Despite enabling safety filters, child accounts on TikTok have received explicit content suggestions via search. This investigation reveals algorithmic failures and urges stronger oversight for youth protection.
CometJacking abuses browser WebSockets to hijack user connections, turning them into proxy nodes with a single click. The exploit marks a new wave of malware-less attacks that rely on web technologies rather than traditional payloads.
Belgian chains such as Brico and Carrefour are increasingly playing AI-generated, royalty-free music in their stores to cut licensing costs. This shift could slash 25–28 % of public performance income for local artists, warn rights organizations. Here’s how the technology works, the risks it raises, and what defenses stakeholders must consider.
North Korea–linked hackers now embed JavaScript malware in blockchain smart contracts via EtherHiding. This stealthy method turns public blockchains into resilient drop zones. The multi-stage campaign includes JADESNOW and InvisibleFerret backdoors, demanding new defense strategies.
FvncBot is a new Android banking trojan capable of keylogging, screen streaming, overlays, and remote control — letting attackers steal credentials and hollow out bank accounts. This article breaks down how it works, why it matters, and how to defend against it.
The UN is set to convene a landmark global cybercrime treaty signing in Hanoi, aiming to enhance cross-border cooperation and streamline investigations into ransomware, phishing and online trafficking. While supporters hail the pact as overdue, human-rights advocates and tech firms warn the broad language and choice of host country raise serious concerns about surveillance and enforcement.
Ukraine’s CERT-UA has warned that CabinetRAT backdoor malware is being actively deployed in cyber espionage campaigns targeting government and critical networks.
The recently disclosed flaw in LANSCOPE Endpoint Manager (CVE-2025-61932) enables unauthenticated attackers to send malicious packets, execute arbitrary code and compromise systems. Organisations must patch affected versions, apply network controls and monitor for unusual traffic to avoid full network takeover.
Encrypted doesn’t mean invisible. Microsoft’s “Whisper Leak” shows a passive observer can classify AI chat topics by watching packet sizes and timing on streaming language models. Here’s how the side-channel works, who can exploit it, and which mitigations actually move the needle.
The Washington Post reports a staff data breach tied to an Oracle E-Business Suite zero-day. Nearly 10,000 employees and contractors receive notices as responders verify scope and guide credit protection.