.
A new Wi-Fi attack called AirSnitch can break encryption across home, office and enterprise networks by exploiting a fundamental flaw in how clients are bound across network layers, enabling full bidirectional machine-in-the-middle interception.
The FBI is investigating a breach of its systems that reportedly affected tools related to wiretapping and surveillance, according to The Register. The incident adds to a growing list of attacks targeting law enforcement and intelligence infrastructure at a time when US agencies are already stretched thin by the ongoing conflict with Iran.
AI-based assistants and autonomous agents that can access users' computers, files, and online services are growing rapidly in popularity — but security researchers warn they are fundamentally reshaping organizational threat models. Brian Krebs reports that the open-source platform OpenClaw alone has over 42,000 exposed instances, with 1.5 million leaked API tokens and a critical RCE vulnerability rated CVSS 8.8.
A firmware vulnerability affecting motherboards from ASUS, Gigabyte, MSI, and ASRock can report that DMA protections are active while failing to initialize the IOMMU, leaving systems vulnerable to pre-boot attacks from malicious PCIe or Thunderbolt devices.
AI agents are enabling cybercriminals and nation-state hackers — including North Korea — to outsource the drudge work of planning and executing cyberattacks, according to Microsofts head of global threat intelligence.
US Customs and Border Protection purchased commercial advertising data to track phone locations, sidestepping warrant requirements that would normally apply to such surveillance, according to a new Wired investigation.