World Leaks is a cyber extortion operation that steals sensitive data from organizations and threatens to leak it via the dark web if a ransom is not paid. Read more in my article on the Fortra blog.
The United Kingdom's Foreign, Commonwealth and Development Office (FCDO) has sanctioned Xinbi, a Chinese-language cryptocurrency-based online marketplace that sells stolen data and satellite internet equipment to scam networks in Southeast Asia. [...]
Organizations repeatedly expose ports, reuse passwords, and skip patches, creating security gaps that attackers exploit for breaches. An industry veteran outlines ways to fix these common mistakes.
AI models often hallucinate or make costly mistakes when tasked with recommending software versions, upgrade paths, and security fixes — leading to significant technical debt.
Threat actors are targeting TikTok for Business accounts in a phishing campaign that prevents security bots from analyzing malicious pages. [...]
WhatsApp is rolling out multiple features designed to make the app easier to use, including AI-powered message replies and photo retouching, support for two accounts on iOS, and chat history transfer between iOS and Android devices. [...]
Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior is critical to stop it. [...]
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click iMessage exploits. [...]
Russian police arrested a Taganrog resident believed to be the owner of LeakBase, a major online forum used by cybercriminals to buy and sell stolen data and hacking tools. [...]
Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.
An Armenian suspect was extradited to the United States to face criminal charges for allegedly helping manage RedLine, one of the most prolific infostealer malware operations in recent years. [...]
Appearing before Parliament, Meta, Google and X struggle to explain how fake political video circulated for so long A member of the UK Parliament's lower house who was the victim of a deepfake AI campaign this week had a rare chance to confront the Big Tech executives who helped spread it. Their answers disappointed.…
A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin - signing his extortion emails from a company called "Loot." Meanwhile, two people drive up to the entrance of the UK's nuclear submarine base at Faslane and politely ask if they can have a look around. Tourists? Spies? Something in between? All this and more in episode 460 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Jenny Radcliffe.
300 families undergo 6-week trial to test impact on sleep, school, and home life The UK government will trial different levels of restrictions on social media for under-16s with the help of 300 families, alongside a public consultation that has already gathered nearly 30,000 responses.…
Commission preliminarily finds Pornhub, Stripchat, XNXX and XVideos in breach of the Digital Services Act for allowing minors to access their services Anonymous (not verified) Thu, 03/26/2026 - 09:39 The European Commission preliminarily found Pornhub, Stripchat, XNXX and XVideos in breach of the Digital Services Act (DSA) for failing to protect minors from being exposed to pornographic content on their services. In exercising their right of defence, XVideos, XNXX, Pornhub and Stripchat now have the possibility to examine the documents in the Commission's investigation files and reply in writing to the Commission's preliminary findings. Read the full press release and find further information about the: Digital Services Act - main aspects of the regulation User rights under the Digital Services Act - an overview Protecting and empowering young people online Supervision of the designated very large online platforms and search engines under DSA Related topics Better Internet for Children Strengthening trust and security Online platforms and e-commerce DSA - Digital Services Act {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}
Commission investigates Snapchat's compliance with child protection rules under the Digital Services Act Anonymous (not verified) Thu, 03/26/2026 - 09:39 The European Commission has opened formal proceedings to investigate if Snapchat is ensuring a high level of safety, privacy and security for children online, in compliance with the Digital Services Act (DSA). Snapchat may have breached the DSA by exposing minors to grooming attempts and recruitment for criminal purposes, as well as to information about the sale of illegal goods, like drugs, or age-restricted products, such as vapes and alcohol. The investigation will focus on five areas. Read the full press release and more information about the Commission services and Dutch Digital Services Coordinator joint investigation. Find further information about the: Digital Services Act- main aspects of the regulation User rights under the Digital Services Act- an overview Protecting and empowering young people online Supervision of the designated very large online platforms and search engines under DSA Related topics Better Internet for Children Strengthening trust and security Online platforms and e-commerce DSA - Digital Services Act {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}
Police found cameras pointing at infrastructure Indian authorities have reportedly ordered an audit of the nation’s CCTV cameras, after police uncovered what they claim was a Pakistan-backed surveillance operation.…
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. [...]
While US government sits out this year, EU officials are on the ground in San Francisco leading the conversations on today's top cybersecurity challenges.
Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half of all vulnerable stores. [...]