Federal prosecutors have accused a former executive at L3Harris Technologies' cyber division of stealing trade secrets and selling them to an undisclosed buyer in Russia, according to court documents obtained by CyberScoop. The Department of Justice filed charges against Peter Williams, an Australian national who served as general manager of Trenchant, a specialized cybersecurity division within L3Harris, which provides hacking and surveillance tools to Western intelligence agencies. READ MORE...
A massive seizure by the US government of cryptocurrency from a sprawling Southeast Asia cybercrime syndicate has raised hopes that coordinated actions against cybercriminal groups can help undermine their profits. On Oct. 14, the US Department of Justice - along with the Drug Enforcement Agency, the Department of State, and other agencies - announced the seizure of 127,271 bitcoin kept in "unhosted wallets." READ MORE...
Toy store Toys "R" Us Canada this week notified its customers that a threat actor stole their personal information and leaked it on the dark web. The incident, the company said in notification emails to customers, copies of which have been shared on social media platforms, was discovered on July 30, after the information was posted on "the unindexed internet". The compromised information, the company told shoppers, includes names, addresses, email addresses, and phone numbers. READ MORE...
Iran's favorite muddy-footed cyberespionage crew is at it again, this time breaching more than 100 government entities across the Middle East and North Africa, according to researchers at Group-IB. The campaign, which began in August, used a compromised enterprise mailbox to sling convincing phishing emails at embassies, ministries, and telecom outfits. The attackers, tracked as MuddyWater, were able to send malicious messages from a legitimate address accessed through the NordVPN service. READ MORE...
A large-scale smishing operation has been impersonating international brands across critical services in worldwide attacks. Smishing has never been hotter than it is today, as more and more attackers have realized that texting is a quicker and more effective way to reach victims than email. As Verizon Business's vice president of global cybersecurity solutions Chris Novak told Dark Reading this week, "People tend to be more trusting of these devices." READ MORE...
HP has pulled an HP OneAgent software update for Windows 11 that mistakenly deleted Microsoft certificates required for some organizations to log in to Microsoft Entra ID, disconnecting them from their company's cloud environments. The bug was discovered by Patch My PC's Rudy Ooms, who traced it to a silent, background update deployed by HP to its AI PC devices. According to Ooms, systems that installed the HP OneAgent version 1.2.50.9581 automatically executed a cleanup package named SP161710. READ MORE...
On the surface, it seems obvious that training an LLM with "high quality" data will lead to better performance than feeding it any old "low quality" junk you can find. Now, a group of researchers is attempting to quantify just how much this kind of low quality data can cause an LLM to experience effects akin to human "brain rot." For a pre-print paper published this month, the researchers drew inspiration from existing research showing how humans can develop problems with attention and memory. READ MORE...
You've probably noticed that artificial intelligence, or AI, has been everywhere lately-news, phones, apps, even in your browser. It seems like everything suddenly wants to be "powered by AI." If it's not, it's considered old school and boring. It's easy to get swept up in the promise: smarter tools, less work, and maybe even a glimpse of the future. There's a quieter story running alongside the hype, the story of how AI's rapid development is leaving security and privacy struggling to catch up. READ MORE...
Shortly after AI search engine company Perplexity launched its Comet AI browser, threat actors attempted to capitalize on it by luring users to fraudulent domains and fake applications, threat intelligence firm BforeAI reports. Launched in July, Comet is a Chromium-based browser that integrates Perplexity's AI assistant, offering support for automating tasks, organizing emails, and researching the web. READ MORE...
The Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager. The flaw is tracked as CVE-2025-61932 and has a critical severity score of 9.3. It stems from improper verification of the origin of incoming requests, and could be exploited by an unauthenticated attacker to execute arbitrary code on the system by sending specially crafted packets. READ MORE...