426
6

#Windows11 and #RedHat #Linux hacked on first day of #Pwn2Own

https://www.bleepingcomputer.com/news/security/windows-11-and-red-hat-linux-virtualbox-hacked-on-first-day-of-pwn2own/

#cybersecurity #FOSS

427
1

Malicious #NPM package uses Unicode #steganography to evade detection

https://www.bleepingcomputer.com/news/security/malicious-npm-package-uses-unicode-steganography-to-evade-detection/

#cybersecurity

428
4

Spies hack high-value mail servers using an exploit from yesteryear

https://arstechnica.com/security/2025/05/spies-hack-high-value-mail-servers-using-an-exploit-from-yesteryear/

#cybersecurity #XSS #Roundcube #MDaemon #Horde #Zimbra

429
1

#Google fixes high severity #Chrome flaw with public exploit

https://www.bleepingcomputer.com/news/security/google-fixes-high-severity-chrome-flaw-with-public-exploit/

#cybersecurity

430
2

"When launching privacy-critical apps and services, developers want to make sure that every packet really only goes through Tor. One mistyped proxy setting–or a single system-call outside the SOCKS wrapper–and your data is suddenly on the line.

That's why today, we are excited to introduce oniux: a small command-line utility providing Tor network isolation for third-party applications using Linux namespaces. Built on Arti, and onionmasq, oniux drop-ships any Linux program into its own network namespace to route it through Tor and strips away the potential for data leaks. If your work, activism, or research demands rock-solid traffic isolation, oniux delivers it."

https://blog.torproject.org/introducing-oniux-tor-isolation-using-linux-namespaces/

#Tor #CyberSecurity #Linux #Privacy #Anonymity #Oniux

431
3

#Google #Chrome to block admin-level browser launches for better security

https://www.bleepingcomputer.com/news/google/google-chrome-to-block-admin-level-browser-launches-for-better-security/

#cybersecurity

432
6

"Meta did have more work to do on “child grooming,” as we saw in a June 2019 deck titled, “Inappropriate Interactions with Children on Instagram.” An early page called out that “IG recommended a minor through top suggested to an account engaged in groomer-esque behavior.” Grooming refers generally to the tactics a child predator might use to gain trust with potential victims to sexually abuse them. Subsequent pages gave some broader data: “27% of all follow recommendations to groomers were minors.” There’s a lot we don’t know about this statement: how did Meta track accounts that were “groomers” or “engaged in groomer-esque behavior”? And why were those accounts allowed at all? How did they generate that statistic? And it’s important to caveat as well that perhaps Meta didn’t know that any potential groomers were actual criminals. But by any measure, the headline is troubling.

There was more data than that. 33% of Instagram comments reported to Meta as inappropriate were reported by minors, the deck said of a three-month period. Of the comments reported by minors, more than half were left by an adult. “Overall IG: 7% of all follow recommendations to adults were minors,” the deck concluded.

The presentation also noted that during a “3-month period”—presumably in 2019—2 million minors were recommended by Instagram’s algorithm for groomers to follow. 22% of those recommendations resulted in a follow request from a groomer to a minor. Doing some back of the envelope math, that’s approximately 440,000 minors over just a three-month period who received a follow request from someone Meta labeled as a “groomer.” That number is shocking even before being annualized."

https://www.bigtechontrial.com/p/instagrams-algorithm-recommended

#SocialMedia #USA #Meta #Facebook #Instagram #CyberSecurity #WhatsApp #Antitrust #Monopolies #Oligopolies #Competition

433
1

Hackers behind #UK #retail attacks now targeting #US companies

https://www.bleepingcomputer.com/news/security/google-scattered-spider-switches-targets-to-us-retail-chains/

