Tech News
Back to home

Articles tagged with "cybersecurity"

Amazon’s Middle East data centers damaged by Iran drone and missile attacks will be down for several months during repairs — U.S. and Iran currently observing an uneasy truce, but renewed strikes possible if talks break down

Amazon’s Middle East data centers damaged by Iran drone and missile attacks will be down for several months during repairs — U.S. and Iran currently observing an uneasy truce, but renewed strikes possible if talks break down

Amazon's data centers in the Middle East have been damaged by drone and missile attacks from Iran, leading to disruptions in services in Bahrain and the UAE. The repair process is expected to take several months, with customers advised to migrate resources to other regions. The ongoing conflict between the U.S. and Iran poses a risk of renewed strikes, making it challenging for Amazon to start repairs. Additionally, the damage caused by the attacks includes equipment destruction and system failures, further complicating the restoration process.

Tom's Hardware
FCC votes to ban all Chinese labs from certifying electronics sold in the US due to national security concerns — ruling would affect 75 percent of US-bound devices

FCC votes to ban all Chinese labs from certifying electronics sold in the US due to national security concerns — ruling would affect 75 percent of US-bound devices

The FCC unanimously voted to ban all Chinese labs from certifying electronics for sale in the U.S. due to national security concerns, affecting 75% of U.S.-bound devices. This move follows the FCC's ban on 15 state-owned or government-affiliated Chinese labs and extends to all remaining labs in China. The proposal also includes banning China Mobile, China Telecom, and China Unicom from operating data centers in the U.S. The FCC aims to limit interconnection capabilities with entities it deems security threats, with the ruling opening a public comment period before final implementation.

Tom's Hardware
Canonical under sustained DDoS attack as Ubuntu 26 releases — Iranian group 313 Team claims responsibility

Canonical under sustained DDoS attack as Ubuntu 26 releases — Iranian group 313 Team claims responsibility

Canonical, the company behind Ubuntu Linux, is facing a Distributed Denial of Service (DDoS) attack claimed by the Iranian group 313 Team. The attack has affected Canonical's infrastructure, causing slowdowns and outages on Ubuntu download and update mirrors, the main website, Launchpad, Snap store, and other services. Despite the attack coinciding with the release of Ubuntu 26 LTS, there have been no reported security compromises on package repositories or ISO images. Users are advised to access Ubuntu downloads from alternative non-Canonical sources during this period.

Tom's Hardware
Ubuntu infrastructure has been down for more than a day

Ubuntu infrastructure has been down for more than a day

Ubuntu and Canonical servers have been down for over a day due to a sustained, cross-border attack, hindering communication and updates for users. While attempts to access their webpages have failed, updates from mirror sites are still functioning. A group linked to the Iranian government has claimed responsibility for the outage, using a DDoS attack. This incident highlights the ongoing challenge of cyber attacks on tech infrastructure.

Ars Technica
Linux exploit instantly grants administrator access on most distributions since 2017 — cryptography optimization snafu grants root privileges to local users

Linux exploit instantly grants administrator access on most distributions since 2017 — cryptography optimization snafu grants root privileges to local users

A recent Linux exploit, CVE-2026-31431, allows local unprivileged users to gain root access instantly on most Linux distributions since 2017. The exploit affects popular distros like Ubuntu, RHEL, Suse, and Amazon Linux, as well as Windows' WSL2. The vulnerability, discovered by Xint Code researchers, involves a cryptography optimization flaw that grants administrator privileges through a devious attack on the AF_ALG socket. While a patch has been released, some distributions may still be vulnerable, requiring mitigation methods like disabling AF_ALG sockets. The exploit occurs in memory without leaving detectable traces on disk, making it challenging to detect with security software.

Tom's Hardware
The most severe Linux threat to surface in years catches the world flat-footed

The most severe Linux threat to surface in years catches the world flat-footed

A critical Linux vulnerability, named CopyFail (CVE-2026-31431), has been disclosed by security researchers, allowing unprivileged users to gain root access across various Linux distributions. The exploit code, released by Theori, works universally without modification, posing a significant threat to data centers and personal devices. While the Linux kernel security team patched the vulnerability in several versions, many distributions had not yet implemented the fixes at the time of the exploit's release. This flaw enables attackers to execute malicious activities like hacking multi-tenant systems and creating backdoors, emphasizing the severity of the issue.

Ars Technica
Crucial Taiwan undersea cable severed by old shipwreck — backup microwave communications activated to keep population connected

Crucial Taiwan undersea cable severed by old shipwreck — backup microwave communications activated to keep population connected

A shipwreck off Dongyin island in Taiwan has severed the undersea cable connecting it to Beigan Island, prompting the activation of backup microwave communications to maintain connectivity for the 1,500 residents. The Matsu Islands' strategic location near mainland China and the Taiwan Strait makes them crucial for Taiwan's military presence. While this incident was due to natural causes, it underscores Taiwan's vulnerability in its global connections. Recent suspicions of deliberate undersea cable damage by Chinese ships have led Taiwan to increase defensive measures and penalties for sabotage attempts. Despite wireless backups, physical undersea cables remain essential for reliable and high-bandwidth internet connections.

