Tag: security
Whisper it – Microsoft uncovers sneaky new attack targeting top LLMs to gain access to encrypted traffic
Microsoft finds Whisper Leak shows privacy flaws inside encrypted AI systems Encrypted AI chats may still leak clues about what users discuss Attackers can track conversation topics using packet size and timing Microsoft has revealed a new type of cyberattack it has called “Whisper Leak”, which is able to expose…
Read More
An incredibly popular JavaScript library might have some worrying malware issues
CVE-2025-12735 in expr-eval allows remote code execution via unsafe input evaluation Vulnerable versions ≤2.0.2; patched in 2.0.3 and forked in expr-eval-fork 3.0.0 Developers should sanitize variables and avoid untrusted input in evaluate() calls A widely-adopted JavaScript library has been found carrying a critical vulnerability which could allow threat actors to…
Read More
Leading AI companies keep leaking their own information on GitHub
Researchers find 65% of the Forbes top 50 AI companies are leaking secrets These come in the form of tokens, API keys, and sensitive credentials Wiz used a ‘‘Depth, Perimeter, and Coverage’ approach to spot leaks AI companies have had a pretty rocky history with cybersecurity and data privacy, and…
Read More
Fake Facebook Business pages are bombarding users with phishing messages – so what can be done?
Hackers spoof Facebook alerts using real facebookmail.com domain to phish Business Suite users Over 40,000 emails sent; one firm received 4,000+—mostly templated, wide-net campaigns Defense requires MFA, password managers, staff training, and vigilant account monitoring Cybercriminals are targeting Facebook Business Suite users with highly convincing phishing emails, tricking them into…
Read More
Samsung phones under threat from this dangerous new spyware cyberattack – here’s how to stay safe
CVE-2025-21042 flaw enabled remote code execution on multiple Samsung Galaxy devices Attackers used WhatsApp to deliver LandFall spyware via malformed image files Victims targeted in the Middle East; Stealth Falcon group suspected behind the campaign Multiple Samsung Galaxy device series were vulnerable to a flaw that allowed threat actors to…
Read More
These are still the most popular passwords around – and surely, we can do better than this as a species
Predictable password habits continue to enable attackers who rely on automated large-scale cracking Length remains the defining factor that determines a password’s actual resistance Administrators heavily influence password strength through the rules they choose Yet more research has revealed that when it comes to thinking up strong passwords, we’re all…
Read More