News

FBI: Russian spies exploiting a 7-year-old Cisco bug to slurp configs from critical infrastructure

The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life ...

Perplexity's Comet browser naively processed pages with evil instructions

Chaikin and Sahib recount how they created a proof-of-concept attack consisting of malicious instructions posted to a Reddit ...

'Limited' data leak at Aussie telco turns out to be 280K customer details

Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet. It said the ...

Chinese funding backs sale of British microLED specialist

The UK's Plessey Semiconductors has been acquired by Haylo Labs, using funding supplied by a Chinese company, Goertek Inc.

Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's ...

GSA launches AI sandbox, says it won't be around for long

USAi is now a full-fledged cloud-based, shared AI evaluation platform where government agencies can experiment with different ...

China Telecom Shanghai and ZTE deploy 5G-A EasyOn·Robot private network

Partner content ZTE Corporation, a global leading provider of integrated information and communication technology solutions, ...

GlobalFoundries inks domestic chipmaking deal with Cirrus Logic

Cirrus Logic president and chief exec John Forsyth positioned the deal as a move to "deepen our longstanding relationship" ...

Understanding and controlling AI crawler activity on your website

Cloudflare’s AI Audit gives organizations the visibility they need to make informed decisions on AI crawling, and the ...

McDonald's not lovin' it when hacker exposes nuggets of rotten security

Casa Bonita, the Mexican restaurant that South Park creators Trey Parker and Matt Stone bought and featured in an episode, ...

Commvault releases patches for two nasty bug chains after exploits proven

In Commvault's advisory, it describes CVE-2025-57791 as a vulnerability that allows attackers to retrieve a valid user session for a low-privilege role, assigning it a CVSS score of 6.9 (medium ...

Don't want drive-by Ollama attackers snooping on your local chats? Patch now

A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to ...