Tom's Hardware
With $1 Cyberattacks on the Rise, Durable Defenses Pay Off

With $1 Cyberattacks on the Rise, Durable Defenses Pay Off

As cyberattacks that cost as little as $1 become more prevalent, the importance of robust cybersecurity defenses is highlighted. The article emphasizes the significance of writing memory-safe code over relying solely on patching vulnerabilities. Experts Evan Johnson and Justin Cappos from New York University stress the need for durable defenses in the face of rapid and powerful cyberattacks facilitated by large language models like Anthropic’s Claude Mythos. They suggest that a comprehensive approach beyond generative AI is essential for effective cyberdefense.

IEEE Spectrum
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden

Security firm Checkmarx has been targeted in a series of supply-chain attacks over the past six weeks, with malware being pushed to customers through compromised accounts. The attacks began with the breach of the Trivy vulnerability scanner, leading to malware being distributed to Checkmarx users. Checkmarx's GitHub account was also compromised, leading to the dissemination of malware to its users. The company faced additional malware pushes, indicating ongoing security challenges. A ransomware group known as Lapsu$ recently dumped Checkmarx's private data on the dark web, suggesting persistent access by attackers.

Ars Technica
Ransomware accidentally destroys all files larger than 128KB, preventing decryption — VECT code likely partly vibe coded with AI or used an old code base, security researchers suggest

Ransomware accidentally destroys all files larger than 128KB, preventing decryption — VECT code likely partly vibe coded with AI or used an old code base, security researchers suggest

The VECT ransomware, discovered in December 2025, contains a critical bug that turns it into a wiper, destroying files larger than 128KB and preventing decryption. Check Point Research found that the ransomware's flawed programming causes irreversible damage to encrypted files, rendering payment to unlock data ineffective. The ransomware's code also exhibits various other issues, leading researchers to speculate that it may have been partly generated with AI or based on outdated code. Despite these flaws, the group behind VECT appears sophisticated, with multi-platform capabilities and partnerships with other threat actors. The researchers warn that the group could potentially fix these issues and release a more effective version in the future, leveraging its existing distribution system to infect more systems.

Tom's Hardware
Open source package with 1 million monthly downloads stole user credentials

Open source package with 1 million monthly downloads stole user credentials

A widely used open source package with 1 million monthly downloads was compromised by threat actors exploiting a vulnerability in the developers’ account workflow, granting access to sensitive information. The malicious package, element-data 0.23.3, was distributed to users, collecting user credentials, API tokens, and more. Users who installed this version are advised to consider their credentials compromised. The attackers gained access through a GitHub action, allowing them to publish the malicious package. The developers swiftly removed the package, rotated credentials, and fixed the vulnerability.

Ars Technica
Enthusiast fixes 30-year issue with S3 graphics card — hacking the VBIOS fixes black levels by scalpelling out the Virge DX’s ‘pedestal bit’

Enthusiast fixes 30-year issue with S3 graphics card — hacking the VBIOS fixes black levels by scalpelling out the Virge DX’s ‘pedestal bit’

A retro hardware enthusiast successfully fixed a 30-year-old issue with S3 graphics cards by hacking the VBIOS to address the 'pedestal bit' problem that caused washed-out black levels. By adjusting the hexadecimal value in the VBIOS code, the darkest blacks were restored to their proper color, eliminating the undesirable gray appearance. The enthusiast used debugging tools to locate and modify the pedestal bit, then dumped the VBIOS to a file, made the necessary tweaks, and flashed it back to the hardware. The fix resulted in a deep black background upon booting, confirming the successful elimination of the pedestal bit issue. This solution can potentially be applied to other S3 Virge DX models, offering a resolution to a long-standing problem in graphics card technology.

Tom's Hardware
Why are top university websites serving porn? It comes down to shoddy housekeeping.

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Scammers have exploited the poor record-keeping practices of university website administrators, leading to explicit porn and malicious content being served on prestigious university domains like berkeley.edu, columbia.edu, and washu.edu. Researcher Alex Shakhov discovered hundreds of subdomains for at least 34 universities being abused, with Google listing thousands of hijacked pages. The scammers, possibly linked to a group known as Hazy Hawk, take advantage of outdated CNAME records that are not removed when subdomains are decommissioned, allowing them to hijack the university's subdomain and manipulate search results.

