Cybersecurity

Hackers switch to targeting U.S. #insurance companies

https://www.bleepingcomputer.com/news/security/google-warns-scattered-spider-hackers-now-target-us-insurance-companies/

#cybersecurity

Think Twice Before You Click ‘Unsubscribe’

https://www.msn.com/en-us/public-safety-and-emergencies/health-and-safety-alerts/think-twice-before-you-click-unsubscribe/ar-AA1GoBBj

#cybersecurity

#WindowsHello face unlock no longer works in the dark, and #Microsoft says it's not a bug

https://www.windowscentral.com/software-apps/windows-11/windows-hello-face-unlock-no-longer-works-in-the-dark-and-microsoft-says-its-not-a-bug

#biometrics #cybersecurity

📢 European #cybersecurity is evolving! Explore how the #CRA & #NIS2 will affect small to medium #opensource vendors at the #openSUSE Conference.
✅ Legal alignment
✅ Risk response
✅ Community readiness
🗓️ June 26 | Nuremberg
#opensource #compliance #EU #regulations https://events.opensuse.org/

Researchers Create World's First Completely Verifiable Random Number Generator

https://science.slashdot.org/story/25/06/16/1656252/researchers-create-worlds-first-completely-verifiable-random-number-generator

#cybersecurity #randomness

#KaliLinux 2025.2 released with 13 new tools, car hacking updates

https://www.bleepingcomputer.com/news/security/kali-linux-20252-released-with-13-new-tools-car-hacking-updates/

#cybersecurity #FOSS #Kali #Linux

As #grocery shortages persist, #UNFI says it’s recovering from #cyberattack

https://techcrunch.com/2025/06/16/food-distributor-unfi-says-its-recovering-from-cyberattack-as-grocery-shortages-persist/

#cybersecurity

#Zoomcar discloses security breach impacting 8.4 million users

https://www.bleepingcomputer.com/news/security/zoomcar-discloses-security-breach-impacting-84-million-users/

#cybersecurity #DataBreach #privacy

Over 46,000 #Grafana instances exposed to account takeover bug

https://www.bleepingcomputer.com/news/security/over-46-000-grafana-instances-exposed-to-account-takeover-bug/

#cybersecurity

#WestJet investigates #cyberattack disrupting internal systems

https://www.bleepingcomputer.com/news/security/westjet-investigates-cyberattack-disrupting-internal-systems/

#cybersecurity #travel #Canada

According to a new report, there are 13 China-owned VPN apps in the Apple App Store. None of them clearly disclose their links to China, and some use shell companies to hide their origin.

There are similar problems in Android's Google Play store.

Would you trust your internet traffic to a company that can be compelled to share its user data with the Chinese government?

Don't you think Apple and Google should be protecting their users better?

#cybersecurity #vpn #privacy

#Anubis #ransomware adds wiper to destroy files beyond recovery

https://www.bleepingcomputer.com/news/security/anubis-ransomware-adds-wiper-to-destroy-files-beyond-recovery/

#cybersecurity

Genetic testing company 23andMe has sold itself to a nonprofit led by the company’s former CEO Anne Wojcicki. @Techcrunch reports:

https://flip.it/bhw2IJ

#Tech #23AndMe #BioTech #Health #CyberSecurity

#Signalgate 2.0 proves it - there’s no such thing as a “Backdoor for the Good Guys Only”

https://tuta.com/blog/opinion-signalgate

#cybersecurity #encryption

"- A company owned by a Russian network engineer named Vladimir Vedeneev controls thousands of Telegram IP addresses and maintains its servers.

• Vedeneev’s other companies have a history of collaborating with Russia’s defense sector, the FSB security service, and other highly sensitive agencies.

• Because of the way Telegram’s encryption protocols work, even users who use its “end-to-end” encryption features are vulnerable to being tracked by anyone who can monitor its network traffic."

https://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle

#CyberSecurity #Privacy #Telegram #Russia #Encryption #FSB

Help Us Shape the New #Filen Hub – We Want Your Feedback!

https://blog.filen.io/help-us-shape-the-new-filen-hub-we-want-your-feedback/

#FOSS #cybersecurity

"AI agents have already demonstrated that they may misinterpret goals and cause some modest amount of harm. When the Washington Post tech columnist Geoffrey Fowler asked Operator, OpenAI’s ­computer-using agent, to find the cheapest eggs available for delivery, he expected the agent to browse the internet and come back with some recommendations. Instead, Fowler received a notification about a $31 charge from Instacart, and shortly after, a shopping bag containing a single carton of eggs appeared on his doorstep. The eggs were far from the cheapest available, especially with the priority delivery fee that Operator added. Worse, Fowler never consented to the purchase, even though OpenAI had designed the agent to check in with its user before taking any irreversible actions.

That’s no catastrophe. But there’s some evidence that LLM-based agents could defy human expectations in dangerous ways. In the past few months, researchers have demonstrated that LLMs will cheat at chess, pretend to adopt new behavioral rules to avoid being retrained, and even attempt to copy themselves to different servers if they are given access to messages that say they will soon be replaced. Of course, chatbot LLMs can’t copy themselves to new servers. But someday an agent might be able to.

Bengio is so concerned about this class of risk that he has reoriented his entire research program toward building computational “guardrails” to ensure that LLM agents behave safely."

https://www.technologyreview.com/2025/06/12/1118189/ai-agents-manus-control-autonomy-operator-openai/

#AI #GenerativeAI #AIAgents #AgenticAI #CyberSecurity #LLMs #Chatbots

#Password-spraying attacks target 80,000 #Microsoft #EntraID accounts

https://www.bleepingcomputer.com/news/security/password-spraying-attacks-target-80-000-microsoft-entra-id-accounts/

#cybersecurity

#VictoriasSecret restores critical systems after #cyberattack

https://www.bleepingcomputer.com/news/security/victorias-secret-restores-critical-systems-after-cyberattack/

#cybersecurity

#Cloudflare: Outage not caused by security incident, data is safe

https://www.bleepingcomputer.com/news/security/cloudflare-outage-not-caused-by-security-incident-data-is-safe/

#cybersecurity

#Apple fixes new #iPhone zero-day bug used in #Paragon #spyware hacks

https://techcrunch.com/2025/06/12/apple-fixes-new-iphone-zero-day-bug-used-in-paragon-spyware-hacks/

#cybersecurity

Coming to #Apple OSes: A seamless, secure way to import and export #passkeys

https://arstechnica.com/security/2025/06/apple-previews-new-import-export-feature-to-make-passkeys-more-interoperable/

#cybersecurity

Introducing premium accounts to fund the matrix(dot)org homeserver

https://matrix.org/blog/2025/06/funding-homeserver-premium/

#FOSS #Matrix #cybersecurity #privacy

#Microsoft confirms auth issues affecting #Microsoft365 users

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-auth-issues-affecting-microsoft-365-users/

#cybersecurity

"As AI agents powered by Large Language Models (LLMs) become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among the most pressing threats are prompt injection attacks, which exploit the agent’s resilience on natural language inputs — an especially dangerous threat when agents are granted tool access or handle sensitive information. In this work, we propose a set of principled design patterns for building AI agents with provable resistance to prompt injection. We systematically analyze these patterns, discuss their trade-offs in terms of utility and security, and illustrate their real-world applicability through a series of case studies."

https://arxiv.org/html/2506.08837v2

#AI #GenerativeAI #LLMs #PromptInjection #AIAgents #AgenticAI #CyberSecurity