Security / Cyberattacks and Hacks

Over the past two years, Scattered Spider has emerged as one of the most prolific and dangerous sets of hackers currently operating. The threat actors are not a well-defined group of hackers. Instead, they’re more a loose collective that uses social engineering—such as phishing and voice calls—to gain initial access …

Even security experts can be fooled. In July 2024, Knowbe4, a Florida-based company that offers security training, discovered that a new hire known as “Kyle” was actually a foreign agent. “He interviewed great,” says Brian Jack, KnowBe4’s chief information security officer. “He was on camera, his résumé was right, his …

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages that can steal data, plant backdoors, and carry out other nefarious actions, newly published research shows. The study, which used 16 of the most widely …

Last year, Apple debuted a similar scheme, known as Private Cloud Compute, for its Apple Intelligence AI platform. And users can turn the service on in Apple’s end-to-end encrypted communication app, Messages, to generate message summaries and compose “Smart Reply” messages on both iPhones and Macs. Looking at Private Cloud …

Below is a video of the Oligo researchers demonstrating their AirBorne hacking technique to take over an AirPlay-enabled Bose speaker to show their company’s logo for AirBorne. (The researchers say they didn’t intend to single out Bose, but just happened to have one of the company’s speakers on hand for …

As the Trump administration’s aggressive immigration policy ramps up, people have started to seriously consider their privacy and security when crossing into the United States. That’s especially true when it comes to searches of travelers’ phones and other devices, which US Customs and Border Protection agents have broad authority to …

Google announced at the beginning of April that it is launching a streamlined tool that will allow business users to easily send “end-to-end encrypted” emails—an effort to address the longstanding challenge of adding additional security protections to email messages. The feature is currently in beta for enterprise users to try …

Just three months into the Trump administration’s promised crackdown on immigration to the United States, Immigrations and Customs Enforcement now has a $30 million contract with Palantir to build a “near-real time” surveillance platform called ImmigrationOS that would track information about people self-deporting (electing to leave the US). Meanwhile, the …