Ars Technica
How a cavalcade of blunders gave unauthorized users access to Claude Mythos — restricted model accessed by third parties, thanks to knowledge from data breach

How a cavalcade of blunders gave unauthorized users access to Claude Mythos — restricted model accessed by third parties, thanks to knowledge from data breach

Unauthorized users gained access to Anthropic's cybersecurity AI model, Claude Mythos, through a breach that exposed proprietary AI models. Despite Mythos' capabilities in finding vulnerabilities, it couldn't prevent unauthorized access through a third-party contractor. The breach stemmed from a hack at Mercor, which led to a chain of breaches involving third-party tools. This incident underscores the importance of cybersecurity and the vulnerability posed by the human element in digital security. As AI tools like Mythos become more prevalent, the need for robust security measures is increasingly crucial to prevent unauthorized access and data breaches.

Tom's Hardware
MIT Technology Review

The Download: supercharged scams and studying AI healthcare

The article discusses how AI is being used to enhance cyber scams, making them faster and more sophisticated, posing challenges for organizations dealing with cyberattacks. In healthcare, AI tools are increasingly used by doctors for tasks like notetaking and interpreting medical data, but the effectiveness of these tools in improving patient outcomes remains uncertain. Additionally, the article highlights the unveiling of DeepSeek's new AI model and other tech news stories, including countries restricting children's social media access and Meta cutting jobs to offset AI spending. NASA's search for extraterrestrial life on Jupiter's moon Europa is also mentioned.

MIT Technology Review
Amazon Eero and Leo routers gain FCC Conditional Approval for US sales — Eero products can skirt router ban for the next 18 months, firm joins Netgear on approval list

Amazon Eero and Leo routers gain FCC Conditional Approval for US sales — Eero products can skirt router ban for the next 18 months, firm joins Netgear on approval list

Amazon's Eero routers have received FCC Conditional Approval, allowing them to be sold in the US for the next 18 months. This approval follows Netgear's similar clearance last week, as manufacturers work to comply with national security regulations. Eero reassures customers that their products meet rigorous standards and will continue to be available. The Conditional Approval covers all Eero products and extends until October 31, 2027. TP-Link is still awaiting approval as it addresses concerns over Chinese ownership ties.

Tom's Hardware
In a first, a ransomware family is confirmed to be quantum-safe

In a first, a ransomware family is confirmed to be quantum-safe

A new ransomware family named Kyber claims to be quantum-safe by using ML-KEM encryption, a post-quantum cryptography standard. This encryption method is designed to be resistant to attacks by quantum computers, unlike traditional methods like Elliptic Curve and RSA. Security firm Rapid7 confirmed that Kyber uses the highest strength version of ML-KEM to encrypt victims' data with AES-256, making it the first known case of ransomware utilizing post-quantum cryptography. This development highlights the evolving tactics of cybercriminals to enhance the security of their malicious activities.

Ars Technica
UK spy agency releases malware-blocking gadget for HDMI and DisplayPort cables — SilentGlass blocks malicious traffic traveling between display and computer

UK spy agency releases malware-blocking gadget for HDMI and DisplayPort cables — SilentGlass blocks malicious traffic traveling between display and computer

The UK's GCHQ has introduced SilentGlass, a device that blocks malicious traffic between a display and a PC, aimed at protecting government estates in high-threat environments. The design has been licensed to Goldilock Labs, a cybersecurity firm, for global availability. While some experts question the necessity of SilentGlass for common cyberattacks, vulnerabilities in HDMI and DisplayPort could be exploited by advanced adversaries targeting sensitive information. The gadget is now available for purchase, primarily beneficial for users dealing with state secrets and confidential data.

Tom's Hardware
What Anthropic’s Mythos Means for the Future of Cybersecurity

What Anthropic’s Mythos Means for the Future of Cybersecurity

The article discusses Anthropic's Mythos and its implications for cybersecurity. It emphasizes the need for systems that can be continuously tested and patched in the face of evolving threats. The authors, Bruce Schneier and Barath Raghavan, highlight the importance of adapting to the new reality of cybersecurity. The focus is on the role of artificial intelligence, particularly agentic AI, in addressing hacking challenges. The article underscores the significance of staying ahead in the cybersecurity landscape by leveraging advanced technologies.

IEEE Spectrum
Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft has issued an emergency update for its ASP.NET Core to address a critical vulnerability (CVE-2026-40372) affecting versions 10.0.0 through 10.0.6 of the Microsoft.AspNetCore.DataProtection NuGet package on macOS and Linux. The flaw allows unauthenticated attackers to gain SYSTEM privileges by forging authentication payloads during the HMAC validation process. Even after patching, devices may still be at risk if forged credentials created by threat actors are not removed. ASP.NET Core is a high-performance web development framework for creating .Net apps on various platforms, including Windows, macOS, Linux, and Docker.

