Search results

HackerOne Paid Out $81M to Bug Bounty Hunters: AI Emerges as the Primary Threat Source 70% of researchers use AI in their work, and autonomous agents have already submitted hundreds of valid reports. The bug bounty platform HackerOne reported that over the past 12 months, white-hat hackers...

Search with a Catch: How One Click on Google Can Hand Your Server to Hackers Major organizations worldwide have already fallen victim to this sophisticated scheme. The hacker group UAT-8099 is currently running an active campaign to promote malicious content in search engine results by...

What CAPTCHA Hides: New Attack Turns Verification Tool into Spy Instrument New deception mechanism is already active on hundreds of sites. The Lunar Spider group, also known as Gold Swath and Elara, has activated a new malicious campaign that uses a fake CAPTCHA verification interface to...

Hackers Turn 4G Routers into SMS Cannons – Sweden, Italy, and Belgium Under Attack An unexpected feature of business-grade equipment became the key to mass attacks. French company SEKOIA has uncovered a smishing campaign in which attackers are exploiting vulnerabilities in industrial Milesight...

Wikidata Adopts Vector Search: How This Will Change AI Information Processing The new Wikidata Embedding Project standard will put an end to chatbots' fabricated facts. Wikimedia Deutschland has introduced a new project that simplifies the use of data from Wikipedia and its sister platforms in...

Hundreds of GB Stolen from GitHub in Red Hat Breach – Infrastructure of Major Corporations and Government Agencies at Risk The attackers tried to negotiate a ransom, but the company subjected them to a bureaucratic nightmare. Red Hat, an American provider of enterprise solutions based on...

They Overtook ChatGPT, Cost Pennies, and Surprised Again. DeepSeek Proves That AI Can Be Cheap The economics of large language models are now changed forever. The Chinese company DeepSeek has introduced the experimental version of its language model, DeepSeek-V3.2-Exp, which for the first time...

Opened a PDF from Gmail? Congratulations, MatrixPDF has already connected to the hacker's server. Even without your click. The prompt "Open protected document" has never been so dangerous. Researchers from Varonis have reported the emergence of a new toolset called MatrixPDF, which allows...

Phantom Taurus: How Hackers Created an Invisible Network Inside Government Servers Across Three Continents The group's tactics suggest a close alignment with specific global geopolitical events. The new China-linked cyber-espionage group Phantom Taurus has been attacking government entities...

Every Server in Your Office is a Potential Victim. LockBit "Hired" Windows, Linux, and VMware to Work Against You Simultaneously The malware has recovered from a law enforcement crackdown and is now encrypting everything from desktops to hypervisors. Trend Micro has reported the emergence of a...

Is Your Router Performing Worse? Check It — Millions of Devices Are Already Mining Cryptocurrency for Hackers This scheme is active right now—in millions of apartments around the world. Researchers from CloudSEK have reported a large-scale campaign using a Loader-as-a-Service botnet that, over...

For 10 years, right under everyone's nose: Vane Viper controls a trillion requests a day — and your browser is helping it. Your browser has been working for someone else for a long time. For over a decade, the Vane Viper network has remained one of the largest hidden players in the malicious...

The First Robot Cyberwar: Microsoft Defeated an AI Hacker. But For How Long? Business terms were used as an instrument for masterful obfuscation for the first time. Specialists from Microsoft Threat Intelligence have documented an attack in which threat actors, for the first time, used...

Oracle and MS SQL Got NUMA, AVX-512, and IO_uring A new release has strengthened data protection and expanded tools for developers. PostgreSQL has released version 18.0 — the annual major update of the popular SQL database server. This new release contains significant performance improvements...

A fake license opened all doors. No one noticed the substitution—except for the hackers. Eight days of silence turned into the perfect cover for a large-scale operation. Researchers from WatchTowr Labs reported active attacks on a maximum severity vulnerability in the Fortra GoAnywhere MFT...

Scammers and Viruses in Every iPhone: The Consequences of the "Free" App Store Law Why will the new iPhone work worse in Europe? Apple has appealed to the European Commission to review and repeal the current Digital Markets Act (DMA), a law designed to limit the influence of the largest...

86 Million at Risk: Why Vietnam is Mass-Closing Bank Accounts and How Biometrics Turned into a Nightmare $38 million laundered using deepfakes prompts authorities to respond with unprecedented controls. Starting September 1, 2025, banks in Vietnam began closing accounts deemed inactive or...

"God-Mode" in the Hands of a Hacker: How One Line of Code Compromised Hundreds of Companies A simple tool for AI assistants turned out to be the most insidious backdoor of the year. Developers have grown to trust tools that help their AI assistants handle routine tasks—from sending emails to...

Backdoor Forever: Even Reinstalling Your OS No Longer Guarantees Server Security Researchers have found a way to create practically indestructible digital parasites. Supermicro server boards contain critical vulnerabilities in their Baseboard Management Controller (BMC)—company Binarly...

The Chinese "Ghost" Backdoor in Global Corporate Networks for Over a Year. What is China Preparing? How Chinese BRICKSTORM made expensive security meaningless. According to Google Threat Intelligence, a China-linked espionage group known as UNC5221 has carried out a series of successful...