technology | Breaking Cybersecurity News | The Hacker News

Artificial Intelligence (AI) is no longer a far-off dream—it's here, changing the way we live. From ordering coffee to diagnosing diseases, it's everywhere. But while you're creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app is an opportunity—and a potential risk. The stakes are huge: data leaks, downtime, and even safety threats if security isn't built in. With AI adoption moving fast, securing your projects is no longer optional—it's a must. Join Liqian Lim, Senior Product Marketing Manager at Snyk, for an exclusive webinar that's all about securing the future of AI development. Titled " Building Tomorrow, Securely: Securing the Use of AI in App Development ," this session will arm you with the knowledge and tools to tackle the challenges of AI-powered innovation. What You'll Learn: Get AI-Ready: How to make your AI projects secure from the start. Spot Hidden Risks: Uncover threats you might not see coming. Understand the Ma...

Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature was first reported by Android Authority last week following a teardown of the latest version of Google Play Services for Android. The idea is to create unique, single-use email addresses that forward the messages to the associated primary account, thereby preventing the need for providing the real email address when filling out forms or registering for new services online. The idea of email aliases for improved privacy is not new. Back in 2021, Apple introduced a similar feature called Hide My Email that allows iCloud+ subscribers to generate random burner email addresses. It can also be used to set up new ones in Safari, Mail, and Apple Pay wherever email addresses are required. Other providers like Bitwarden and DuckDuckGo have since also released an analogous feature. It's worth noting that...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform. "The decision was based on the information and evidence collected over the course of the review and on the advice of Canada's security and intelligence community and other government partners," François-Philippe Champagne, Minister of Innovation, Science and Industry, said in a statement. The government said it does not intend to block Canadians' access to the app itself or curtail their ability to create new content, stating the use of a social media application is a "personal choice." The use of the app has already been banned on Canadian government devices since February 2023. That having said, it urged Canadians to adopt good cyber security practices and assess the possible risks that could arise from using social media platforms,...

As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain.  Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide . Data from the Imperva Threat Research team's six-month analysis (April 2024 – September 2024) revealed that AI-driven threats need to be top of mind for retailers this year. As generative AI tools and large language models (LLMs) become more widespread and advanced, cybercriminals are increasingly leveraging these technologies to scale and refine their attacks on eCommerce platforms. Imperva Threat Research also found that retail sites collectively experience an average of 569,884 AI-driven attacks each day. Understanding what types of threats are accounting for these attacks, and how to protect against them, is critical for retail businesses ...

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software," the Big Sleep team said in a blog post shared with The Hacker News. The vulnerability in question is a stack buffer underflow in SQLite, which occurs when a piece of software references a memory location prior to the beginning of the memory buffer, thereby resulting in a crash or arbitrary code execution. "This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of t...

Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time to improve the experience. The development was first reported by The Verge. The artificial intelligence-powered tool was initially slated for a preview release starting in October. "We are committed to delivering a secure and trusted experience with Recall," the company said in an updated statement released Thursday. "To ensure we deliver on these important updates, we're taking additional time to refine the experience before previewing it with Windows Insiders. Originally planned for October, Recall will now be available for preview with Windows Insiders on Copilot+ PCs by December" Microsoft unveiled Recall earlier this May, describing it as a way for users to explore a "visual timeline" of their screens over time and help find things from apps, websites, images, and documents. The search experience was meant...

Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000 phishing websites have been identified the kit, known as Xiū gǒu, with the offering used in attacks aimed at a variety of verticals, such as public sectors, postal, digital services, and banking services. "Threat actors using the kit to deploy phishing websites often rely on Cloudflare's anti-bot and hosting obfuscation capabilities to prevent detection," Netcraft said in a report published Thursday. Some aspects of the phishing kit were documented by security researchers Will Thomas (@ BushidoToken) and Fox_threatintel (@banthisguy9349) in September 2024. Phishing kits like Xiū gǒu pose a risk because they could lower the barrier of entry for less skilled hackers, potentially leading to an increase in malicious campaigns that could lead to theft of ...

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier ( IBPB ) on x86 chips, a crucial mitigation against speculative execution attacks. Speculative execution refers to a performance optimization feature wherein modern CPUs execute certain instructions out-of-order by predicting the branch a program will take beforehand, thus speeding up the task if the speculatively used value was correct. If it results in a misprediction, the instructions, called transient, are declared invalid and squashed, before the processor can resume execution with the correct value. While the execution results of transient instructions are not committed to the architectural program state, it's still ...

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov guilty of illegal circulation of means of payment. Puzyrevsky and Khansvyarov have also been found guilty of using and distributing malware. To that end, Zaets and Malozemov were sentenced to 4.5 and 5 years in prison. Khansvyarov and Puzyrevsky received a jail term of 5.5 and 6 years, respectively. The four individuals are part of a group of 14 people who were initially detained in connection with the case. As reported by TASS back in January 2022, eight of them were charged by the court for their malicious activities. The remaining four members, Andrei Bessonov, Mikhail Golovach...

Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats—they're happening across industries and outpacing traditional defense mechanisms.  The solution, however, is not futuristic. It turns out a properly designed identity security platform is able to deliver defenses against AI impersonation fraud. Read more about how a secure-by-design identity platform can eliminate AI deepfake fraud and serve as a critical component in this new era of cyber defense.  The Growing Threat of AI Impersonation Fraud Recent incidents highlight the alarming potential of AI-powered fraud: A staggering $25 million was fraudulently transferred during a video call where deepfakes impersonated multiple executives. KnowBe4, a cybersecurity leader, was duped by deepfakes during hiring interviews, allowing a North Korean attacker to be onboarded to the organization. CEO of ...