Ars Technica
Ransomware negotiator pleads guilty after leaking victims' insurance details to 'BlackCat' hackers — perp gave attackers a precise picture of exactly how much each target could afford to pay

Ransomware negotiator pleads guilty after leaking victims' insurance details to 'BlackCat' hackers — perp gave attackers a precise picture of exactly how much each target could afford to pay

Former ransomware negotiator Angelo Martino has pleaded guilty to collaborating with the ALPHV/BlackCat ransomware gang to extort five U.S. companies, providing confidential details about the victims' insurance policies and negotiation perceptions. Martino's actions led to over $75 million in ransom payments, with individual payments exceeding $25 million. He also participated in deploying BlackCat ransomware against additional U.S. victims, demanding over $16 million in ransom. Law enforcement has seized more than $10 million from Martino, including cryptocurrency and various assets purchased with illicit proceeds. Martino, along with his co-conspirators, faces a maximum of 20 years in prison, with sentencing scheduled for July 9th.

Tom's Hardware
Iran claims US exploited networking equipment backdoors during strikes — says devices from Cisco and others failed despite blackout in attack that 'indicates deep sabotage'

Iran claims US exploited networking equipment backdoors during strikes — says devices from Cisco and others failed despite blackout in attack that 'indicates deep sabotage'

Iran has accused the U.S. of exploiting networking equipment backdoors from Cisco, Juniper, Fortinet, and MikroTik during military operations against Iran. The Iranian media claims that these devices failed during the attacks despite Iran being disconnected from the global Internet, suggesting deep sabotage. While these claims are unverified, the U.S. has confirmed conducting cyber operations against Iran's communications infrastructure. The vendors named by Iran have had past security issues, with examples like NSA intercepting Cisco routers for surveillance implants and Juniper finding unauthorized code in its firmware. Chinese state media has supported Iran's claims, linking them to American backdoors in networking hardware.

Tom's Hardware
Windows 11 April update now reveals if Secure Boot 2023 certificate is applied to your PC

Windows 11 April update now reveals if Secure Boot 2023 certificate is applied to your PC

The Windows 11 April 2026 Update introduces the ability to check if the Secure Boot 2023 certificate is applied to your PC, crucial for protecting against boot-level malware. Microsoft confirms that older certificates will be replaced with Secure Boot 2023 via Windows Update. The Windows Security app now displays the Secure Boot certificate status under the 'Device Security' tab, ensuring users can easily verify if their certificates are updated. The update is rolling out gradually and should be available on most PCs by the end of April 2026. Users can check their Secure Boot status in Windows Security to ensure their devices are fully protected.

Windows Latest
TP-Link seeks to secure conditional approval from FCC following router import ban — company stresses it is no longer Chinese-owned

TP-Link seeks to secure conditional approval from FCC following router import ban — company stresses it is no longer Chinese-owned

TP-Link is in talks with the FCC to secure conditional approval to continue importing new router models after the FCC's ban on imported routers. The company emphasizes that it is now a U.S.-based entity with no ties to its former Chinese parent company. The FCC's blanket ban on imported routers can be exempted with conditional approval, requiring a plan for U.S.-based manufacturing. While TP-Link's manufacturing remains in China and Vietnam, other companies like Adtran Inc. and Netgear have obtained conditional approvals. TP-Link's separation from its Chinese parent company is completed, but its historical ties may still draw scrutiny from U.S. officials.

Tom's Hardware
Microsoft quietly reveals whether you need a third-party antivirus software in Windows 11

Microsoft quietly reveals whether you need a third-party antivirus software in Windows 11

Microsoft has confirmed that Windows 11 is the most secure Windows version yet and includes Windows Defender as a complete antivirus solution that runs by default and updates automatically. While Microsoft emphasizes that Windows Defender is sufficient for most users, they acknowledge scenarios where third-party antivirus software may still be necessary, such as in enterprise environments or for specific features like parental controls. The article details the capabilities of Microsoft Defender, including real-time scanning, behavior monitoring, and cloud-delivered protection, which have been proven effective in independent tests. Overall, for most users, Windows Security in Windows 11 is deemed adequate without the need for third-party antivirus software.

Windows Latest
AI cloud company Vercel breached after employee grants AI tool unrestricted access to Google Workspace — hacker seeking $2 million for stolen data

AI cloud company Vercel breached after employee grants AI tool unrestricted access to Google Workspace — hacker seeking $2 million for stolen data

Vercel, a cloud platform linked to Next.js, faced a security breach when a hacker exploited a third-party AI tool to access a Vercel employee's Google Workspace account. The breach exposed non-sensitive data, and the hacker, known as ShinyHunters, is demanding $2 million for the stolen information. Vercel is working with Mandiant, law enforcement, and affected customers to address the breach. The attacker's initial access stemmed from a compromised Context.ai tool, which had its own security issues traced back to an employee infected with malware. Vercel is advising customers to review and secure their environment variables and has introduced new security features following the incident.

