Sinisa Markovic
Using Reddit to manipulate AI search results is surprisingly easy
A Reddit comment that takes only a few seconds to write can end up influencing the answers generated by AI research tools. A Cornell Tech study found that a short snippet of …
Two Scattered Spider hackers plead guilty over Transport for London cyberattack
Two members of the notorious hacker group Scattered Spider have pleaded guilty to charges related to a 2024 cyberattack on Transport for London (TfL) that resulted in £29 …
Phishing hides in routine Microsoft 365 workflows
Attackers are abusing Outlook Groups and Microsoft 365 collaboration features to make phishing campaigns appear routine, according to Fortra. “The technique shifts …
Free, no-signup World Cup streams serve scams instead of football
Researchers at Malwarebytes identified dozens of websites claiming to offer free access to FIFA World Cup matches. Instead of streaming games, the sites directed visitors …
Hundreds of AI-powered iOS apps found exposing credentials
Mobile app developers are packing AI features into everything from writing assistants to productivity tools and lifestyle apps. New research shows that securing access to …
Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware
A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and …
Malware attacks strip Roblox developers of entire games
Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games …
AWS Continuum brings AI models to code vulnerability management
AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It …
Another healthcare firm attacked days after Novo Nordisk breach
Medical technology company iRhythm Holdings disclosed a cyberattack involving certain third-party-hosted business applications that resulted in the theft of patient protected …
Rokarolla Android trojan targets banking and crypto users, enables device takeover
A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to …
Apple is bringing Hide My Email and Sign in with Apple under one domain
Apple will unify the email domains used by Sign in with Apple and iCloud+ Hide My Email under a shared domain, private.icloud.com, later this summer. Hide My Email is a …
Cybercriminals mask malicious communications through Microsoft Teams relays
The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion …
Featured news
Resources
Don't miss
- What the Fortibleed campaign means for organizations running FortiGate firewalls
- A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security
- Residential proxy SDKs are hiding in LG and Samsung smart TV apps
- 23 ClawHub plugins squatting official scopes expose AI registry security gaps
- Who pays when you gate cyber-capable AI models?