#cybersecurity

434
5

Cybercriminals tried to blackmail Coinbase into paying $20 million in Bitcoin over stolen customer data. Instead of paying up, the crypto exchange is offering the same amount as a bounty to help bring the perpetrators to justice. Read more at @DecryptMedia. #Coinbase #Crypto #Cybersecurity #Cybercrime #Tech #Technology https://flip.it/g9cixC

435
2

#Ransomware gangs join ongoing #SAP #NetWeaver attacks

https://www.bleepingcomputer.com/news/security/ransomware-gangs-join-ongoing-sap-netweaver-attacks/

#cybersecurity

436
2

#Steel giant #Nucor Corporation facing disruptions after cyberattack

https://www.bleepingcomputer.com/news/security/steel-giant-nucor-corporation-facing-disruptions-after-cyberattack/

#cybersecurity

437
4

North Korean #IT Workers Are Being Exposed on a Massive Scale

https://www.wired.com/story/north-korean-it-worker-scams-exposed/

#NorthKorea #cybersecurity #scam

438
11

#Qatar’s $400M jet for #Trump is a gold-plated security nightmare

https://www.theregister.com/2025/05/13/presidents_trump_747_qatar/

#cybersecurity #politics

439
2

#SAP patches second zero-day flaw exploited in recent attacks

https://www.bleepingcomputer.com/news/security/sap-patches-second-zero-day-flaw-exploited-in-recent-attacks/

#cybersecurity

440
3

#NorthKorea ramps up cyberspying in #Ukraine to assess war risk

https://www.bleepingcomputer.com/news/security/north-korea-ramps-up-cyberspying-in-ukraine-to-assess-war-risk/

#cybersecurity

441
1

#Ivanti fixes #EPMM zero-days chained in code execution attacks

https://www.bleepingcomputer.com/news/security/ivanti-fixes-epmm-zero-days-chained-in-code-execution-attacks/

#cybersecurity

442
1

#Fortinet fixes critical zero-day exploited in #FortiVoice attacks

https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-zero-day-exploited-in-fortivoice-attacks/

#cybersecurity

443
2

#GovDelivery, an email alert system used by governments, abused to send #scam messages

https://techcrunch.com/2025/05/13/government-email-alert-system-govdelivery-used-to-send-scam-messages/

#cybersecurity

444
2

#Ivanti warns of critical #NeuronsForITSM auth bypass flaw

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-neurons-for-itsm-auth-bypass-flaw/

#cybersecurity

445
3

New #Intel #CPU flaws leak sensitive data from privileged memory

https://www.bleepingcomputer.com/news/security/new-intel-cpu-flaws-leak-sensitive-data-from-privileged-memory/

#cybersecurity

446
2

New attack can steal #cryptocurrency by planting false memories in #AI chatbots

https://arstechnica.com/security/2025/05/ai-agents-that-autonomously-trade-cryptocurrency-arent-ready-for-prime-time/

#cybersecurity #LLM #chatbot #crypto

447
4

M&S says customer data stolen in cyberattack, forces password resets

https://www.bleepingcomputer.com/news/security/mands-says-customer-data-stolen-in-cyberattack-forces-password-resets/

#MarksAndSpencer #retail #UK #cybersecurity #privacy #DataBreach

448
3

Hackers now testing #ClickFix attacks against #Linux targets

https://www.bleepingcomputer.com/news/security/hackers-now-testing-clickfix-attacks-against-linux-targets/

#cybersecurity #FOSS

449
2

#OutputMessenger flaw exploited as zero-day in espionage attacks

https://www.bleepingcomputer.com/news/security/output-messenger-flaw-exploited-as-zero-day-in-espionage-attacks/

#cybersecurity

450
1

#Moldova arrests suspect linked to #DoppelPaymer #ransomware attacks

https://www.bleepingcomputer.com/news/security/moldova-arrests-suspect-linked-to-doppelpaymer-ransomware-attacks/

#cybersecurity

view more: ‹ prev next ›

Cybersecurity

2 readers
10 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

founded 2 years ago
MODERATORS