Tom's Hardware
Russian-made Shahed drones are ‘disintegrating in the air before reaching their targets’ due to shoddy manufacturing, video shows — commentators call Russian clones of Iran's drones 'flying garbage'

Russian-made Shahed drones are ‘disintegrating in the air before reaching their targets’ due to shoddy manufacturing, video shows — commentators call Russian clones of Iran's drones 'flying garbage'

Russian-made Shahed drones are facing criticism for disintegrating in the air before reaching their targets due to poor manufacturing quality. Video footage from Ukrainian Sting interceptor drones reveals defects like missing body panels, stray wiring, and deformed wingtips on the drones. The drones are said to be produced in Russia's Alabuga Special Economic Zone with minimally trained workers using inferior Chinese parts. This decline in quality has led to a decrease in the hit rate of these drones in Ukraine, turning them into tools of attrition rather than precision.

Tom's Hardware
Bluetooth tracker hidden in a postcard and mailed to a warship exposed its location — $5 gadget put a $585 million Dutch ship at risk for 24 hours

Bluetooth tracker hidden in a postcard and mailed to a warship exposed its location — $5 gadget put a $585 million Dutch ship at risk for 24 hours

A Dutch warship, HNLMS Evertsen, part of a NATO carrier strike group, unknowingly exposed its location for 24 hours after receiving a postcard with a hidden Bluetooth tracker. The tracker, similar to an Apple AirTag but cheaper at $5, was mailed in, allowing spies to track the $585 million Navy ship without physical access. Dutch authorities discovered and disabled the tracker within a day, prompting a ban on electronic greeting cards due to security risks. This incident highlights the ongoing challenges of maintaining operational security in the face of new technologies that can inadvertently compromise military operations.

Tom's Hardware
US-sanctioned currency exchange says $15 million heist done by "unfriendly states"

US-sanctioned currency exchange says $15 million heist done by "unfriendly states"

Grinex, a US-sanctioned cryptocurrency exchange in Kyrgyzstan, announced a $15 million heist allegedly orchestrated by hackers linked to "unfriendly states." TRM researchers confirmed the theft, noting more drained addresses than initially reported by Grinex. The attack targeted Russian users, with Grinex attributing it to a coordinated effort to harm Russia's financial sovereignty. TokenSpot, another Kyrgyzstan-based exchange, was also breached, with both exchanges becoming inoperable on Wednesday. The US Treasury Department had previously sanctioned Grinex's predecessor, Garantex, for facilitating ransomware actors and cybercriminals.

Ars Technica
Microsoft's April patch puts Windows domain controllers into reboot loops — third known issue from KB5082063 is affecting Windows Server 2016 through 2025

Microsoft's April patch puts Windows domain controllers into reboot loops — third known issue from KB5082063 is affecting Windows Server 2016 through 2025

Microsoft's April security update, KB5082063, is causing Windows domain controllers to enter reboot loops due to crashes in the LSASS on non-Global Catalog domain controllers used in Privileged Access Management deployments. This issue affects Windows Server versions from 2016 to 2025. Microsoft has not released a patch yet but is directing affected administrators to Microsoft Support for Business for mitigation guidance. This is the third known issue with KB5082063, with reports of BitLocker recovery key prompts and failed installations on Windows Server 2025 systems. Admins are advised to delay the update, test it on a isolated domain controller, or seek mitigation steps from Microsoft Support.

Tom's Hardware
MIT Technology Review

The Download: cyberscammers’ banking bypasses, and carbon removal troubles

Cyberscammers are using illicit tools sold on Telegram to bypass banks' security measures, exploiting weaknesses in facial recognition scans to gain unauthorized access. Meanwhile, concerns arise about the future of carbon removal efforts as Microsoft pauses its purchases, impacting around 80% of contracted carbon removal. These developments highlight ongoing challenges in cybersecurity and environmental sustainability within the tech industry.

MIT Technology Review
Iran reportedly bought an in-orbit Chinese satellite to target US military sites in the Middle East — purchase agreement included ongoing ground control services based in China

Iran reportedly bought an in-orbit Chinese satellite to target US military sites in the Middle East — purchase agreement included ongoing ground control services based in China

Iran's Islamic Revolutionary Guards Corps reportedly purchased a Chinese Earth-observation satellite in 2024, allowing them to capture high-resolution satellite imagery for military purposes. The satellite was acquired from a Chinese commercial aerospace company and included access to ground control services based in China. Despite the satellite's civilian nature, it was used to target US military sites in the Middle East, showcasing the dual-use application of such technology. The involvement of Chinese companies with ties to the military-industrial complex raises concerns about the blurred lines between civilian and military applications in the tech industry. The distributed nature of the satellite's services makes it challenging for potential attackers to disable it, highlighting the complexities of international tech collaborations in sensitive geopolitical contexts.

Tom's Hardware
OpenAI Engineer Helps Companies Attract Buyers and Boost Sales

OpenAI Engineer Helps Companies Attract Buyers and Boost Sales

IEEE Senior Member Sarang Gupta, a data science staff member at OpenAI, is utilizing AI tools to help companies improve their marketing strategies, attract buyers, and increase sales. His work focuses on enhancing marketing teams' decision-making processes using generative AI technology like ChatGPT. Gupta's efforts demonstrate how AI can play a crucial role in boosting businesses' success by providing valuable insights and innovative solutions in the realm of consumer tech and cybersecurity.

