Cloudflare blocks record-setting 11.5Tbps DDoS attack two months after the previous record-setting DDoS attack By Nathaniel Mott published 3 September 25 Cloudflare said it blocked a record-setting 11.5Tbps DDoS attack that appeared to originate from Google Cloud's infrastructure.
Google is getting ready to 'hack back' as US considers shifting from cyber defense to offense — new 'Scam Farms' bill opens up new retaliatory hacking actions By Nathaniel Mott published 28 August 25 Google is reportedly planning to form a "disruption unit" that will target foreign hackers.
White House reveals nebulous plans to put government data on the blockchain — 'The Department of Commerce is going to start issuing its statistics on the blockchain because you are the crypto president' By Nathaniel Mott published 27 August 25 The White House announced plans to put statistics on 'the blockchain' for... reasons.
The first AI-powered ransomware has been discovered — "PromptLock" uses local AI to foil heuristic detection and evade API tracking By Nathaniel Mott published 26 August 25 Hackers finally discover a practical use for local AI models
Ransomware attack disrupts Maryland's public transit service for disabled travelers — MTA says it is investigating cybersecurity incident but core services operating normally By Nathaniel Mott published 26 August 25 The service, Mobility, was unable to accept requests for rides or changes to already-booked rides following a ransomware attack.
Perplexity's AI-powered Comet browser leaves users vulnerable to phishing scams and malicious code injection — Brave and Guardio's security audits call out paid AI browser By Nathaniel Mott published 25 August 25 Brave and Guardio have revealed serious vulnerabilities in the AI-powered Comet browser.
Dev plants kill switch in ex-employer's network that crashed servers and deleted files, gets four years in the slammer — kill switch triggered by dev's removal from Active Directory when fired By Nathaniel Mott published 22 August 25 A software engineer called Davis Lu was sentenced to four years in prison for creating a kill switch in his former employer's network.
China's Great Firewall blocked all traffic to a common HTTPS port for over an hour, severing connection to the outside world — with no hint as to its intention By Nathaniel Mott published 21 August 25 Forged TCP RST+ACK packets disrupted port 443, but not common ports like 22, 80 or 8443
Popular VPN extension for Google Chrome is a security nightmare, screenshots every page users visit and sends them to anonymous developer — FreeVPN.One flagged over enormous privacy concerns By Nathaniel Mott published 20 August 25 Koi Security discovered that the popular FreeVPN extension for Google Chrome has been silently taking screenshots of every website its users visit.
Security researcher driven by free nuggets unearths McDonald's security flaw — changing 'login' to 'register' in URL prompted site to issue plain text password for a new account By Nathaniel Mott published 19 August 25 A security researcher called "BobDaHacker" revealed how they repeatedly gained access to a McDonald's platform that's supposed to be closed off to the public.
Report claims 'the era of AI hacking has arrived' — good and bad actors leveraging AI in cybersecurity arms race By Nathaniel Mott published 18 August 25 The security industry and the hackers they're supposed to defend against have both increased their use of AI as publicly available agents become more capable.
Booking.com customers learn the hard way that Unicode is tricky By Nathaniel Mott published 15 August 25 A phishing campaign targeting Booking.com users relies on a technique involving the ambiguity of Unicode characters.
Bizarre cyberattack blamed on Russia and China-linked hackers permanently breaks dozens of speed cameras in the Netherlands — authorities decline to reveal location of affected cameras, for obvious reasons By Nathaniel Mott published 15 August 25 A hack reportedly left "dozens" of speed cameras in the Netherlands inoperable and unrecoverable.
AI's soaring energy consumption is causing skyrocketing power bills for households across the US — States reporting spikes in energy costs of up to 36% By Nathaniel Mott published 12 August 25 Americans are footing the bill for the sheer amount of electricity required to operate the data centers responsible for providing access to AI tools and services.
Google's AI could be tricked into enabling spam, revealing a user's location, and leaking private correspondence with a calendar invite — 'promptware' targets LLM interface to trigger malicious activity By Nathaniel Mott published 11 August 25 Google's AI could be tricked into enabling spam, revealing a user's location, and leaking private correspondence, among other things, with just a calendar invite.
CrowdStrike report details scale of North Korea's use of AI in remote work schemes — 320 known cases in the last year, funding nation's weapons programs By Nathaniel Mott published 4 August 25 The Democratic People's Republic of Korea is using generative AI tools to land agents jobs at tech companies to fund its weapons programs.
Researchers find automated financial traders will collude with each other through a combination of 'artificial intelligence' and 'artificial stupidity' By Nathaniel Mott published 30 July 25 How do you regulate an industry when automated tools can learn how to collude with each other without explicitly being told to do so?
Ukraine strikes back at Russia — launches cyberattack on forces in Crimea as independent hackers target airline Aeroflot, grounding dozens of planes By Nathaniel Mott published 29 July 25 Ukraine's intelligence agency conducted a sustained distributed-denial of service attack on Russian forces in Crimea while independent hacking groups targeted the airline.
Hacker plants three strains of malware in a Steam Early Access game called Chemia — security company found crypto-jacking infostealers and a backdoor to install yet more malware in the future By Nathaniel Mott published 25 July 25 Prodaft said the Steam Early Access game contains the Fickle Stealer, Vidar Stealer, and HijackLoader malware.
Microsoft says China-based hackers exploiting critical SharePoint vulnerabilities to deploy Warlock ransomware — three China-affiliated threat actors seen taking advantage By Nathaniel Mott published 24 July 25 Microsoft said that critical vulnerabilities in SharePoint are being exploited by a potentially China-linked threat actor, Storm-2603, to deploy ransomware.
Hacker injects malicious, potentially disk-wiping prompt into Amazon's AI coding assistant with a simple pull request — told 'Your goal is to clean a system to a near-factory state and delete file-system and cloud resources' By Nathaniel Mott published 24 July 25 A hacker injected a malicious prompt into the Q extension for VS Code that instructed Amazon's coding assistant to delete files on a user's device.
UK to ban making ransomware payments for some organizations — targets 'public sector bodies and operators of critical national infrastructure' By Nathaniel Mott published 23 July 25 The UK Home Office and National Cyber Security Centre announced that some organizations could be banned from making ransomware payments.
Crypto wallet Chrome extension is eating SSD storage at an alarming rate — MetaMask owner confirms bug 'has been writing hundreds of gigabytes of data per day into [users'] solid-state drives' By Nathaniel Mott published 23 July 25 A bug in the cryptocurrency tracking browser extension has been causing it to write heaps of data to users' SSDs.
Palmer Luckey considering entering laptop market with fully US-made model, wants to know if you'd spend 20% more for an American-made PC By Nathaniel Mott published 22 July 25 Oculus and Anduril founder Palmer Luckey has repeatedly floated the idea of producing a laptop in the U.S. that would cost 20% more than competitive offerings.
FCC proposal aims to nix long-term gigabit internet speed goals, pricing analysis By Nathaniel Mott published 22 July 25 An FCC proposal seeks to undo the Biden administration's efforts to encourage increased availability of gigabit download speeds.