Open source package with 1 million monthly downloads stole user credentials
The developers are urging all developers who installed version 0.23.3 to take the following steps immediately: 1. Check your installed version: pip show elementary-data |…
Category: ArsTechnica
Why are top university websites serving porn? It comes down to shoddy housekeeping.
With that, they have now hijacked that university’s subdomain. Given the reputations universities have, search queries then flow to the top of Google’s results. Shakhov…
In a first, a ransomware family is confirmed to be quantum-safe
There is no practical benefit for Kyber developers to have chosen a PQC key-exchange algorithm. The Kyber ransom note gives victims one week to respond.…
Microsoft issues emergency update for macOS and Linux ASP.NET threat
Microsoft released an emergency patch for its ASP.NET Core to fix a high-severity vulnerability that allows unauthenticated attackers to gain SYSTEM privileges on devices that…
Crypto scam lures ships into Strait of Hormuz, falsely promising safe passage
Crypto scammers are targeting the thousands of ships stranded near the Strait of Hormuz—and at least one ship that faced Iranian gunfire may have been…
Mozilla: Anthropic’s Mythos found 271 security vulnerabilities in Firefox 150
By identifying bugs so efficiently, Holley writes that AI tools like Mythos tilt the cybersecurity balance toward defenders, who benefit when discovering vulnerabilities becomes cheaper…
Contrary to popular superstition, AES 128 is just fine in a post-quantum world
On Monday Valsorda finally channelled years’ worth of frustration fueled by the widely held misunderstanding into a blog post titled Quantum Computers Are Not a…
US-sanctioned currency exchange says $15 million heist done by “unfriendly states”
Grinex, a US-sanctioned cryptocurrency exchange registered in Kyrgyzstan, said it’s halting operations after experiencing a $13 million heist carried out by “western special services” hackers.…
Recent advances push Big Tech closer to the Q-Day danger zone
Sometime around 2010, sophisticated malware known as Flame hijacked the mechanism that Microsoft used to distribute updates to millions of Windows computers around the world.…
“TotalRecall Reloaded” tool finds a side entrance to Windows 11’s Recall database
The problem, as detailed by Hagenah on the TotalRecall GitHub page, isn’t with the security around the Recall database, which he calls “rock solid.” The…
UK gov’s Mythos AI tests help separate cybersecurity threat from hype
Here, Mythos outshone all previous models, becoming “the first model to solve TLO from start to finish,” AISI said. While Anthropic’s new model only succeeded…
Iran-linked hackers disrupt operations at US critical infrastructure sites
Hackers working on behalf of the Iranian government are disrupting operations at multiple US critical infrastructure sites, likely in response to the country’s ongoing war…