IEEE Spectrum
Anthropic's Claude Mythos might be the best overall AI model for cybersecurity, but cheaper models can attain similar results, research shows — cross-examination of the frontier model raises questions on uptime and reliability

Anthropic's Claude Mythos might be the best overall AI model for cybersecurity, but cheaper models can attain similar results, research shows — cross-examination of the frontier model raises questions on uptime and reliability

Anthropic's Claude Mythos AI model, touted as a top cybersecurity tool, faces scrutiny as research suggests cheaper models can achieve similar results. While Mythos is positioned as a powerful tool for finding exploits, other AI models like GPT-OSS-120b and Kimi K2 can also detect vulnerabilities effectively. Despite Mythos being capable, its cost-effectiveness and uptime reliability are questioned, with concerns raised about its economic viability and operational performance compared to other models. Anthropic's efforts to secure Mythos' place in the cybersecurity industry through initiatives like Project Glasswing are met with challenges related to compute resources and uptime reliability.

Tom's Hardware
Rockstar hack exposes outrageous GTA 5 Shark Card spending from players

Rockstar hack exposes outrageous GTA 5 Shark Card spending from players

A hacking group released data revealing that Rockstar's GTA 5 generates an average of $8.5 million per week from GTA Online, with PS5 leading in revenue at 41%. The data, obtained through a hack, showed a player spending $1 million on Shark Cards in a single transaction. Rockstar confirmed the hack, which targeted a third-party service, and declined the $200,000 ransom demand. The breach also exposed that Shark Cards have brought in $5 billion for Rockstar over 10 years.

TweakTown
Iran's forced nationwide internet blackout becomes second-longest on record as it passes 1,000 hours offline — possessing Starlink terminals punishable by death, country using 'military-grade jamming' against service

Iran's forced nationwide internet blackout becomes second-longest on record as it passes 1,000 hours offline — possessing Starlink terminals punishable by death, country using 'military-grade jamming' against service

Iran's nationwide internet blackout has surpassed 1,000 hours, making it one of the longest on record. The blackout, which began on February 28, is being enforced with military-grade jamming and severe penalties for possessing Starlink terminals, including potential execution. Iran has also threatened attacks on infrastructure owned by major tech companies. The blackout is causing significant economic and social disruptions, with human rights organizations condemning it as a violation of fundamental rights. Despite some limited internet traffic, the blackout remains in effect, impacting access to essential information during military actions.

Tom's Hardware
Rockstar Games confirms it was hacked by malicious group — 'ShinyHunters' takes credit, gives until April 14 to pay ransom or it will release confidential data

Rockstar Games confirms it was hacked by malicious group — 'ShinyHunters' takes credit, gives until April 14 to pay ransom or it will release confidential data

Rockstar Games has confirmed being hacked by the group "ShinyHunters," who are demanding a ransom by April 14 to prevent the release of confidential data. The group exploited Anodot to access Rockstar's Snowflake instances, potentially compromising corporate data. While Rockstar claims the stolen information is non-material and won't impact players, the threat of data exposure remains. ShinyHunters' tactics involve targeting companies through API keys and third-party integrations, posing a broader cybersecurity risk to businesses beyond Rockstar. If the ransom isn't paid, the group plans to make the stolen data public, potentially revealing internal company information.

Tom's Hardware
HWMonitor and CPU-Z developer CPUID breached by unknown attackers — cyberattack forced users to download malware instead of valid apps for six hours

HWMonitor and CPU-Z developer CPUID breached by unknown attackers — cyberattack forced users to download malware instead of valid apps for six hours

Unknown attackers breached the website of CPUID, the developer of HWMonitor and CPU-Z, serving users infected files instead of legitimate ones for six hours. The malware aimed to steal browser credentials, particularly from Google Chrome. The breach was fixed, and CPUID's original files were not compromised. Supply chain attacks like this have become more common, with popular tech tools being targeted to distribute malware. Users who downloaded the infected files may have had their systems compromised.

Tom's Hardware
Anthropic's Claude Mythos isn't a sentient super-hacker, it's a sales pitch — claims of 'thousands' of severe zero-days rely on just 198 manual reviews

Anthropic's Claude Mythos isn't a sentient super-hacker, it's a sales pitch — claims of 'thousands' of severe zero-days rely on just 198 manual reviews

Anthropic's new AI model, Claude Mythos, is being touted for its bug-finding capabilities, claiming to have discovered thousands of vulnerabilities across major systems. However, closer inspection reveals that the severity of these vulnerabilities may be exaggerated, with some not being as critical as portrayed. Anthropic's emphasis on security concerns and the potential dangers of AI like Mythos may be more of a sales tactic rather than a genuine threat. While the AI model shows promise in identifying vulnerabilities, the actual impact on cybersecurity remains to be seen, and the company's focus on selling to major tech companies and governments raises questions about its true intentions.

