Notorious crooks broke into a company network in 48 minutes. Here’s how.
Report sheds new light on the tactics allowing attackers to move at breakneck speed.
Ars Technica
As the Kernel Turns: Rust in Linux saga reaches the “Linus in all-caps” phase
Torvalds: You can avoid Rust as a C maintainer, but you can't interfere with it.
Ars Technica
Leaked chat logs expose inner workings of secretive ransomware group
Researchers are poring over the data and feeding it into ChatGPT.
Ars Technica
HP realizes that mandatory 15-minute support call wait times isn’t good support
HP rescinds European support call strategy due to "feedback."
Ars Technica
Russia-aligned hackers are targeting Signal users with device-linking QR codes
Swapping QR codes in group invites and artillery targeting are latest ploys.
Ars Technica
Microsoft warns that the powerful XCSSET macOS malware is back with new tricks
XCSSET has been targeting Mac users since 2020.
Ars Technica
What is device code phishing, and why are Russian spies so successful at it?
Overlooked attack method has been used since last August in a rash of account takeovers.
Ars Technica
Financially motivated hackers are helping their espionage counterparts and vice versa
Two players who mostly worked independently are increasingly collaborative.
Ars Technica
New hack uses prompt injection to corrupt Gemini’s long-term memory
There's yet another way to inject malicious prompts into chatbots.
Ars Technica
OpenAI’s secret weapon against Nvidia dependence takes shape
Chatbot maker partners with TSMC to manufacture custom AI chip, with plans for future iterations.
Ars Technica
Ransomware payments declined in 2024 despite massive. well-known hacks
Amount paid by victims to hackers declined by hundreds of millions of dollars.
Ars Technica
DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers
Apple's defenses that protect data from being sent in the clear are globally disabled.
Ars Technica
Ransomware payments declined in 2024 despite massive well-known hacks
Amount paid by victims to hackers declined by hundreds of millions of dollars.
Ars Technica
7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine
Vulnerability stripped MotW tag Windows uses to flag Internet-downloaded files.
Ars Technica
Go Module Mirror served backdoor to devs for 3+ years
Supply chain attack targets developers using the Go programming language.
Ars Technica
22-year-old math wiz indicted for alleged DeFI hack that stole $65M
22-year-old Andean Medjedovic of Canada could spend decades in prison if convicted.
Ars Technica
Dell risks employee retention by forcing all teams back into offices full-time
"Dell may be missing out on some great talent..."
Ars Technica
Apple chips can be hacked to leak secrets from Gmail, iCloud, and more
Side channel gives unauthenticated remote attackers access they should never have.
Ars Technica
A long, costly road ahead for customers abandoning Broadcom’s VMware
"We loved VMware, and then when Broadcom bought ‘em, we hated ‘em.”
Ars Technica
Backdoor infecting VPNs used “magic packets” for stealth and security
J-Magic backdoor infected organizations in a wide array of industries.
Ars Technica
Researchers say new attack could take down the European power grid
Power grid in Central Europe uses unencrypted radio signals to add and shed loads.
Ars Technica
Data breach hitting PowerSchool looks very, very bad
Schools are now notifying families their data has been stolen.
Ars Technica
The Internet is (once again) awash with IoT botnets delivering record DDoSes
Bigger, badder DDoSes are flooding the Internet. Dismal IoT security is largely to blame.
Ars Technica
Cutting-edge Chinese “reasoning” model rivals OpenAI o1—and it’s free to download
DeepSeek R1 is free to run locally and modify, and it matches OpenAI's o1 in several benchmarks.
Ars Technica
Home Microsoft 365 plans use Copilot AI features as pretext for a price hike
"Classic" plans without AI or price increases are only for current subscribers.
Ars Technica
Microsoft patches Windows to eliminate Secure Boot bypass threat
File that neutered Secure Boot passed Microsoft's internal review process.
Ars Technica
US splits world into three tiers for AI chip access
While close US allies get unrestricted AI chip access, the rest of the world has numerical limits.
Ars Technica