The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020 . The SEC said the companies – Avaya, Check Point, Mimecast , and Unisys – are being penalized for how they handled the disclosure process in the aftermath of the SolarWinds Orion software supply chain incident and downplaying the extent of the breach, thereby infringing the Securities Act of 1933, the Securities Exchange Act of 1934, and related rules under them. To that end, Avaya will pay a fine of $1 million, Check Point will pay $995,000, Mimecast will pay $990,000, and Unisys will pay $4 million to settle the charges. In addition, the SEC has charged Unisys with disclosure controls and procedures violations. "While public companies may become targets of cyberattacks, it is incumbent upon them to not further victimize their sh...

Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today's fast-evolving landscape can feel like an impossible challenge. But there's a game-changing solution: Data Security Posture Management (DSPM). Think of it as a high-tech, super-powered lens that reveals your entire data puzzle—helping you find every piece, fix vulnerabilities, and secure everything with confidence. Join Our Webinar " Building a Successful Data Security Posture Management Program ," to Unlock the Full Potential of DSPM: Uncover Every Hidden Piece: DSPM shows you exactly where your critical data resides, even the parts you didn't know were there, so you can take control and secure it. Shield Your Data from Threats: Like a vigilant security guard, DSPM detects potential risks and helps you fend off attacks before they cause da...

The FIDO Alliance said it's working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance said it has published a draft for a new set of specifications for secure credential exchange, following commitments among members of its Credential Provider Special Interest Group (SIG). This includes 1Password, Apple, Bitwarden, Dashlane, Enpass, Google, Microsoft, NordPass, Okta, Samsung, and SK Telecom. "Secure credential exchange is a focus for the FIDO Alliance because it can help further accelerate passkey adoption and enhance user experience," the FIDO Alliance said in a statement. "Sign-ins with passkeys reduce phishing and eliminate credential reuse while making sign-ins up to 75% faster, and 20% more successful than passwords or passwords plus a second facto...

Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. Security researcher Bistrit Daha has been credited with discovering and reporting the flaw. "A user's saved passwords may be read aloud by VoiceOver," Apple said in an advisory released this week, adding it was resolved with improved validation.  The shortcoming impacts the following devices - iPhone XS and later iPad Pro 13-inch iPad Pro 12.9-inch 3rd generation and later iPad Pro 11-inch 1st generation and later iPad Air 3rd generation and later iPad 7th generation and later, and iPad mini 5th generation and later Also patched by Apple is a security vulnerability (CVE-2024-44207) specific to the newly launched iPhone 16 mo...

Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security concerns, many have been forced to choose between unrestricted GenAI usage to banning it altogether. A new e-guide by LayerX titled 5 Actionable Measures to Prevent Data Leakage Through Generative AI Tools is designed to help organizations navigate the challenges of GenAI usage in the workplace. The guide offers practical steps for security managers to protect sensitive corporate data while still reaping the productivity benefits of GenAI tools like ChatGPT. This approach is intended to allow companies to strike the right balance between innovation and security. Why Worry About ChatGPT? The e...

The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users' passwords in plaintext in its systems. The investigation, launched by the DPC the next month, found that the social media giant violated four different articles under the European Union's General Data Protection Regulation (GDPR). To that end, the DPC faulted Meta for failing to promptly notify the DPC of the data breach, document personal data breaches concerning the storage of user passwords in plaintext, and utilize proper technical measures to ensure the confidentiality of users' passwords. Meta originally revealed that the privacy transgression led to the exposure of a subset of users' Facebook passwords in plaintext, although it noted that there was no evidence it was improperly accessed or abused internally. According to Krebs on Security , some of ...

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security researchers Neiko Rivera, Sam Curry, Justin Rhinehart, and Ian Carroll said . The issues impact almost all vehicles made after 2013, even letting attackers covertly gain access to sensitive information including the victim's name, phone number, email address, and physical address. Essentially, this could then be abused by the adversary to add themselves as an "invisible" second user on the car without the owner's knowledge. The crux of the research is that the issues exploit the Kia dealership infrastructure ("kiaconnect.kdealer[.]com") used for vehicle activat...

Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch more "scalable and cost-effective." Eventually, this leads to a drop in memory safety vulnerabilities as new memory unsafe development slows down after a certain period of time, and new memory safe development takes over, Google's Jeff Vander Stoep and Alex Rebert said in a post shared with The Hacker News. Perhaps even more interestingly, the number of memory safety vulnerabilities tends to register a drop notwithstanding an increase in the quantity of new memory unsafe code. The paradox is explained by the fact that vulnerabilities decay exponentially, with a study finding ...

Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy-Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said . "In essence, the browser is now controlling the tracking, rather than individual websites." Noyb also called out Mozilla for allegedly taking a leaf out of Google's playbook by "secretly" enabling the feature by default without informing users. PPA, which is currently enabled in Firefox version 128 as an experimental feature, has its parallels in Google's Privacy Sandbox project in Chrome. The initiative, now abandoned by Google , sought to replace third-party tracking cookies with a set of APIs baked into the web browser that advertisers can t...

Security Orchestration, Automation, and Response (SOAR) was introduced with the promise of revolutionizing Security Operations Centers (SOCs) through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR hasn't fully delivered on its potential, leaving SOCs still grappling with many of the same challenges. Enter Agentic AI—a new approach that could finally fulfill the SOC's long-awaited vision, providing a more dynamic and adaptive solution to automate SOC operations effectively. Three Generations of SOAR – Still Falling Short SOAR emerged in the mid-2010s with companies like PhantomCyber, Demisto, and Swimlane, promising to automate SOC tasks, improve productivity, and shorten response times. Despite these ambitions, SOAR found its greatest success in automating generalized tasks like threat intel propagation, rather than core threat detection, investigation, and response (TDIR) workloads....