How Waymo Handles Footage From Events Like the LA Immigration Protests
Waymo declined to answer questions from WIRED about how many cameras are inside its vehicles, exactly how long footage is retained, and whether the company…
Month: June 2025
ConnectWise to Update Code Signing Certificates for ScreenConnect, Automate, and RMM
ConnectWise, a leading provider of remote management and cyber protection tools for managed service providers (MSPs), is set to implement a significant security update affecting…
23andMe raked by Congress on privacy, sale of genetic data
In a Senate hearing adequately titled “23 and You: The Privacy and National Security Implications of the 23andMe Bankruptcy,” 23andMe executives addressed concerns about the…
FIN6 Hackers Mimic as Job Seekers to Target Recruiters with Weaponized Resumes
A sophisticated cybercrime campaign has emerged where threat actors are exploiting the trust inherent in professional recruitment processes, transforming routine job applications into sophisticated malware…
Implementing Effective AI Guardrails: A Cybersecurity Framework
As organizations race to implement AI solutions, security leaders face the challenge of enabling progress while protecting sensitive data. Grand Canyon Education (GCE), which serves 22…
Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
More than 20,000 malicious IP addresses and domains used by information-stealing malware were taken down during an international cybercrime crackdown led by INTERPOL. Called Operation…
Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
Jun 11, 2025Ravie LakshmananRansomware / Cybercrime Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email…
How Amazon Web Services uses AI to be a security ‘force multiplier’
When Amazon Web Services deploys thousands of new digital sensors around the globe, it often runs into a ruthless truth of the internet: Within minutes,…
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed ‘EchoLeak’ is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a…
Understanding OWASP Top 10 – Mitigating Web Application Vulnerabilities
The OWASP Top 10 2021 represents the most critical web application security risks facing organizations today, with significant shifts reflecting the evolving threat landscape. Broken…
Scaling Smart: Federal Leaders Prioritize AI Security and Resilience
The biggest threat to artificial intelligence (AI) in government isn’t hype – it’s inertia. As Federal agencies explore opportunities to integrate AI into mission operations…
Insyde UEFI Application Vulnerability Enables Digital Certificate Injection Through NVRAM Variable
A critical vulnerability in Insyde H2O UEFI firmware (tracked as CVE-2025-XXXX) allows attackers to bypass Secure Boot protections by injecting malicious digital certificates via an…