Security
Cybersecurity: vulnerabilities, breaches, malware, ransomware, zero-days, security patches, privacy laws, encryption, authentication, infosec research.
Most searched in security
Top security phrases U.S. readers type into Google. Click any to see our coverage.
iOS 26.5 Update Addresses Over 50 Security Vulnerabilities—Update Now
Apple's iOS 26.5 fixes over 50 security flaws. Update your iPhone now to stay secure.
Malware Disguised as OpenAI Found on Hugging Face
A fake OpenAI repo on Hugging Face pushed malware disguised as AI tools, targeting Windows users with info-stealing tactics.
Spain Arrests Individual in Massive Government Data Leak, Sparking National Security Concerns
Spanish authorities have arrested an individual responsible for leaking sensitive data of government employees from critical state organizations, including the National Cybersecurity Institute (INCIBE).
Claude AI: Boon or Bane for Cybersecurity? Expert Bruce Schneier Weighs In
Large language models like Claude Mythos present a complex challenge for IT security. Are they a powerful new tool for defenders, or a dream come true for attackers? We explore the implications with cybersecurity specialist Bruce Schneier.
Fake IDs Leak Customer Data Via WordPress Flaw
Purchasing an international driving permit online from unofficial vendors can expose your personal data, including photos and signatures, due to insecure WordPress setups.
Fake IDP Sites Leak Customer Data Online
Websites peddling fake international driving permits are inadvertently leaking sensitive customer data, including personal identification and driver's license scans, thanks to misconfigured WordPress installations.
California Sues 23andMe Over 2023 Data Breach, Exposing Millions of Users
California is taking legal action against 23andMe following a major 2023 data breach. The lawsuit claims the company's inadequate security measures exposed the genetic and personal data of nearly 7 million users.
Charter Data Breach Exposes 4.9 Million Customer Accounts
US telecom giant Charter Communications confirmed a data breach affecting 4.9 million accounts. The ShinyHunters gang claims they used a vishing attack to steal customer names, emails, and addresses from Salesforce.
Germany's De-Mail: End of a Troubled Secure Email Dream by 2026
Germany's De-Mail system, once touted as a secure replacement for traditional email in state communications, is shutting down by 2026 due to persistent security and usability issues.
Laravel Lang Packages Hit by Credential-Stealing Malware via GitHub Tag Abuse
Laravel Lang localization packages? Compromised. Malware deployed via manipulated GitHub tags. Developer credentials, gone.
Italy Dismantles CINEMAGOAL, €300M Streaming Piracy Ring
Italy's crackdown on CINEMAGOAL reveals a sophisticated piracy network exploiting streaming service vulnerabilities, incurring €300M in damages.
Texas AG Sues Meta Over WhatsApp Encryption Claims
Texas AG accuses Meta of misleading claims about WhatsApp's end-to-end encryption. Meta vows to fight the 'baseless' lawsuit.
Zero Trust Workshops: Your Guide to the New IT Security Standard
IT managers, listen up: Zero Trust workshops are coming in June and November 2026. Get practical strategies to implement this critical security framework.
Your Boss's Software is Sending Your Data to Meta and Google
A study reveals nine workplace monitoring apps share employee data with platforms like Meta and Google, raising privacy concerns.
Chromium Exploit Leaked: Millions of Browser Users Exposed
That big Chromium vulnerability? Still unpatched. And now its exploit is out there, thanks to Google. Users of Chrome, Edge, and others? They're exposed.
Google Leak Exposes Chromium Flaw, Threatens Millions
Google accidentally disclosed an exploit for a long-standing Chromium flaw, putting millions of users at risk of cyber attacks.
GitHub Breach: 3,800 Repos Compromised Via VS Code Extension
A GitHub security breach compromised 3,800 repositories, with hacking group TeamPCP claiming responsibility. Investigations are ongoing.
AI Firms Use Deceptive Opt-Out Forms, Study Finds
A new study reveals AI firms and data brokers use deceptive forms to continue selling personal data, adding pressure for stricter privacy laws.
GitHub Breach Exposes 3,800 Repos via Rogue VSCode Extension
A malicious VSCode extension breached 3,800 GitHub repos. The TeamPCP hacker group demands $50,000 for the data.
FBI Plans Nationwide License Plate Data Access, Sparking Privacy Debate
The FBI aims to access a vast network of license plate cameras across the US, prompting privacy concerns and legal challenges.
Checkmarx Jenkins Plugin Compromised by TeamPCP Malware
TeamPCP infiltrated Checkmarx's Jenkins AST plugin with credential-stealing malware. Users should rotate secrets and check for breaches.
NYC Health Data Breach Exposes 1.8 Million Records
A cyberattack on NYC Health and Hospitals compromised medical data and fingerprints, affecting 1.8 million people. Many details remain unclear.
Windows 'MiniPlasma' Exploit: SYSTEM Access, Proof-of-Concept Public
Meet 'MiniPlasma,' a new Windows zero-day exploit that gives attackers SYSTEM privileges. Microsoft hasn't said a peep about it.
