Latest news as of 7/14/2025, 12:38:51 AM
Dark Reading
Backdoors lurking in legitimate-looking code contain file-deletion commands that can destroy production systems and cause massive disruptions to software supply chains.
Bleeping Computer
OpenAI is working to fix an ongoing outage impacting ChatGPT users worldwide and preventing them from accessing the chatbot on the web or via mobile and desktop apps. [...]
The Register
Also axes secure software mandates - optional is the new secure, apparently President Donald Trump late Friday signed a cybersecurity-focused executive order that, in the White House's words, "amends problematic elements of Obama and Biden-era Executive Orders."…
The Register
Chocolate Factory fixes issue, pays only $5K A researcher has exposed a flaw in Google's authentication systems, opening it to a brute-force attack that left users' mobile numbers up for grabs.…
The Hacker News
Modern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to interact securely and efficiently without constant human oversight, which is where non-human identities (NHIs) come in. NHIs — including application secrets, API keys, service accounts, and OAuth tokens — have exploded in recent years, thanks to an
Bleeping Computer
Five men from China, the United States, and Turkey pleaded guilty to their involvement in an international crime ring and laundering nearly $37 million stolen from U.S. victims in cryptocurrency investment scams carried out from Cambodia. [...]
The Register
A milestone in cyberattack recovery – but deliveries will take a while and normal service not yet back UK retailer Marks & Spencer has reinstated online orders for some customers, marking a major milestone in its recovery from a cyberattack in April.…
The Hacker News
Google has stepped in to address a security flaw that could have made it possible to brute-force an account's recovery phone number, potentially exposing them to privacy and security risks. The issue, according to Singaporean security researcher "brutecat," leverages an issue in the company's account recovery feature. That said, exploiting the vulnerability hinges on several moving parts,
The Register
Majority of exposures located in the US, including datacenters, healthcare facilities, factories, and more Security researchers managed to access the live feeds of 40,000 internet-connected cameras worldwide and they may have only scratched the surface of what's possible.…
The Hacker News
The threat actor known as Rare Werewolf (formerly Rare Wolf) has been linked to a series of cyber attacks targeting Russia and the Commonwealth of Independent States (CIS) countries. "A distinctive feature of this threat is that the attackers favor using legitimate third-party software over developing their own malicious binaries," Kaspersky said. "The malicious functionality of the campaign