Password Managers Vulnerable to Vault Compromise Under Malicious Server
A team of security researchers from ETH Zurich in Switzerland has analyzed popular password managers and identified ways in which threat actors could compromise users' vaults and access sensitive data. However, the researchers did not test the password managers against external or client-side attacks. Instead they targeted zero-knowledge encryption, a security model where the data should be protected even if the provider's servers are compromised. READ MORE...
Canada Goose ruffles feathers over 600K record dump, says leak is old news
Canada Goose says an advertised breach of 600,000 records is an old raid and there are no signs of a recent compromise. Canada Goose says an advertised breach of 600,000 records is an old raid and there are no signs of a recent compromise. "Canada Goose is aware that a historical dataset relating to past customer transactions has recently been published online," a spokesperson said. "At this time, we have no indication of any breach of our own systems." READ MORE...
Operation DoppelBrand: Weaponizing Fortune 500 Brands
An elusive, financially motivated threat actor dubbed GS7 has been targeting Fortune 500 companies in a broad phishing campaign that turns the company's own brands against them with impersonated websites aimed at harvesting credentials. The campaign - dubbed Operation DoppelBrand - is ongoing, first observed between December and January. The group itself however has a history stretching back to 2022, according to a whitepaper by SOCRadar published today. READ MORE...
Citizen Lab links Cellebrite to the hacking of a Kenyan presidential candidate's phone
Researchers have found forensic evidence suggesting that Kenyan authorities used Cellebrite's phone-cracking technology on the device of a prominent human rights activist after arresting him, according to a report published Tuesday. The University of Toronto's Citizen Lab said the intrusion is a sign of growing abuse of Cellebrite's technology. After his widely criticized arrest in July amid mass protest, Boniface Mwangi noticed that his personal phone no longer required a password to access. READ MORE...
Unit 42: Nearly two-thirds of breaches now start with identity abuse
Identity is still the primary entry point for cyberattacks, according to Palo Alto Networks' threat intelligence firm Unit 42. In its annual incident response report released Tuesday, Unit 42 found that identity-based techniques accounted for nearly two-thirds of all initial network intrusions last year. Social engineering was the leading attack method, accounting for one-third of the 750 incidents Unit 42 responded to in the one-year period ending in September 2025. READ MORE...
Polish cops nab 47-year-old man in Phobos ransomware raid
Polish police have arrested and charged a man over ties to the Phobos ransomware group following a property raid. The 47-year-old was cuffed after cops visited his apartment in the Lesser Poland Voivodeship province, and looked through his devices, finding various artifacts that investigators believe are linked to cybercrime. Officials said Tuesday the man's devices contained logins, passwords, and server IP addresses that could have been used to launch "various attacks, including ransomware." READ MORE...
LockBit 5.0 ransomware expands its reach across Windows, Linux, and ESXi
The Acronis Threat Research Unit (TRU) has identified a new and significantly enhanced version of the LockBit ransomware, LockBit 5.0, currently being deployed in active campaigns. The latest variant demonstrates expanded cross-platform capabilities, enabling attackers to target Windows, Linux, and VMware ESXi systems within a single coordinated attack. According to analysis, LockBit 5.0 introduces dedicated builds tailored for enterprise environments. READ MORE...
Hobby coder accidentally creates vacuum robot army
Sammy Azdoufal wanted to steer his robot vacuum with a PS5 controller. Like any good maker, he thought it would be fun to drive a new DJI Romo around manually. He ended up gaining access to an army of robotic cleaners that gave him eyes into thousands of homes. Driven by purely playful reasons, Azdoufal reverse-engineer[ed] his Romo's communication protocols. But when his homebrew app connected to DJI's servers, roughly 7,000 robot vacuums across 24 countries started answering. READ MORE...
Firmware-level Android backdoor found on tablets from multiple manufacturers
A new Android backdoor embedded directly in device firmware can quietly take control of apps and harvest data, Kaspersky researchers found. The malware, named Keenadu, was discovered during an investigation into earlier Android threats and appears to have been inserted during the firmware build process, not after devices reached users. The research team said they found the backdoor code in the firmware of Android-based tablets belonging to several brands. READ MORE...
- ...in 1801, The House of Representatives breaks an electoral college tie and chooses Thomas Jefferson over Aaron Burr for President.
- ...in 1913, the Armory Show opens in New York City, introducing art aficionados to the European avant-garde and inspiring a generation of American artists.
- ...in 1920, comic book artist Curt Swan, whose art appeared in Superman comics for over 30 years, is born in Minnesota.
- ...in 1936, former Cleveland Browns fullback and action film star Jim Brown ("The Dirty Dozen", "Ice Station Zebra") is born in St. Simons, GA.
