Flux RSS

OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws

A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin - signing his extortion emails from a company called "Loot." Meanwhile, two people drive up to the entrance of the UK's nuclear submarine base at Faslane and politely ask if they can have a look around. Tourists? Spies? Something in between? All this and more in episode 460 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Jenny Radcliffe.

Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key

The National Crime Agency has warned construction firms about surging invoice fraud

Hambardzum Minasyan of Armenia has been accused of being involved in the development and administration of the infostealer malware. The post Alleged RedLine Malware Administrator Extradited to US appeared first on SecurityWeek.

The computer giants have announced new security capabilities for PCs and printers. The post Dell and HP Roll Out Quantum-Resistant Device Security appeared first on SecurityWeek.

Commission preliminarily finds Pornhub, Stripchat, XNXX and XVideos in breach of the Digital Services Act for allowing minors to access their services Anonymous (not verified) Thu, 03/26/2026 - 09:39 The European Commission preliminarily found Pornhub, Stripchat, XNXX and XVideos in breach of the Digital Services Act (DSA) for failing to protect minors from being exposed to pornographic content on their services. In exercising their right of defence, XVideos, XNXX, Pornhub and Stripchat now have the possibility to examine the documents in the Commission's investigation files and reply in writing to the Commission's preliminary findings. Read the full press release and find further information about the: Digital Services Act - main aspects of the regulation User rights under the Digital Services Act - an overview Protecting and empowering young people online Supervision of the designated very large online platforms and search engines under DSA Related topics Better Internet for Children Strengthening trust and security Online platforms and e-commerce DSA - Digital Services Act {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Commission investigates Snapchat's compliance with child protection rules under the Digital Services Act Anonymous (not verified) Thu, 03/26/2026 - 09:39 The European Commission has opened formal proceedings to investigate if Snapchat is ensuring a high level of safety, privacy and security for children online, in compliance with the Digital Services Act (DSA). Snapchat may have breached the DSA by exposing minors to grooming attempts and recruitment for criminal purposes, as well as to information about the sale of illegal goods, like drugs, or age-restricted products, such as vapes and alcohol. The investigation will focus on five areas. Read the full press release and more information about the Commission services and Dutch Digital Services Coordinator joint investigation. Find further information about the: Digital Services Act- main aspects of the regulation User rights under the Digital Services Act- an overview Protecting and empowering young people online Supervision of the designated very large online platforms and search engines under DSA Related topics Better Internet for Children Strengthening trust and security Online platforms and e-commerce DSA - Digital Services Act {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts

The startup will invest in product development and go-to-market efforts as it expands into new sectors. The post Onit Security Raises $11 Million for Exposure Management Platform appeared first on SecurityWeek.

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials

Ilya Angelov was a member of the cybercrime group tracked as TA-551, Shathak, Gold Cabin, Monster Libra, and ATK236. The post Russian Cybercriminal Gets 2-Year Prison Sentence in US appeared first on SecurityWeek.

PwC finds AI is amplifying speed and scale of attacks, as identity theft evolves into a cybercriminal supply chain. The post AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link appeared first on SecurityWeek.

Apple released security fixes for older devices as well, in iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5. The post iOS, macOS 26.4 Roll Out With Fresh Security Patches appeared first on SecurityWeek.

The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list”

Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group

Expel has warned of malicious Chrome extensions stealing users’ AI conversations

A man has pleaded guilty to defrauding online music streaming platforms out of more than US $8 million, after creating hundreds of thousands of songs with AI, and then using bots to play them billions of times. Read more in my article on the Hot for Security blog.

UK police trumpet success of Operation Henhouse as they seize and freeze over £27m in suspected fraud proceeds

The head of the UK’s NCSC is calling the cybersecurity industry to “seize the disruptive vibe coding opportunity” to make software more secure