Latest
- North Korea Uses ClickFix to Target macOS Users' Data
Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs.
- Ad firms settle with Trump FTC over claims they boycotted conservative media
FTC aims to stamp out brand-safety standards that hurt Breitbart and Musk's X.
- Ad firms settle with Trump FTC over claims they boycotted conservative media
FTC aims to stamp out brand-safety standards that hurt Breitbart and Musk's X.
- 'Harmless' Global Adware Transforms Into an AV Killer
A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender.
- 'Harmless' Global Adware Transforms Into an AV Killer
A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender.
- Europe’s Online Age Verification App Is Here
Available for free to any company that wants to use it, the “completely anonymous” app puts the pressure on porn sites and social media platforms to start blocking access by minors.
- Europe’s Online Age Verification App Is Here
Available for free to any company that wants to use it, the “completely anonymous” app puts the pressure on porn sites and social media platforms to start blocking access by minors.
- New Codex features include the ability to use your computer in the background
An in-app browser allows visual feedback while building websites and more.
- New Codex features include the ability to use your computer in the background
An in-app browser allows visual feedback while building websites and more.
- The Online Fiction Boom Reimagining China’s History
Chinese fantasy novels reimagine the past with modern tech and ideology. A new book argues they also help reinforce authoritarian politics.
- The Online Fiction Boom Reimagining China’s History
Chinese fantasy novels reimagine the past with modern tech and ideology. A new book argues they also help reinforce authoritarian politics.
- Musk v. Altman Is a Battle for OpenAI’s Soul
In Musk v. Altman, a jury will soon determine whether OpenAI has strayed from its founding mission to ensure AGI benefits humanity. Here’s what to know.
- Musk v. Altman Is a Battle for OpenAI’s Soul
In Musk v. Altman, a jury will soon determine whether OpenAI has strayed from its founding mission to ensure AGI benefits humanity. Here’s what to know.
- Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to t…
- Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections," Cisco Talos
- The UK Launches Its $675 Million Sovereign AI Fund
In a bid to minimize dependence on technology from other countries, the UK government is plowing resources into homegrown AI startups.
- The UK Launches Its $675 Million Sovereign AI Fund
In a bid to minimize dependence on technology from other countries, the UK government is plowing resources into homegrown AI startups.
- Google's AI Mode Update Tries to Kill Tab Hopping in Chrome
Google latest update to AI Mode in its Chrome browser is designed to keep the chatbot-style search tool always around once you start an online search journey.
- Google's AI Mode Update Tries to Kill Tab Hopping in Chrome
Google latest update to AI Mode in its Chrome browser is designed to keep the chatbot-style search tool always around once you start an online search journey.
- Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. [...]
- Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. [...]
- Two-Factor Authentication Breaks Free from the Desktop
Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world.
- Two-Factor Authentication Breaks Free from the Desktop
Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world.
- Microsoft's Original Windows Secure Boot Certificate Is Expiring
The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon.
- Microsoft's Original Windows Secure Boot Certificate Is Expiring
The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon.
- Anthropic Plots Major London Expansion
As tensions with the US government mount, Anthropic has leased a new office with enough space to quadruple its 200-person head count in London.
- Anthropic Plots Major London Expansion
As tensions with the US government mount, Anthropic has leased a new office with enough space to quadruple its 200-person head count in London.
- ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people'…
- ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and enough supply chain drama to fill a season of television nobody asked for. Not
- Congress Turns Up Pressure on DHS Over Palantir’s Role in Immigration Crackdown
Democrats are demanding answers about Palantir and other surveillance firms powering Trump’s hard-line immigration enforcement agenda.
- Congress Turns Up Pressure on DHS Over Palantir’s Role in Immigration Crackdown
Democrats are demanding answers about Palantir and other surveillance firms powering Trump’s hard-line immigration enforcement agenda.
- Open dataset: 100k+ multimodal prompt injection samples with per-category academic sourcing
<!-- SC_OFF --><div class="md"><p>I submitted an earlier version of this dataset and was declined on the basis of missing methodology and unverifiable provenance. The feedback was fair. The documentation has since been rewritten to address it directly, and I would very much appreciate a seco…
- Open dataset: 100k+ multimodal prompt injection samples with per-category academic sourcing
I submitted an earlier version of this dataset and was declined on the basis of missing methodology and unverifiable provenance. The feedback was fair. The documentation has since been rewritten to address it directly, and I would very much appreciate a second look. What the dataset contains 101,032 samples in total, balanced 1:1 attack to benign. Attack samples (50,516) across 27 categories sourced from over 55 published papers and disclosed vulnerabilities. Coverage spans: Classical injection …
- The 10 Best MagSafe Phone Grips for Your Butter Fingers (2026)
Keep your phone firmly in hand and add some personality with these comfortable, durable, and nifty smartphone grips.
- The 10 Best MagSafe Phone Grips for Your Butter Fingers (2026)
Keep your phone firmly in hand and add some personality with these comfortable, durable, and nifty smartphone grips.
- AVEVA Pipeline Simulation
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training&…
- CISA Adds One Known Exploited Vulnerability to Catalog
<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catal…
- Horner Automation Cscape and XL4, XL7 PLC
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and service…
- Delta Electronics ASDA-Soft
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.</strong></p> &l…
- Anviz Multiple Products
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive&#…
- Smart Plug Guide (2026): When You Should and Shouldn’t Use One
Smart plugs can add controls to any outlet, but they aren’t perfect for everything. Here’s our guide to using one and which ones to buy.
- AVEVA Pipeline Simulation
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. The following versions of AVEVA Pipeline Simulation are affected: Pipeline Simulation <=2025_SP1_build_7.1.9497.6351 CVSS Vendor Equipment Vulnerabilities v3 9.1 AVEVA AVEVA Pipeline Simulation Missing Authorization Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide…
- CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-34197 Apache ActiveMQ Improper Input Validation Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of kno…
- Horner Automation Cscape and XL4, XL7 PLC
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. The following versions of Horner Automation Cscape and XL4, XL7 PLC are affected: Cscape v10.0 XL7 PLC v15.60 XL4 PLC v16.32.0 CVSS Vendor Equipment Vulnerabilities v3 9.1 Horner Automation Horner Automation Cscape and XL4, XL7 PLC Weak Password Requirements Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwi…
- Delta Electronics ASDA-Soft
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. The following versions of Delta Electronics ASDA-Soft are affected: ASDA-Soft <=V7.2.2.0 CVSS Vendor Equipment Vulnerabilities v3 7.8 Delta Electronics Delta Electronics ASDA-Soft Stack-based Buffer Overflow Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Taiwan Vulnerabilities Expand All + CVE-202…
- Anviz Multiple Products
View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or communications, and ultimately obtain full control over affected devices. The following versions of Anviz Multiple Products are affected: CX2 Lite Firmware vers:all/* (CVE-2026-32648, CVE-2026-40461, CVE-2026-35682,…
- Smart Plug Guide (2026): When You Should and Shouldn’t Use One
Smart plugs can add controls to any outlet, but they aren’t perfect for everything. Here’s our guide to using one and which ones to buy.
- LG Sound Suite Review: Big Sound for Larger Rooms
The Dolby Atmos soundbar setup rivals the best from Samsung and Sonos.
- LG Sound Suite Review: Big Sound for Larger Rooms
The Dolby Atmos soundbar setup rivals the best from Samsung and Sonos.
- Best MacBook Accessories (2026): Chargers, Covers, Keyboards, and More
From charging adapters to external monitors, I’ve gathered the absolute best peripherals for your MacBook.