The maintainers of NX warned users about a supply chain attack dubbed s1ngularity that occurred on August 26, 2025. The compromise of one developer’s token allowed the attackers to publish malicious versions of the popular npm package…
CONTINUE READING 🡒 
Unmasking Shingled Magnetic Recording in Western Digital and Seagate HDDs
Until recently, the savvy user—the kind who doesn’t mind spending a few days on forums—knew this as gospel: Seagate’s consumer drives use SMR (shingled magnetic recording), which is bad, and Western Digital’s don’t. Lots of people based…
CONTINUE READING 🡒 
Nevada government agencies shut down after a cyberattack
Last weekend, the U.S. state of Nevada was hit by a large-scale cyberattack. As a result, for several days authorities have been grappling with the aftermath of the incident, which disrupted government websites, phone systems, and online…
CONTINUE READING 🡒 
Crypto drainers. New scam empties crypto wallets automatically
Drainers represent a new type of phishing that is currently ravaging the cryptocurrency world. It’s growing at an incredible speed and has already surpassed ransomware in terms of prevalence and stolen funds. This article provides an insight into drainers, their operational principle, and the market that emerged on their…
CONTINUE READING 🡒 
From Android 1.0 to 8.0: How the World’s Most Popular…
Ten years ago, Google’s engineers released the first Android SDK and the first emulator, letting anyone get a feel for the new OS. Back then, few people took it seriously. Which makes it all the more interesting…
CONTINUE READING 🡒 
Anthropic: Hackers used Claude in a large-scale cyber operation
Anthropic reports that it has disrupted a large-scale malicious operation in which attackers used Claude in July 2025 to steal personal data and commit extortion. The ransoms demanded by the hackers at times exceeded US$500,000.
CONTINUE READING 🡒 
Crypto Mining Made Easy: Automate Your Operations and Optimize Performance
Lately, the mining landscape has changed fundamentally. With around a thousand altcoins now, focusing on a single cryptocurrency has become too risky. Exchange rates and mining difficulty are constantly in flux. Keeping up and manually switching to…
CONTINUE READING 🡒 
Popular password managers are vulnerable to clickjacking
An infosec specialist has discovered that six of the most popular password managers, used by tens of millions of people, are vulnerable to clickjacking, enabling attackers to steal credentials, two-factor authentication codes, and bank card data.
CONTINUE READING 🡒 
DDoS Attack on Arch Linux Disrupts Project Website, Repository, and…
The Arch Linux team reports that it has been mitigating a prolonged DDoS attack for more than a week, affecting most of the project’s services. The attack began on August 16, and as a result the Arch…
CONTINUE READING 🡒 
Researchers Discover PromptLock, the First AI Ransomware
ESET specialists have discovered an unusual piece of malware dubbed PromptLock. The researchers describe it as the first known ransomware to use AI.
CONTINUE READING 🡒 
Relay again. Mastering relevant NTLM Relay attack techniques implemented via…
No doubt, you’ve heard many times that the NTLM Relay support is about to be disabled in Windows. I’ve heard it many times, too, but it’s mid-2025, and I still encounter NTLM Relay in almost every project. This article discusses relevant NTLM Relay…
CONTINUE READING 🡒 
Comparing 8 Home Firewalls: Which Has the Strongest Default Security?
You’d think picking a firewall for a home PC would be simple—just install it and go. But firewalls aren’t all the same, and choosing the right one can take time and effort. Today we’ll look at eight…
CONTINUE READING 🡒 
Hundreds of thousands of Auchan customers affected by data breach
The French retail chain Auchan has notified hundreds of thousands of customers that their personal data was stolen during a cyberattack.
CONTINUE READING 🡒 
Researchers hid malicious AI prompts inside tiny images
Experts at Trail of Bits have developed a new type of attack that enables the theft of user data by embedding malicious prompts into images, invisible to the human eye.
CONTINUE READING 🡒 
Windows 10 Privacy Tools: Testing Apps to Disable Telemetry and…
It’s been more than three years since Windows 10 launched, and the issue of user data being sent to Microsoft’s servers still hasn’t been resolved. Worse, it’s been compounded by forced resets of privacy settings and the…
CONTINUE READING 🡒 
Android to ban installation of apps from unverified developers
Google representatives announced that starting in 2026, only apps from verified developers can be installed on certified Android devices. This measure is aimed at combating malware and financial fraud, and will apply to apps installed from third-party…
CONTINUE READING 🡒 
Critical vulnerability in Docker Desktop allowed attackers to compromise the…
A critical vulnerability in the desktop version of Docker for Windows and macOS made it possible to compromise the host system by running a malicious container, even when Enhanced Container Isolation (ECI) was enabled.
CONTINUE READING 🡒 
Google Play removes malware with over 19 million downloads
Researchers at Zscaler discovered that 77 malicious Android applications, with more than 19 million installs in total, were distributing various malware families on the official Google Play store.
CONTINUE READING 🡒 
AhMyth: Using a Simple Builder to Create an Android RAT
Thanks to Elon Musk’s efforts, you can drive a Tesla today without even knowing how to drive. And thanks to a developer who goes by the handle AhMyth (the same name he gave his tool), anyone can…
CONTINUE READING 🡒 
Life Without Antivirus: How to Remove Malware Manually and Harden…
When asked “What antivirus do you use on your Windows machine?” many security professionals (including people on our editorial team) answer: none. When massive outbreaks infect hundreds of thousands of computers despite all the latest defense tech,…
CONTINUE READING 🡒