Tom's Hardware
US cybersecurity agency issues an urgent alert as Iranian hackers attack critical infrastructure — CISA guidance warns organizations to immediately shield certain programmable logic controllers from the internet to thwart future attacks

US cybersecurity agency issues an urgent alert as Iranian hackers attack critical infrastructure — CISA guidance warns organizations to immediately shield certain programmable logic controllers from the internet to thwart future attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning organizations about Iranian hackers targeting critical American infrastructure, particularly programmable logic controllers used in water and energy companies. The guidance advises organizations to shield these controllers from direct internet exposure to prevent future attacks. The alert, following recent Iran-U.S. tensions, highlights the risk to critical infrastructure and recommends steps like auditing access logs and limiting public-facing internet access to vulnerable hardware. The threat is serious enough that multiple U.S. agencies are involved in warning organizations at risk, emphasizing the importance of securing systems against cyber threats from nations like Iran.

Tom's Hardware
Go maintainer joins collective klaxon about encryption-breaking quantum computers — developer urges immediate switch to post-quantum methods to prevent worldwide disaster

Go maintainer joins collective klaxon about encryption-breaking quantum computers — developer urges immediate switch to post-quantum methods to prevent worldwide disaster

Filippo Valsorda, the maintainer of the cryptography library in the Go language, is raising concerns about the potential threat of quantum computers breaking current encryption methods within three years. He emphasizes the need for an immediate switch to post-quantum cryptographic methods to prevent a global disaster. Valsorda highlights the urgency for the tech industry to transition swiftly to post-quantum solutions, stating that any non-post-quantum key exchange could be a security risk. The shift to post-quantum cryptography poses challenges due to increased bandwidth and latency, especially in areas like secure website connections, code signing, and blockchain technology. Valsorda warns that failing to adopt post-quantum encryption could lead to compromised security in various computing applications, including IoT devices and trusted execution environments like Intel's SGX and AMD SEV-SNP.

Tom's Hardware
10 petabytes of sensitive data stolen from China's National Supercomputing Center, hackers claim — daring heist would be largest ever China hack, covering 6,000 clients across science, defense, and beyond

10 petabytes of sensitive data stolen from China's National Supercomputing Center, hackers claim — daring heist would be largest ever China hack, covering 6,000 clients across science, defense, and beyond

A hacker group named FlamingChina claims to have stolen over 10 petabytes of sensitive data from China's National Supercomputing Center, affecting 6,000 clients in science, defense, and other sectors. The breach, if confirmed, would be the largest known hack in China, exposing research from entities like AVIC and COMAC. The stolen data includes classified files on weapons systems and simulation results, with access being sold for cryptocurrency. The attack, allegedly executed through a compromised VPN domain and botnet, highlights cybersecurity vulnerabilities in China's critical infrastructure and raises concerns about the potential misuse of the stolen technologies by foreign entities.

Tom's Hardware
The Download: water threats in Iran and AI’s impact on what entrepreneurs make

The Download: water threats in Iran and AI’s impact on what entrepreneurs make

Desalination plants in the Middle East, particularly in Iran, are at risk due to escalating conflicts, potentially impacting water supply in the region. On the other hand, AI is revolutionizing how small online sellers decide what products to make and where to manufacture them, streamlining the process significantly. Additionally, gig workers worldwide, like Zeus in Nigeria, are recording data to train humanoid robots, raising concerns about privacy and consent. Other tech news includes Anthropic's new cybersecurity model, Iranian hackers targeting American critical infrastructure, and Google's AI Overviews delivering millions of incorrect answers per hour despite a high accuracy rate.

MIT Technology Review
Thousands of consumer routers hacked by Russia's military

Thousands of consumer routers hacked by Russia's military

Russia's military has hacked thousands of consumer routers, primarily from MikroTik and TP-Link, in a widespread operation spanning 120 countries. The compromised routers were used by APT28, a threat group linked to Russia's GRU military intelligence agency, to harvest passwords and credential tokens for espionage campaigns. APT28, also known as Pawn Storm, Sofacy Group, and others, has a history of high-profile hacks targeting governments globally. The attackers exploited unpatched security vulnerabilities in older router models to change DNS settings and intercept connections to specific domains, including Microsoft's 365 service. The group's use of sophisticated techniques and willingness to revisit classic attack methods poses an ongoing risk to organizations worldwide.

