Encrypted doesn’t mean invisible. Microsoft’s “Whisper Leak” shows a passive observer can classify AI chat topics by watching packet sizes and timing on streaming language models. Here’s how the side-channel works, who can exploit it, and which mitigations actually move the needle.
GlassWorm is the first known self-propagating worm targeting developer environments by infecting VS Code extensions with hidden Unicode payloads. Once installed, it steals credentials from NPM, GitHub and Git, and upgrades machines into proxy nodes and part of a distributed criminal infrastructure. It uses a blockchain-based command and control mechanism and auto-updates to spread across the developer ecosystem. In this article, we dissect how GlassWorm works, what makes it a paradigm shift in supply-chain attacks, and what organisations must do to detect and contain it before their dev workstations become weaponised.
Researchers now track a widespread compromise of SonicWall SSL VPN accounts. Because attackers authenticate with valid credentials, defenders face rapid lateral movement and limited warning windows. Therefore, teams must review access logs, reissue secrets, and re-establish trust at the remote edge.
A U.S. court ordered Israeli spyware maker NSO Group to halt operations targeting WhatsApp and reduced damages in Meta’s lawsuit. The decision reinforces accountability for private surveillance firms accused of breaching digital privacy.
The UK is investigating whether Yutong electric buses can be remotely deactivated. Norway’s Faraday-cage tests and Denmark’s review raised alarms about SIM-enabled diagnostics and OTA updates. Operators should lock down telematics, broker OTA, and drill outage response now.
API rate limiting protects capacity and user experience. This guide shows how to ship it correctly on NGINX: define limit_req zones, tune burst/nodelay, add per-IP and per-token limits, return proper 429s with Retry-After, and combine limit_conn for connection abuse. You’ll get production-ready snippets and a safe rollout plan.
Australia’s eSafety Commissioner may classify GitHub as a social network and ban kids under 16 from using it. Officials argue GitHub’s social features resemble TikTok and Discord, but critics say the move could block young coders from learning and accessing open-source tools
Europol has shut down a cross-border SIM-farm network used to automate smishing and VoIP fraud, seizing equipment, servers, and arresting dozens of operators.
A critical vulnerability in the Service Finder Bookings plugin bundled with the Service Finder WordPress theme allows unauthenticated attackers to log in as administrators. The flaw, tracked as CVE-2025-5947, is actively exploited in the wild with a CVSS 9.8 rating. Users must patch immediately to prevent takeovers.
Researchers documented CVSS 8.9 command injection in three official Claude Desktop extensions Chrome, iMessage, and Apple Notes. Because those connectors built AppleScript commands with unescaped user input, prompt injection could pivot from web content to local shell execution on macOS. Anthropic patched the issues. This analysis explains the exploit chain, the fixes, and the validation steps security teams should run to keep MCP servers safe.