Backdoor in Notepad++
Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users. Notepad++ said…
Security
US Declassifies Information on JUMPSEAT Spy Satellites
The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I’m…
Fancy Bear: Russia-Linked APT Exploits Microsoft Office Zero-Day
Executive Summary A targeted cyber-espionage campaign conducted by the Russia-linked advanced persistent threat (APT) group Fancy Bear (APT28) has been…
Weekly Update 489
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
Microsoft is Giving the FBI BitLocker Keys
Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year. It’s…
AI Coding Assistants Secretly Copying All Code to China
There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy…
Juice Jacking Continues to Be a Cyber Problem in South Africa
“Juice jacking” may be a new term for some, but it has been around as a method of cyber attack…
Friday Squid Blogging: New Squid Species Discovered
A new species of squid. pretends to be a plant: Scientists have filmed a never-before-seen species of deep-sea squid burying…
AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities
From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed…
Why API Security Is No Longer an AppSec Problem – And What Security Leaders Must Do Instead
APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often…