AI Just Changed Mac Cybersecurity Training, Big Time
Forget annual security videos. Dashlane and KnowBe4 are using AI to give Mac admins real-time, context-aware training. When you mess up, you learn. Immediately.
WordPress Funnel Builder Bug Exposes 40K Sites to Card Theft
A vulnerability in Funnel Builder for WordPress allows attackers to steal credit card data from over 40,000 WooCommerce sites. Update now!
Outlook Zero-Click Flaw Lets Hackers Bypass Firewalls
A critical Outlook vulnerability lets attackers compromise systems via email. No user interaction needed, making it a serious threat.
Microsoft 365 Security Workshop: June 2026 Deep Dive
Need to lock down Microsoft 365? A live, online workshop in June 2026 promises hands-on training in identity management, threat protection, and compliance. Get ready.
OpenAI Breach Linked to TanStack Attack; macOS Users Must Update
OpenAI confirmed a security breach tied to the broader TanStack supply chain attack. Two employee devices were impacted, leading to a crucial code-signing certificate rotation.
Hackers Breach OpenAI Code, Prompting Urgent Security Measures
OpenAI reports limited data breach following malware attack on TanStack. No user data compromised. Security measures are underway.
ChatGPT Mac App Needs Urgent Update After OpenAI Breach
Got the ChatGPT Mac app? You'll need to update it by June 12. A security breach hit OpenAI employee devices, forcing certificate revocations. Your data's safe, but the app won't work without the patch.
Google's QR-Captcha Blocks Androids Without Play Services
A new QR-Captcha from Google could block Android users without Play Services, raising concerns over access and data privacy.
Umbrellas vs. Drones: 'Flytrap' Method Confuses UAVs, With Mixed Results
Forget net guns. Researchers are trying to take down drones with... umbrellas. A new 'Flytrap' method shows promise in confusing UAVs, but real-world results are a mixed bag.
Safari 26.5 Update: 20 WebKit Bugs Patched for macOS Users
Safari 26.5 squashes 20 WebKit bugs. That means better security, less data exposure for macOS Sonoma and Sequoia users.
Canvas Hacks: Lawmakers Grill Instructure Over Repeated Breaches
Millions of student records, compromised. Twice. That's got U.S. lawmakers demanding Instructure explain its repeated data breaches, questioning everything from incident response to basic security.
AI-Driven Cyber Attacks Now Break Defenses in Just 73 Seconds
Anthropic's Mythos AI model is breaching systems in seconds, making faster, smarter cybersecurity responses critical.
Kubernetes Security Workshop: Hands-On Training in June, Sept, Dec 2026
Kubernetes security is critical. A new workshop promises practical skills and expert guidance to defend against evolving threats.
Linux Kernel Vulnerability Sparks 'Copy.Fail' Saga
A Linux kernel issue, dubbed 'Copy.Fail', triggers a series of security exploits and complicates certificate management for D-Trust.
Foxconn Ransomware Hits US Factories, Affects Production
Foxconn's North American factories were hit by ransomware, disrupting production. The attack reportedly involved 8TB of stolen data.
Google Fights Spyware with New Android 'Intrusion Logging' Feature
Google's new Intrusion Logging feature, part of Android's Advanced Protection Mode, aims to detect spyware. For now, it's a Pixel exclusive.
UK Hits South Staffordshire Water with $1.3M Data Breach Fine
The ICO fined South Staffordshire Water $1.3M after a cyberattack exposed nearly 664k customers' data. Malware went undetected for 20 months.
Signal Tightens Security Against Phishing Scams
Signal just rolled out new in-app warnings designed to thwart phishing and social engineering. Users? You'll need to verify contacts and stay sharp.
Community Bank Data Exposed in AI App Lapse
Community Bank disclosed a security lapse involving an AI app that exposed sensitive customer data, including names and Social Security numbers.
Pwn2Own Berlin Swamped as AI Sparks Record Hacker Applications
AI tools are making security research simpler, driving a massive wave of applications to Pwn2Own Berlin. Organizers are overwhelmed, turning away dozens of eager hacker teams.
Instructure Cuts Deal with Hackers to Stop Data Leak
Instructure paid off ShinyHunters to stop a 3.6TB data leak from its Canvas LMS. Sure, the data's back, but what's next for security?
TeamPCP's Supply-Chain Attack Compromises 400+ NPM, PyPI Packages for Dev Credentials
More than 400 NPM and PyPI packages have been compromised by TeamPCP. This widespread supply-chain attack aims for developer credentials. Act fast.
FCC Extends Waiver for Foreign Router Updates Until 2029
The FCC's decision allows foreign routers on the Covered List to get software updates until 2029, easing potential consumer harm.
GM Agrees to $12.75M Settlement Over Driver Data Sales in California
GM strikes a $12.75M deal with California over claims of illegal driver data sales, spotlighting privacy enforcement.
US Men Sentenced for Assisting North Korean IT Espionage
Two Americans were sentenced for helping North Korean agents pretend to be IT workers in a massive espionage and financial scam.
How to Spot AI-Generated Fake Online Shops
Scammers are using AI to create convincing fake online stores. Here's how to spot them and avoid losing money.