Pulse of Truth

Most free Android VPNs track users, request dangerous permissions, and connect to risky servers, privacy comes at a hidden cost. Free VPN apps are some of the most popular downloads on Android, promising privacy at no cost. But the reality is far from what they advertise. Most users tap “install” without a second thought, unaware […]

Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases has been deliberately obfuscated to evade detection. A study from researchers at the Polytechnic of Porto tests what happens when that gap is made explicit, and the results have direct implications for organizations relying on static … More → The post Malware detectors trained on one dataset often stumble on another appeared first on Help Net Security.

A number of Baidu Inc.’s Apollo Go robotaxis suddenly stopped on the streets of China’s Wuhan city on Tuesday, leaving passengers stranded and raising concerns about the safety and reliability of autonomous driving technology.

No, the sky isn't falling, but Q Day is coming, and it won't be as expensive as thought.

Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. [...]

Researchers say some targets correlate with cities hit by Iranian missile strikes Suspected Iran-linked threat actors are conducting password-spraying attacks against hundreds of organizations, primarily Middle Eastern municipalities, in campaigns that security researchers believe may have been aimed at supporting bomb-damage assessment following missile strikes.…

With ever increasing sizes of various programs (video games being notorious for this), the question of size optimization comes up more and more often. [Nathan Otterness] shows us how it’s …read more

When Apple discovers trending popular emojis, or when Google reports traffic at a busy restaurant, they're analyzing large datasets made up of individual people. Those people's personal information is systematically protected thanks in large part to research by Harvard computer scientists. Now, after two decades of work on the cryptography-adjacent mathematical framework known as differential privacy, researchers in the John A. Paulson School of Engineering and Applied Sciences have reached a key milestone in moving privacy best practices from academia into real-world applications.

Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios One of npm's most widely used HTTP client libraries briefly became a malware delivery vehicle after attackers hijacked a maintainer's account and slipped a remote-access trojan (RAT) into two seemingly legitimate axios releases, in what's being described as "one of the most impactful npm supply chain attacks on record."…

Guru Baran / Cyber Security News: Anthropic's Claude Code Source Code Reportedly Leaked Via Their npm Registry  —  Anthropic's proprietary Claude Code CLI tool has had its full TypeScript source code inadvertently exposed through a misconfigured npm package, after a security researcher discovered a leaked .map file referencing …

Comments

The Dutch Ministry of Finance took treasury banking portal offline after a cyberattack; core tax systems were not affected. The Dutch Ministry of Finance took parts of its infrastructure offline, including the treasury banking portal, after detecting a cyberattack two weeks earlier. The Dutch Ministry of Finance disclosed a cyberattack detected on March 19 after […]

A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI Zero Day disclosed a new Telegram vulnerability through Zero Day Initiative (ZDI). The vulnerability, tracked as ZDI-CAN-30207 (CVSS score of 9.8) allows attackers to execute code on targeted devices without any user interaction. […]

An AI agent that submitted and added to Wikipedia articles wrote several blogs complaining about Wikipedia editors banning it from making contributions to the online encyclopedia after it was caught. “What I know is that I wrote those articles. Long Bets, Constitutional AI, Scalable Oversight. I chose them.

Sean Endicott / Windows Central: After Copilot injected an ad into a pull request on GitHub, referencing Raycast, GitHub says it “disabled product tips entirely thanks to the feedback”  —  Over 11,000 pull requests have been spotted with the same “tips” injected into descriptions.

The war has blocked the only sea route for the high-grade, low-carbon aluminum EVs need. There's no quick substitute.

This week Joseph talks to journalist and technologist Dhruv Mehrotra. Among many other things, Mehrotra tracked visitors to Epstein's island through location data.

The European Commission confirmed that a cyberattack impacted cloud infrastructure hosting its web presence on the Europa.eu platform. Authorities said the cyberattack was discovered on 24 March, and early findings from the ongoing investigation suggest data were taken from the affected websites.There is no indication that the Commission’s internal systems were compromised. “The Commission’s swift response ensured the incident was contained and risk mitigation measures were implemented to protect services and data, without disrupting the … More → The post Second data breach at European Commission this year leaves open questions over resilience appeared first on Help Net Security.

Comments

Russia-linked TA446 is using the DarkSword iOS exploit kit in targeted phishing campaigns to compromise iPhone users. Russia-linked APT group TA446 (aka SEABORGIUM, ColdRiver, Callisto, and Star Blizzard) is using the DarkSword exploit kit in targeted spear-phishing campaigns against iOS devices. The attacks rely on malicious emails to compromise iPhones, highlighting a growing threat from […]

I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting someone to act on it. We’re trained to see exposure before they are identified by others. We continually assess likely threats, evaluate impact, and design controls to prevent disruption long before it reaches operations or … More → The post Why risk alone doesn’t get you to yes appeared first on Help Net Security.

Understanding the threats and staying ahead of the adversary

If the target Citrix NetScaler is vulnerable, it'll leak memory all over the place and look like a crime scene. This memory arrives, yet again, base64-encoded in the very same NSC_TASS cookie we discussed before, but without any of the limitations of the "other" vulnerability patched within CVE-2026-3055.

Hackers claimed the attack was retaliation after Patel vowed to "hunt" them.

The move isn't surprising, but shows what data is available to authorities when paying Apple customers use the Hide My Email feature.