The UK government has announced enhanced protection for undersea cables using autonomous vessels alongside crewed warships and aircraft, responding to escalating Russian surveillance activities. The Ministry of Defence's Atlantic Bastion programme directly...

Gartner’s document warns that AI sidebars mean “Sensitive user data – such as active web content, browsing history, and open tabs – is often sent to the cloud-based AI back end, increasing the risk of data exposure unless security and privacy settings are...

OpenAI has denied the reports that it has rolled out ads on ChatGPT Plus after users spotted recommendations for shopping apps. As spotted on X, a ChatGPT Plus user casually asked a normal question about Windows BitLocker. While the AI answered the question, it...

Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions. First spotted by Daniel Cuthbert, a new provision in Article 8.o-A, titled "Acts not...

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already compromised over 30 organizations across multiple sectors. React2Shell...

A campaign has been observed targeting Palo Alto GlobalProtect portals with login attempts and launching scanning activity against SonicWall SonicOS API endpoints. The activity started on December 2nd and originated from more than 7,000 IP addresses from...

Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to enter a second or third proof of identity. However, not all...

Criminals are altering social media and other publicly available images of people to use as fake proof of life photos in "virtual kidnapping" and extortion scams, the FBI warned on Friday.  In these truly heinous extortion attempts, miscreants contact their...

Security researcher Lyra Rebane has devised a novel clickjacking attack that relies on Scalable Vector Graphics (SVG) and Cascading Style Sheets (CSS). Rebane demonstrated the technique at BSides Tallinn in October and has now published a summary of her...

Amid new reports of attackers pummeling a maximum security hole (CVE-2025-55182) in the React JavaScript library, Cloudflare's technology chief said his company took down its own network, forcing a widespread outage early Friday, to patch React2Shell. The...