The Common Crawl dataset, which is used to train several artificial intelligence models, has over 12,000 legitimate secrets, including API keys and passwords. The Common Crawl non-profit organisation maintains a vast open-source archive of petabytes of web data collected…
Tag: CySecurity News – Latest Information Security and Hacking Incidents
Hackers Exploit Flaw in Microsoft-Signed Driver to Launch Ransomware Attacks
Cybercriminals are exploiting a vulnerability in a Microsoft-signed driver developed by Paragon Software, known as BioNTdrv.sys, to carry out ransomware attacks. This driver, part of Paragon Partition Manager, is typically used to manage hard drive space, but hackers have…
Google to Introduce QR Codes for Gmail 2FA Amid Rising Security Concerns
Google is set to introduce QR codes as a replacement for SMS-based two-factor authentication (2FA) codes for Gmail users in the coming months. While this security update aims to improve authentication methods, it also raises concerns, as QR code-related…
New Polymorphic Attack Enables Malicious Chrome Extensions to Impersonate Password Managers and Banking Apps
Researchers at SquareX Labs have uncovered a sophisticated “polymorphic” attack targeting Google Chrome extensions, allowing malicious extensions to seamlessly morph into trusted ones, such as password managers, cryptocurrency wallets, and banking apps. The attack exploits Chrome’s ‘chrome.management’ API to gain…
Skype’s Role in Popularizing End-to-End Encryption Leaves a Lasting Mark
In recent years, Skype has established itself as the most popular online communication platform, and it is nearing its close, marking the end of an era for one of the most popular VoIP services in the world. The first…
State-Backed Hackers Escalate Attacks on Government Email Servers
Cyberattacks targeting government email servers have intensified in recent years, a trend that experts warn is expected to continue. This concern follows a recent breach involving a cyber-espionage group linked to China, which infiltrated the email servers of Belgium’s…
AI Model Misbehaves After Being Trained on Faulty Data
A recent study has revealed how dangerous artificial intelligence (AI) can become when trained on flawed or insecure data. Researchers experimented by feeding OpenAI’s advanced language model with poorly written code to observe its response. The results were alarming…
Netflix Users Warned About AI-Powered Phishing Scam
Netflix subscribers are being warned about a sophisticated phishing scam circulating via email, designed to steal personal and financial information. The deceptive email mimics an official Netflix communication, falsely claiming that the recipient’s account has been put on hold.…
CrowdStrike Report Reveals a Surge in AI-Driven Threats and Malware-Free Attacks
CrowdStrike Holdings Inc. released a new report earlier this month that illustrates how cyber threats evolved significantly in 2024, with attackers pivoting towards malware-free incursions, AI-assisted social engineering, and cloud-focused vulnerabilities. The 11th annual CrowdStrike Global Threat Report for…
Security Update from Rubrik as Authentication Keys Are Reissued
In a recent report, Rubrik revealed that, last month, an unauthorized security incident compromised one of its log file servers. Rubrik has taken immediate and proactive steps to mitigate potential risks in response to this breach. As part of…