
Trump Demands Microsoft Fire Global Affairs Chief Lisa Monaco Over Security Concerns
Trump urged Microsoft to fire Lisa Monaco, its head of global affairs, raising concerns over her revoked security clearance and history in DOJ investigations.
Trump urged Microsoft to fire Lisa Monaco, its head of global affairs, raising concerns over her revoked security clearance and history in DOJ investigations.
Google’s Project Zero team uncovered a method to bypass ASLR on Apple devices by exploiting NSDictionary’s JSON serialization behavior, potentially weakening memory protections.
Harrods informed loyalty program members of a data breach tied to a third-party provider. The luxury retailer is investigating and urging customer caution.
A sophisticated cyber campaign used DLL side‑loading to deliver a hybrid PlugX variant and the Bookworm backdoor to telecom and ASEAN networks, revealing renewed tactics by China‑linked threat actors.
A targeted malvertising campaign redirected users from Bing to a fake Teams download site, where a signed MSTeamsSetup.exe installed the Oyster backdoor — blocked just in time by Microsoft Defender ASR.
The new LAMEHUG malware uses AI models from Hugging Face to generate Windows commands dynamically. It spreads through phishing, disguises itself as AI apps, and steals system data, documents, and credentials while adapting to different environments.
A new XCSSET malware variant for macOS introduces a clipboard hijacker to steal cryptocurrency and expands to Firefox browser data theft. Security researchers warn developers to inspect Xcode projects and apply strong defenses against this evolving threat.
Australia’s eSafety Commissioner may classify GitHub as a social network and ban kids under 16 from using it. Officials argue GitHub’s social features resemble TikTok and Discord, but critics say the move could block young coders from learning and accessing open-source tools
CISA has confirmed hackers breached a U.S. federal agency by exploiting CVE-2024-36401, a critical flaw in GeoServer. Attackers used web shells, brute force, and lateral movement to persist in the network. CISA warns agencies to patch quickly and strengthen defenses.
The Rhysida ransomware gang claims to have breached Maryland’s Department of Transportation, leaking personal data and demanding a $3.3 million ransom. Officials confirmed data loss affecting Maryland Transit Administration systems but said core services remain operational.