A Chinese company's claim of a $5.6 million artificial intelligence breakthrough wiped almost $600 billion from Nvidia's market value on Monday, shattering Wall Street's confidence that tech companies' AI spending spree will continue and dealing an apparent blow to US tech leadership. Yet many in Silicon Valley believe the broad sell-off is an overreaction to DeepSeek's latest model, which they argue could spur wider adoption and utility of AI. READ MORE...
Energy sector contractor ENGlobal Corporation has confirmed that personal information was compromised during a November 2024 ransomware attack. The incident occurred on November 25 and resulted in ENGlobal taking certain systems offline as a containment measure, leaving access to only essential business operations available. In early December, the company informed the US Securities and Exchange Commission (SEC) that certain data on its systems had been encrypted during the attack. READ MORE...
DeepSeek, the Chinese startup whose open-source large language model is causing panic among U.S. tech and AI companies this week, said it is having difficulty registering new users due to "large-scale malicious attacks" on its services. On Monday, the company's website posted a banner note stating that it was temporarily pausing new registrations to deal with the issue. READ MORE...
The European Union on Monday announced sanctions against three Russian nationals for launching cyberattacks against Estonia in 2020. According to the EU, the three, Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, are officers of a military unit of the General Staff of the Armed Forces of the Russian Federation (GRU), namely 161st Specialist Training Center, also known as Unit 29155. READ MORE...
The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency. Following the Thursday cyberattack, the cryptocurrency exchange immediately suspended deposits and withdrawals and published proof of reserves for transparency. According to Phemex's CEO, Federico Variola, the incident only impacted hot wallets while cold wallets remained safe. READ MORE...
Apple has released a host of security updates across many devices, including for a zero-day bug which is being actively exploited in iOS. The zero-day vulnerability patched in this update is tracked as CVE-2025-24085. It is described as a use after free (UAF) issue in Apple's Core Media framework that would allow an attacker to elevate privileges. The Core Media framework handles multimedia applications like photos, videos, and real-time communication applications. READ MORE...
A recently debuted AI chatbot dubbed GhostGPT has given aspiring and active cybercriminals a handy new tool for developing malware, carrying out business email compromise scams, and executing other illegal activities. Like previous, similar chatbots like WormGPT, GhostGPT is an uncensored AI model, meaning it is tuned to bypass the usual security measures and ethical constraints available with mainstream AI systems such as ChatGPT, Claude, Google Gemini, and Microsoft Copilot. READ MORE...
President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation's cybersecurity posture. The president fired all advisors from the Department of Homeland Security's Cyber Safety Review Board, called for the creation of a strategic cryptocurrency reserve, and voided a Biden administration action that sought to reduce the risks that artificial intelligence poses to consumers, workers and national security. READ MORE...
Attackers impersonating the US Postal Service (USPS) are striking again, this time in a widescale mobile phishing campaign that taps people's trust in PDF files. This time it uses a novel evasion tactic to steal credentials and compromise sensitive data in SMS phishing (smishing) attacks. Discovered by researchers at Zimperium zLabs, the smishing campaign uses malicious SMS messages informing people that their package can't be delivered because of "incomplete address information." READ MORE...
Google says it's now hardening defenses against a sophisticated account takeover scam documented by a programmer last week. Zach Latta, founder of Hack Club, told of how close he was to succumbing to voice phishers who attempted to take over his Google account. He said: "Someone just tried the most sophisticated phishing attack I've ever seen. I almost fell for it. My mind is a little blown." READ MORE...