Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a…
Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs
The campaign is laser-targeted, bucking the trend of “spray-and-pray” malicious open source packages turning up in code repositories seemingly every…
Friday Squid Blogging: Sunscreen from Squid Pigments
They’re better for the environment. Blog moderation policy. They’re better for the environment. Blog moderation policy. Read More
CrowdStrike Outage Losses Estimated at a Staggering $5.4B
Researchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind. Researchers track…
Millions of Devices Vulnerable to ‘PKFail’ Secure Boot Bypass Issue
Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices…
US Offers $10M Reward for Information on North Korean Hacker
The individual is part of a DPRK-backed group known as Andariel, which is known for using the ‘Maui’ ransomware strain…
Nvidia Embraces LLMs & Commonsense Cybersecurity Strategy
Nvidia doesn’t just make the chips that accelerate a lot of AI applications — the company regularly creates and uses…
Compromising the Secure Boot Process
This isn’t good: On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than…
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS)…
Could Intel Have Fixed Spectre & Meltdown Bugs Earlier?
Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for…
