Nathaniel Mott

JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.

Scattered Lapsus$ Hunters is claiming responsibility for a cyberattack that has completely disrupted Jaguar Land Rover's production.

ESET's discovery of the first AI-powered ransomware turned out to be an NYU research project.

The U.S. Department of State offered a $10 million bounty via the Rewards for Justice program for information related to a trio of Russian hackers.

North Korea is reportedly posting fake jobs in the cryptocurrency sector as part of a bid to steal applicants' crypto assets.

Cloudflare said it blocked a record-setting 11.5Tbps DDoS attack that appeared to originate from Google Cloud's infrastructure.

Google is reportedly planning to form a "disruption unit" that will target foreign hackers.

The White House announced plans to put statistics on 'the blockchain' for... reasons.

Hackers finally discover a practical use for local AI models

The service, Mobility, was unable to accept requests for rides or changes to already-booked rides following a ransomware attack.

Brave and Guardio have revealed serious vulnerabilities in the AI-powered Comet browser.

A software engineer called Davis Lu was sentenced to four years in prison for creating a kill switch in his former employer's network.

Forged TCP RST+ACK packets disrupted port 443, but not common ports like 22, 80 or 8443

Koi Security discovered that the popular FreeVPN extension for Google Chrome has been silently taking screenshots of every website its users visit.

A security researcher called "BobDaHacker" revealed how they repeatedly gained access to a McDonald's platform that's supposed to be closed off to the public.

The security industry and the hackers they're supposed to defend against have both increased their use of AI as publicly available agents become more capable.

A phishing campaign targeting Booking.com users relies on a technique involving the ambiguity of Unicode characters.

A hack reportedly left "dozens" of speed cameras in the Netherlands inoperable and unrecoverable.

Americans are footing the bill for the sheer amount of electricity required to operate the data centers responsible for providing access to AI tools and services.

Google's AI could be tricked into enabling spam, revealing a user's location, and leaking private correspondence, among other things, with just a calendar invite.

The Democratic People's Republic of Korea is using generative AI tools to land agents jobs at tech companies to fund its weapons programs.

How do you regulate an industry when automated tools can learn how to collude with each other without explicitly being told to do so?

Ukraine's intelligence agency conducted a sustained distributed-denial of service attack on Russian forces in Crimea while independent hacking groups targeted the airline.

Prodaft said the Steam Early Access game contains the Fickle Stealer, Vidar Stealer, and HijackLoader malware.

Microsoft said that critical vulnerabilities in SharePoint are being exploited by a potentially China-linked threat actor, Storm-2603, to deploy ransomware.