Cybersecurity
A Department of Energy (DOGE) employee Jordan Wick has been publicly sharing sensitive work-related code on GitHub, including a Twitter DM downloader and geospatial data analysis tools for undersea cables and critical minerals.
A widespread scam operation on GitHub involves thousands of repositories distributing malware disguised as game mods and cracked software. The malware, known as Redox stealer, collects sensitive data including passwords, crypto wallets, and gaming accounts from victims' computers, then sends it to Discord servers for exploitation.
IBM has completed its $6.4 billion acquisition of HashiCorp, integrating advanced cloud infrastructure automation and security capabilities into its portfolio. The merger aims to help enterprises manage hybrid cloud environments more efficiently, with HashiCorp's Terraform and Vault products now available through IBM's automation software lineup. The acquisition strengthens IBM's position in multiple growth areas including Red Hat, watsonx, and IT automation.
Memory safety vulnerabilities have been a persistent security challenge costing billions, prompting a call for industry-wide standardization and secure-by-design practices. Recent advancements in memory-safe languages like Rust and hardware technologies offer promising solutions for widespread adoption. Google advocates for establishing a common framework to assess memory safety assurances and drive industry-wide adoption of secure practices.
A class action lawsuit has been filed against Automattic over blocking WP Engine's access to WordPress.org services, affecting hundreds of thousands of customers. The lawsuit alleges deliberate sabotage and unfair competition, seeking damages and an injunction to prevent Automattic from interfering with competitors. The case highlights concerns about WordPress.org's governance and Automattic's control over critical WordPress infrastructure.
SubImage, built on the open-source Cartography security graph, helps security teams identify and fix infrastructure vulnerabilities before attackers find them. The platform maps infrastructure, emulates adversary behavior, and provides actionable recommendations through a hosted solution that allows deep customization and integration with various data sources.
Cloudflare has initiated legal proceedings against LaLiga over IP blocking measures that affected millions of unrelated website users. The dispute arose after LaLiga blocked two pirate streaming platforms using Cloudflare's technology, affecting shared IP addresses that hosted thousands of legitimate domains.
The UK government has ordered Apple to implement encryption backdoors in iCloud, leading Apple to remove Advanced Data Protection for UK users. This decision represents a significant threat to global digital privacy and security, following a pattern of governments attempting to weaken encryption worldwide. The situation exemplifies ongoing challenges in balancing national security with individual privacy rights.
European governments and organizations continue migrating to US cloud services despite increasing risks and Trump's undermining of data privacy frameworks. The practice is justified through legal mechanisms and convenience, despite serious concerns about data sovereignty and business continuity. The author argues for immediate cessation of US cloud adoption and investment in European alternatives.
A massive $1.5B hack at Bybit cryptocurrency exchange marks a shift from smart contract vulnerabilities to operational security failures, attributed to North Korean state actors. The attackers compromised multiple signers' devices and manipulated wallet interfaces, highlighting the urgent need for enhanced operational security measures in the cryptocurrency industry.
Apple has discontinued its Advanced Data Protection (ADP) encrypted iCloud storage for new UK users and will require existing users to disable it, following UK security services' demands for backdoor access. The decision affects iCloud backups, photos, notes, and voice memos, while certain data types like passwords and health information will remain encrypted by default.
Apple has withdrawn its Advanced Data Protection iCloud feature from the UK after government demands for backdoor access to encrypted user data worldwide. The UK's request came through a technical capability notice under the Investigatory Powers Act, requiring Apple to create a global backdoor for British security officials. Existing ADP users will need to manually disable the feature during a grace period to maintain their iCloud accounts.
Apple is removing its Advanced Data Protection tool from UK customers after the government demanded access to user data under the Investigatory Powers Act. The move means UK customer data stored on iCloud will no longer be fully encrypted, despite Apple's strong stance against creating encryption backdoors. This decision has sparked criticism from privacy advocates and US politicians who view it as a threat to security.
Obscura introduces a revolutionary VPN service that physically cannot log user activity through a unique two-party protocol system. The service provides enhanced privacy by separating user identity from browsing data, while offering seamless integration with multiple global server locations and cryptocurrency payment options.
Elon Musk's Department of Government Efficiency (DOGE) has gained unprecedented 'God mode' access to multiple federal agencies' digital infrastructure, raising serious security and privacy concerns. The organization has already accessed sensitive systems at USAID and NASA, with plans to enter CDC and FAA systems, potentially exposing critical government data and infrastructure. DOGE's unrestricted access could compromise national security, personal data, and classified information across numerous federal agencies.
Multiple Russia-aligned threat actors are actively targeting Signal Messenger accounts through various sophisticated techniques, primarily exploiting the app's 'linked devices' feature. The attacks focus on military personnel, politicians, and journalists, with threat actors using phishing campaigns and malware to intercept sensitive communications. Signal has responded by implementing hardened features in their latest releases to protect against such phishing campaigns.
South Korea has accused Chinese AI startup DeepSeek of sharing user data with ByteDance, leading to its removal from app stores. The accusation follows cybersecurity concerns and potential data sharing with Chinese state-owned entities, though the extent of data transfer remains unclear. Multiple countries have banned DeepSeek from government devices amid privacy concerns.
Cloudflare and CyberPeace Institute have partnered to create CyberPeace Tracer, a resource providing data-driven insights about cyber threats targeting NGOs and civil society organizations. The initiative addresses the critical need for cybersecurity in humanitarian sectors, where organizations face an average of 95 million attacks daily. Through this collaboration, vulnerable organizations gain access to email security tools and real-time threat intelligence sharing.
X (formerly Twitter) is blocking links to Signal.me, preventing users from sharing direct contact links to the encrypted messaging service. The platform displays various error messages when users attempt to post Signal.me URLs, while other Signal domains remain accessible. This blocking coincides with federal employees using Signal to communicate with journalists about DOGE-related whistleblowing.
Russian threat actors are conducting sophisticated phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication, with recent attacks focusing on political themes around the new US administration. Multiple actors, including suspected CozyLarch (APT29), are using social engineering and spear-phishing to impersonate government officials and research institutions, achieving higher success rates than traditional phishing methods.