Self-propagating malware poisons open source software and wipes Iran-based machines
In an email, Aikido researcher Charlie Eriksen said the canister was taken down Sunday night and is no longer available. “It wasn’t as reliable/untouchable as…
Category: ArsTechnica
After hackers hit an Iowa company, cars around the country failed to start
Driving after a DUI conviction can be a dicey experience. Many states require drivers, if they want to keep using their cars, to install ignition…
Widely used Trivy scanner compromised in ongoing supply-chain attack
Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences…
Google details new 24-hour process to sideload unverified Android apps
The actual legwork to activate this feature only takes a few seconds, but the 24-hour countdown makes it something you cannot do spur of the…
Hundreds of millions of iPhones can be hacked with a new tool found in the wild
Google declined to comment beyond the blog post it released about its DarkSword findings. WIRED also reached out to PARS Defense via its X account…
World ID wants you to put a cryptographically unique human identity behind your AI agents
Over the last few months, tools like OpenClaw have shown what tech-savvy AI users can do by setting a virtual cadre of automated agents on…
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Researchers are warning about the risks posed by a low-cost device that can give insiders and hackers unusually broad powers in compromising networks. The devices,…
14,000 routers are infected by malware that’s highly resistant to takedowns
Researchers say they have uncovered a takedown-resistant botnet of 14,000 routers and other network devices—primarily made by Asus—that have been conscripted into a proxy network…
The who, what, and why of the attack that has shut down Stryker’s Windows network
What else is known about Handala Hack? The group has existed since at least 2023. It takes its name from a character in the political…
Supply-chain attack using invisible code hits GitHub and other repositories
The invisible code is rendered with Public Use Areas (sometimes called Public Use Access), which are ranges in the Unicode specification for special characters reserved…
Overrun with AI slop, cURL scraps bug bounties to ensure “intact mental health”
The project developer for one of the Internet’s most popular networking tools is scrapping its vulnerability reward program after being overrun by a spike in…
Wiper malware targeted Poland energy grid, but failed to knock out electricity
Researchers on Friday said that Poland’s electric grid was targeted by wiper malware, likely unleashed by Russia state hackers in an attempt to disrupt electricity…