Ars Technica
Anthropic's Claude Mythos AI has discovered thousands of vulnerabilities in every OS and browser

Anthropic's Claude Mythos AI has discovered thousands of vulnerabilities in every OS and browser

Anthropic's Claude Mythos AI, a powerful unreleased model, has identified thousands of high-severity vulnerabilities in major operating systems and browsers, surpassing human capabilities in finding and exploiting these flaws. The AI poses a significant cybersecurity threat, prompting concerns about potential misuse by malicious actors. While Claude Mythos won't be publicly released, it is being used in the Project Glasswing initiative to secure critical software, with partners like Amazon Web Services, Microsoft, and Google utilizing its capabilities. Anthropic plans to share its findings with the security industry, emphasizing the importance of responsible AI deployment and potential regulation to mitigate risks.

TweakTown
Anthropic's latest AI model identifies 'thousands of zero-day vulnerabilities' in 'every major operating system and every major web browser' — Claude Mythos Preview sparks race to fix critical bugs, some unpatched for decades

Anthropic's latest AI model identifies 'thousands of zero-day vulnerabilities' in 'every major operating system and every major web browser' — Claude Mythos Preview sparks race to fix critical bugs, some unpatched for decades

Anthropic's latest AI model, Claude Mythos Preview, has uncovered "thousands of zero-day vulnerabilities" in major operating systems and web browsers, sparking a rush to fix these critical bugs, some of which have remained unpatched for decades. The lab is collaborating with industry giants and government entities under "Project Glasswing" to proactively address these vulnerabilities before they can be exploited. Mythos' ability to identify and exploit vulnerabilities poses significant security risks, prompting responsible disclosure practices from Anthropic. While the model won't be widely available, the lab aims to prepare partners for a future where such advanced AI models become more common.

Tom's Hardware
GitHub user creates open-source Nvidia GeForce Now client alternative — removes tracking, telemetry, and AFK limitations

GitHub user creates open-source Nvidia GeForce Now client alternative — removes tracking, telemetry, and AFK limitations

A GitHub user has developed an open-source alternative to Nvidia GeForce Now called OpenNOW, which removes tracking, telemetry, and AFK limitations. This client allows gamers to connect to Nvidia's cloud gaming service with added features not available on the original client. OpenNOW supports Linux natively and can stream games up to 4K@240 FPS, offering smoother gameplay. While it lacks some features like flight controls and Discord integration, it provides more privacy and customization options for users who prefer more control over their data.

Tom's Hardware
Indianapolis politician's home shot at 13 times over data center dispute — police and FBI investigating 'isolated, targeted incident' after city councilor backed project

Indianapolis politician's home shot at 13 times over data center dispute — police and FBI investigating 'isolated, targeted incident' after city councilor backed project

Indianapolis City-County Council member Ron Gibson's home was shot at 13 times in an apparent dispute over a proposed data center project he supported. The assailant left a note expressing opposition to data centers, highlighting community concerns about negative impacts like increased electricity costs and water supply issues. Despite public opposition, the Metropolitan Development Commission approved the project's rezoning, pending City-County Council approval. This incident reflects growing tensions around data center developments, with some communities facing pressure from tech companies despite local resistance. The violent turn in this dispute underscores the need for respectful dialogue and non-violent advocacy in addressing such contentious issues.

Tom's Hardware
Iran threatens ‘complete and utter annihilation’ of OpenAI's $30B Stargate AI data center in Abu Dhabi — regime posts video with satellite imagery of ChatGPT-maker's premier 1GW data center

Iran threatens ‘complete and utter annihilation’ of OpenAI's $30B Stargate AI data center in Abu Dhabi — regime posts video with satellite imagery of ChatGPT-maker's premier 1GW data center

Iran's Islamic Revolutionary Guard Corps threatens to annihilate OpenAI's $30 billion Stargate AI data center in Abu Dhabi, with a video showing satellite imagery of the facility. The IRGC warns of retaliation against any damage to Iran's power infrastructure, specifically targeting U.S. and Israeli facilities. The video highlights the hidden nature of the data center and issues a direct threat against U.S. actions in Iran. Despite previous rocket strikes on Amazon AWS data centers, questions remain about Iran's capability to carry out such attacks on tech companies.

Tom's Hardware
LinkedIn is spying on you, according to a new 'BrowserGate' security report — scripts stealthily scan visitors' browsers for over 6,000 Chrome extensions and harvest hardware data

LinkedIn is spying on you, according to a new 'BrowserGate' security report — scripts stealthily scan visitors' browsers for over 6,000 Chrome extensions and harvest hardware data

LinkedIn has been accused of spying on users through a JavaScript script that scans visitors' browsers for over 6,000 Chrome extensions and collects hardware data like CPU core count and screen resolution. The script also gathers device telemetry such as time zone and battery status. Many of the targeted extensions are LinkedIn-related tools, including those from competitors like Apollo and ZoomInfo. LinkedIn claims the scanning is to detect extensions that violate its terms of service, but the data collected could potentially be used to identify individuals. This aggressive client-side fingerprinting technique is not unique to LinkedIn, as other platforms like eBay have been found to engage in similar practices.

Tom's Hardware

We use cookies

We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.