Security

GitHub abused to distribute payloads on behalf of malware-as-a-service

The repository offered the MaaS a distribution channel not blocked in many networks.

Dan Goodin – 7/17/2025 | 2

Google finds custom backdoor being installed on SonicWall network devices

Overstep backdoor nukes key log entries, making detection hard.

Dan Goodin – 7/16/2025 | 25

Hackers exploit a blind spot by hiding malware inside DNS records

Technique transforms the Internet DNS into an unconventional file storage system.

Dan Goodin – 7/16/2025 | 66

Nvidia chips become the first GPUs to fall to Rowhammer bit-flip attacks

GPUhammer is the first to flip bits in onboard GPU memory. It likely won't be the last.

Dan Goodin – 7/14/2025 | 52

New Windows 11 build adds self-healing “quick machine recovery” feature

New recovery mode lets Microsoft fix "widespread boot issues" affecting PCs.

Andrew Cunningham – 7/11/2025 | 70

A judge's gavel with scales in the background.

Pro basketball player and 4 youths arrested in connection to ransomware crimes

Suspects were allegedly involved in a string of ransomware breaches.

Dan Goodin – 7/10/2025 | 19

Browser extensions turn nearly 1 million browsers into website-scraping bots

Extensions load unknown sites into invisible Windows. What could go wrong?

Dan Goodin – 7/9/2025 | 57

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

Exploits allow hackers to bypass 2FA and commandeer vulnerable devices.

Dan Goodin – 7/9/2025 | 37

Unless users take action, Android will let Gemini access third-party apps

Important changes to Android devices took effect starting Monday.

Dan Goodin – 7/7/2025 | 217

Cyberattack, conceptual illustration with a skull and crossbones with red eyes.

“No honor among thieves”: M&S hacking group starts turf war

A clash between criminal ransomware groups could result in victims being extorted twice.

Financial Times – 7/7/2025 | 29

Digital illustration of an eye as an abstract representation Internet surveillance.

Provider of covert surveillance app spills passwords for 62,000 users

Creators say app is intended for parental monitoring. So why the emphasis on stealth?

Dan Goodin – 7/3/2025 | 83

AT&T rolls out Wireless Account Lock protection to curb the SIM-swap scourge

Move is aimed at curbing a form of abuse that costs subscribers dearly.

Dan Goodin – 7/2/2025 | 61

US critical infrastructure exposed as feds warn of possible attacks from Iran

Agencies warn that some US targets may be needlessly exposed.

Dan Goodin – 7/1/2025 | 75

Drug cartel hacked FBI official’s phone to track and kill informants, report says

Official was connected to FBI probe of cartel kingpin Joaquín “El Chapo” Guzmán.

Dan Goodin – 6/30/2025 | 53

Microsoft changes Windows in attempt to prevent next CrowdStrike-style catastrophe

AV vendors have worried that this could advantage Microsoft's security software.

Andrew Cunningham – 6/27/2025 | 82

Actively exploited vulnerability gives extraordinary control over server fleets

AMI MegaRAC used in servers from AMD, ARM, Fujitsu, Gigabyte, and Qualcomm.

Dan Goodin – 6/26/2025 | 46

Digital generated image of young japanese woman standing inside multicoloured data sheets and social media chat icons organised into circular pattern around her against purple background.

Ubuntu disables Intel GPU security mitigations, promises 20% performance boost

Overtime defenses for Spectre-based attacks have taken their toll.

Dan Goodin – 6/25/2025 | 31

A motherboard has been photoshopped to include a Chinese flag.

Canadian telecom hacked by suspected China state group

Maximum-security Cisco vulnerability was patched Oct. 2023 and exploited Feb. 2025.

Dan Goodin – 6/23/2025 | 53

Record DDoS pummels site with once-unimaginable 7.3Tbps of junk traffic

Attacker rained down the equivalent of 9,300 full-length HD movies in just 45 seconds.

Dan Goodin – 6/20/2025 | 128

Israel-tied Predatory Sparrow hackers are waging cyberwar on Iran’s financial system

The hacker group has destroyed more than $90 million held at an Iranian crypto exchange.

WIRED – 6/19/2025 | 190

Address bar shows hp.com. Browser displays scammers’ malicious text anyway.

Microsoft, Apple, Bank of America, and many more sites all targeted.

Dan Goodin – 6/18/2025 | 119

The White House seen in the early evening.

Cybersecurity takes a big hit in new Trump executive order

Provisions on secure software, quantum–resistant crypto, and more are scrapped.

Dan Goodin – 6/17/2025 | 98

Vandals cut fiber-optic lines, causing outage for Spectrum Internet subscribers

The soaring price of copper makes networks tempting targets for thieves.

Dan Goodin – 6/16/2025 | 105

Woman using her phone with the digital display message enter your PASSKEY. Sign in page, modern technology, passwordless login method.

Coming to Apple OSes: A seamless, secure way to import and export passkeys

Apple OSes will soon transfer passkeys seamlessly and securely across platforms.

Dan Goodin – 6/12/2025 | 85

Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.

The publicly available exploits provide a near-universal way to bypass key protections.

Dan Goodin – 6/10/2025 | 41

cybercrime illustration

Cybercriminals turn to “residential proxy” services to hide malicious traffic

"You cannot technically distinguish which traffic in a node is bad and which traffic is good."

WIRED – 6/8/2025 | 49

Millions of low-cost Android devices turn home networks into crime platforms

BadBox malware has been menacing low-cost Android devices for nearly a decade.

Dan Goodin – 6/6/2025 | 40

The HTTPS concept with highlighted glowing S. HyperText Transfer Protocol Secure. Increasing the security of encryption. The concept of safe surfing on the net. 3D render.

Two certificate authorities booted from the good graces of Chrome

Chunghwa Telecom and Netlock customers must look elsewhere for new certificates.

Dan Goodin – 6/4/2025 | 85

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers

Abuse allows Meta and Yandex to attach persistent identifiers to detailed browsing histories.

Dan Goodin – 6/3/2025 | 185

Silhouette of a man against a dimly lit backtround

Ransomware kingpin “Stern” apparently IDed by German law enforcement

BSA names Vitaly Nikolaevich Kovalev is "Stern," the leader of Trickbot.

WIRED – 5/31/2025 | 33

Photo showing video surveillance

Spy-catcher saw “stupid” tech errors others made. FBI says he then made his own.

The wrong way to get out of Trump's America.

Nate Anderson – 5/30/2025 | 183

Thousands of Asus routers are being hit with stealthy, persistent backdoors

Backdoor giving full administrative control can survive reboots and firmware updates.

Dan Goodin – 5/28/2025 | 112

Feds charge 16 Russians allegedly tied to botnets used in cyberattacks and spying

An example of how a single malware operation can enable both criminal and state-sponsored hacking.

WIRED – 5/23/2025 | 50

Researchers cause GitLab AI developer assistant to turn safe code malicious

AI assistants can't be trusted to produce safe code.

Dan Goodin – 5/23/2025 | 60

Destructive malware available in NPM repo went unnoticed for 2 years

Payloads were set to spontaneously detonate on specific dates with no warning.

Dan Goodin – 5/22/2025 | 44

A cartoonish padlock has been photoshopped onto glowing computer chips.

Authorities carry out global takedown of infostealer used by cybercriminals

Authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma.

WIRED – 5/22/2025 | 7