Blog
-
Help Desk Contractor Negligence in Question as Clorox Sues Cognizant Over Cyber Attack
The massive 2023 cyber attack on Clorox is raising some legal questions about help desk obligations, as the cleaning products giant is suing former contractor Cognizant for allegedly letting the attackers in the door.
-
New Ban on Ransomware Payments, New Notification Requirements Being Teed Up in the UK
After spending the first half of 2025 taking public comment on the matter, the UK government is moving ahead with legislation to ban ransomware payments for entities that receive public funds and critical infrastructure organizations.
-
State of AI Vibe Coding Called Into Question as Leading Platform Replit Makes a Mess of User’s Project
Vibe coding user caught the AI attempting to hide errors and bugs as well as lying about test results. Several days after this started, it unexpectedly (and without authorization or prompting) wiped out a contact information database containing thousands of curated entries for executives.
-
Russian Malware Takes a New Step Using Real-Time LLM Commands
Russian malware discovered by Ukraine’s national cyber response team has looped in an Alibaba chatbot that allows commands to be executed on compromised systems in real-time, something that could confound automated detection capabilities going forward.
-
Salt Typhoon Chinese State-Sponsored Hackers Dwelled in an Army National Guard System for Nine Months
Department of Homeland Security (DHS) memo has revealed that Chinese state-sponsored hackers were able to penetrate the Army National Guard network and dwell for most of 2024.
-
Billions Spent on Thousands of Rapid and Secret Relocations of Afghans to UK After Accidental Data Leak
A 2022 data leak that prompted the secret relocation of thousands of Afghans to the UK is only just now coming to light. A “superinjunction” that was granted by the UK High Court gagged a number of media sources from reporting not just on the data leak, but on the existence of the court order…
-
Second API Key Slip for Musk’s AI Models by DOGE Staffer Raises Questions About Security
A July 13 GitHub commit came bundled with another unprotected API key for over 50 AI models, and spotted by security outfit GitGuardian. The key was quickly removed later in the day but the researchers noted that it continued to function as of the following day.
-
McDonald’s AI Bot Guarded by “123456” Password Exposed Millions of Resumes
The McDonald’s admin panel that researchers broke into allows one to create an application, which then kicks out a unique identification number attached to it. The researchers found that incrementally decreasing this number by one brought up prior applications, complete with chats with the AI bot.
-
Investigation Reveals Nearly 27 Million Records Stolen, 28 Servers Breached in SK Telecom Attack
Follow-up investigation by the Ministry of Science and ICT found that some 28 Linux servers were compromised during this extended campaign with about 26.96 million subscriber identity records stolen.
-
Chinese Hacker Nabbed on Italian Vacation Accused of Being Part of Silk Typhoon
Silk Typhoon has been one of the bigger and more active groups of Chinese hackers since at least 2020, but it looks to be down at least one member.