Researchers have uncovered privacy and security bugs in Tile tracking tags. These flaws allow malicious actors to track users, bypass anti-stalking protections, and even impersonate Tile tags to falsely implicate individuals.

A massive SIM farm operation discovered in the New York City area has raised serious concerns about the potential for large-scale disruption of US telecommunications infrastructure.

The cyberattack, which began in early September, has led JLR to proactively shut down its systems to contain the threat. The production pause has now been extended to September 24 as forensic investigations continue.

The breach affected 439 intelligence products, which were accessed 1,525 times by users not cleared for such information, including private sector contractors and foreign nationals. The breach exposed sensitive national security data, including PII.

A new variant of infostealer malware, Stealerium, introduces an automated sextortion feature that captures webcam images and browser screenshots when victims access NSFW content. This development marks a disturbing evolution in cybercrime.

Researchers have uncovered critical vulnerabilities in end-to-end encryption (E2EE) used in TETRA-based radios, which are widely deployed by police, military, and intelligence agencies globally.

A newly leaked trove of data has exposed the inner workings of North Korea’s covert IT worker operations, revealing how the regime systematically places skilled developers in remote jobs worldwide to generate revenue for its weapons programs.

Security researchers have demonstrated a groundbreaking indirect prompt injection attack against Google’s Gemini AI, showing how malicious calendar invites can trigger real-world actions in smart homes.

A significant data exposure incident involving the Gladney Center for Adoption has revealed over 1.1 million sensitive records related to children, birth parents, adoptive families, and caregivers.

A critical security vulnerability in McDonald’s AI-powered hiring platform, McHire.com, exposed the personal data of millions of job seekers. The breach was caused by the use of the weak password “123456” for administrative access.