OpenAI’s Codex helps discover HTTP/2 Bomb DoS attack that can nuke over 30GB of RAM within seconds, knocking web servers offline before they can react

A new attack technique affects HTTP/2 configurations of major web servers, but some have released patches already.

, , , ,
NSA warns that cybercriminals are targeting this one critical component that the energy, chemical, food, agriculture, and transportation sectors rely on – here’s what we know

ATG owners are urged to tighten up on security and keep track of potential attacks.

, , , ,
Hackers could use poisoned WhatsApp and Slack notifications to take over your Google Gemini – and make it work on their behalf

Prompt injection works on Android notifications, as well, and could have been used for a myriad of things.

, , , ,
‘Data can place the lives of frontline military or other personnel at risk’: FBI warns that China is luring Western military and intelligence operatives with ‘gig-work’ job offers to steal secrets

China is using fake organizations to pay for intelligence reports, with higher payments for more secrets.

, , , , ,
Meta, Starlink and Microsoft team up with the FBI to delete over 1.4 million accounts and seize millions in cryptocurrency related to huge scam networks targeting Americans

The FBI arrested 63 people in connection to the scam network, while Microsoft disabled 20,000 accounts.

, , , ,
Huge hacking campaign uses spoofed Ghidra, dnSpy, and SpiderFoot security tools to harvest ad revenue and serve malware

More than 100 spoofed websites were redirecting users and offering infostealers.

, , , ,
Microsoft is ditching password-based authentication tomorrow – Edge browser will switch to Windows Hello access

Edge’s password manager is getting an upgrade as it ditches decades-old solutions.

, , , ,
‘You can no longer do things at human ​scale’: Cisco releases AI agent botnet that works on behalf of your business

Cyberspace has become an AI battlefield, and Cisco wants in on the action.

, , , ,
Weedhack malware campaign infects 116,000 mod-hungry Minecraft players systems through SEO poisoning and YouTube

Fake mods and clients are being advertised on YouTube and used to deploy backdoors and infostealers.

, , , ,
Steam Community Profiles abused as C2 network in new WordPress malware infection campaign

A new cheeky malware campaign abuses the comment section as a roadsign to malware

, , , ,