Have I Been Pwned adds 284M accounts stolen by infostealer malware
The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel. HIBP founder Troy Hunt says he found 284,132,969 compromised accounts while analyzing 1.5TB of...
China compromised GOP emails ahead of Republican convention • The Register
Chinese spies reportedly broke into the US Republication National Committee's Microsoft-powered email and snooped around for months before being caught. According to a Wall Street Journal report that cites "people familiar with the matter," the Windows giant...
Orange Group confirms breach after hacker leaks company documents
A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider. The threat actor published on a hacker...
How to exploit top LRMs that reveal their reasoning steps • The Register
Analysis AI models like OpenAI o1/o3, DeepSeek-R1, and Gemini 2.0 Flash Thinking can mimic human reasoning through a process called chain of thought. That process, described by Google researchers in 2022, involves breaking the prompts put to AI models into a...
OpenAI bans ChatGPT accounts used by North Korean hackers
OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. "We banned accounts demonstrating activity potentially associated with publicly reported Democratic...
Shifting the cybersecurity odds • The Register
Partner Content Security can feel like fighting a losing battle, but it doesn't have to be. As critical gaps are left exposed, breaches are on the rise. This is the case despite ongoing investments in defensive technologies, such as firewalls, EDRs, SIEMs and...
Google Cloud introduces quantum-safe digital signatures in KMS
Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. The tech giant says this initiative aligns with the National Institute of Standards and Technology's (NIST)...
PayPal “New Address” feature abused to send phishing emails
An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers For the past month, BleepingComputer and others [1, 2] have received emails from PayPal stating,...
Fake CS2 tournament streams used to steal crypto, Steam accounts
Threat actors are exploiting major Counter-Strike 2 (CS2) competitions, like IEM Katowice 2025 and PGL Cluj-Napoca 2025, to defraud gamers and steal their Steam accounts and cryptocurrency. Although CS2 first launched 13 years ago, it still maintains a massive...
Google Chrome disables uBlock Origin for some in Manifest v3 rollout
Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. For those unaware, Manifest V3 is Chrome's latest extension...