Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
DoorDash email spoofing vulnerability sparks messy disclosure dispute
A vulnerability in DoorDash’s systems could allow anyone to send “official” DoorDash-themed emails right from company’s authorized servers, paving a near-perfect phishing channel. DoorDash has now patched the issue, but a contentious dispute has erupted between the researcher who reported the vulnerability and the company, with both sides accusing each other of acting improperly. Anyone could send ‘official’ DoorDash […]
Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses
Microsoft said today that the Aisuru botnet hit its Azure network with a 15.72 terabits per second (Tbps) DDoS attack, launched from over 500,000 IP addresses. The attack used extremely high-rate UDP floods that targeted a specific public IP address in Australia, reaching nearly 3.64 billion packets per second (bpps). “The attack originated from Aisuru […]
Pennsylvania AG confirms data breach after INC Ransom attack
The office of Pennsylvania’s attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. This comes after Attorney General Dave Sunday confirmed in early September that the incident was a ransomware attack and his office refused to pay the ransom requested by the cybercriminals after they encrypted […]
Google to flag Android apps with excessive battery use on the Play Store
Google will start taking action on Android apps in the official Google Play store that have high background activity and cause excessive battery draining. Apps that exceed a “bad behavior threshold” may be flagged on Google Play for negatively impacting battery performance and may affect their visibility in the Android ecosystem. Developers have until March 1, 2026, […]
Microsoft: Windows 10 KB5068781 ESU update may fail with 0x800f0922 errors
Microsoft has confirmed it is investigating a bug causing the Windows 10 KB5068781 extended security update to fail to install with 0x800f0922 errors on devices with corporate licensing. KB5068781 is the first Windows 10 extended security update and was released on November 11 as part of Patch Tuesday. Since then, some business Windows 10 users have reported that […]
Decades-old ‘Finger’ protocol abused in ClickFix malware attacks
The decades-old “finger” command is making a comeback,, with threat actors using the protocol to retrieve remote commands to execute on Windows devices. In the past, people used the finger command to look up information about local and remote users on Unix and Linux systems via the Finger protocol, a command later added to Windows. While still supported, it’s […]
Jaguar Land Rover cyberattack cost the company over $220 million
Jaguar Land Rover (JLR) published its financial results for July 1 to September 30, warning that the cost of a recent cyberattack totaled £196 million ($220 million) in the quarter. The cyberattack was announced on September 2, 2025, forcing the British carmaker to shut down production at major plants and send its staff home. A follow-up […]
Logitech confirms data breach after Clop extortion attack
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. Logitech International S.A. is a Swiss multinational electronics company that sells hardware and software solutions, including computer peripherals, gaming, video collaboration, music, and smart home […]
Five plead guilty to helping North Koreans infiltrate US firms
The U.S. Department of Justice announced that five individuals pleaded guilty to aiding North Korea’s illicit revenue generation schemes, including remote IT worker fraud and cryptocurrency theft. As part of this, the U.S. authorities announced actions seeking the forfeiture of $15 million in cryptocurrency from heists carried out by the APT38 threat group, which is […]
Anthropic claims of Claude AI-automated cyberattacks met with doubt
Anthropic reports that a Chinese state-sponsored threat group, tracked as GTG-1002, carried out a cyber-espionage operation that was largely automated through the abuse of the company’s Claude Code AI model. However, Anthropic’s claims immediately sparked widespread skepticism, with security researchers and AI practitioners calling the report “made up” or the company of overstating the incident. “I […]