Flux RSS

Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw

Could America turn off Europe's internet? That’s one of the questions that Graham and special guest James Ball will be exploring as they discuss tech sovereignty. Could Gmail, cloud services, and critical infrastructure really become geopolitical leverage? And is anyone actually building a Plan B? Plus we explore if Meta is quietly plotting to turn its smart glasses into face-recognising surveillance specs? With reports of internal memos suggesting they plan to launch controversial features while everyone’s distracted by political chaos, we ask: is this innovation really wanted by the public... or something far creepier? All of this, and much more, in episode 455 of the award-winning "Smashing Security" podcast with cybersecurity veteran Graham Cluley, joined this week by journalist and author James Ball.

Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics

AIs like Grok and Microsoft Copilot can be exploited as covert C2 channels for malware communication

Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025

Police in The Netherlands say they have arrested a 40-year-old man on suspicion of hacking... after police officers accidentally sent him a link granting him access to their own confidential documents Read more in my article on the Hot for Security blog.

Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines

Android 17 Beta introduces privacy, security updates and a new Canary channel for improved development

iOS 26.4 Beta adds end-to-end encryption for RCS messaging and enhanced Memory Integrity Enforcement

Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics

Teleport study reveals that organizations running over-privileged AI have a 76% incident rate

Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments

Hudson Rock has warned OpenClaw users that infostealers are targeting their configuration files

Security researchers have challenged end-to-end encryption claims from popular commercial password managers

NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations

OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages

New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo

A high severity vulnerability in Google Chrome and allows remote attackers to execute code

Chainalysis warns that online fraud is fuelling sophisticated human trafficking operations

Dutch telco Odido has revealed a major data breach impacting over six million customers