DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total
Cloudflare on Tuesday published its DDoS threat report for the second quarter of 2025, and the company says the number of attacks it blocked in the first half of the year already exceeds all the attacks mitigated in 2024. In 2024, Cloudflare blocked a total of 21.3 million HTTP and Layer 3/4 DDoS attacks. In the first half of 2025, it has already mitigated 27.8 million attacks. More than 20 million of them were seen in Q1. READ MORE...
Nvidia chips become the first GPUs to fall to Rowhammer bit-flip attacks
Nvidia is recommending a mitigation for customers of one of its GPU product lines that will degrade performance by up to 10 percent in a bid to protect users from exploits that could let hackers sabotage work projects and possibly cause other compromises. The move comes in response to an attack a team of academic researchers demonstrated against Nvidia's RTX A6000, a widely used GPU for high-performance computing that's available from many cloud services. READ MORE...
DOGE Denizen Marko Elez Leaked API Key for xAI
Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed anyone to interact directly with dozens of LLMs developed by Musk's xAI. READ MORE...
Data Breach at Debt Settlement Firm Impacts 160,000 People
Pennsylvania-based debt settlement company Next Level Finance Partners (dba Century Support Services) has disclosed a data breach impacting a significant number of individuals. The company has started sending out data security incident notifications informing impacted individuals that its systems were hacked in November 2024. An investigation launched in response to the cyberattack revealed in late May that the files potentially accessed or taken by the hackers stored personal information. READ MORE...
Hackers exploiting flaw in widely used Wing FTP Server
Security researchers are warning that hackers are launching attacks on computers that run Wing FTP Server using a critical vulnerability that could enable attackers to take control of an entire system. The vulnerability, tracked as CVE-2025-47812, involves a null byte and Lua injection flaw that can lead to root-level remote code execution, according to researchers at Huntress. Huntress researchers first observed a customer being exploited on July 1. READ MORE...
AsyncRAT evolves as ESET tracks its most popular malware forks
AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, credential theft, and more. Its simplicity and open-source design have made it a popular tool among cybercriminals, leading to its widespread use in various cyberattacks. Over time, AsyncRAT has become a mainstay of the modern malware ecosystem, spawning a wide array of variants and forks. READ MORE...
Web-Inject Campaign Debuts Fresh Interlock RAT Variant
An ongoing Web-inject campaign is using a beefed-up remote access Trojan (RAT) belonging to the ransomware actor Interlock. Threat intelligence firm The DFIR Report published research today dedicated to a new variant of the Interlock RAT. Interlock is a ransomware group that first appeared last October and is known for its double-extortion tactics, where threat actors both encrypt victim data and threaten to leak it if said victim doesn't pay a ransom. READ MORE...
Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot
Dozens of Gigabyte motherboard models run on UEFI firmware vulnerable to security issues that allow planting bootkit malware that is invisible to the operating system and can survive reinstalls. The vulnerabilities could allow attackers with local or remote admin permissions to execute arbitrary code in System Management Mode (SMM), an environment isolated from the operating system (OS) and with more privileges on the machine. READ MORE...
Android malware Konfety uses malformed APKs to evade detection
A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. Konfety poses as a legitimate app, mimicking innocuous products available on Google Play, but features none of the promised functionality. The capabilities of the malware include redirecting users to malicious sites, pushing unwanted app installs, and fake browser notifications. READ MORE...
Why skipping security prompting on Grok's newest model is a huge mistake
On the same day xAI announced that its new Grok 4 tool will now be available to the federal government, cybersecurity researchers at SplxAI released new research that subjected the large language model to more than 1,000 different attack scenarios. The good news? Smart system prompting on the front end can make a difference in the model's ability to handle security and privacy challenges. The bad news? It really matters in the case of Grok 4. READ MORE...
Google Gemini AI Bug Allows Invisible, Malicious Prompts
A prompt-injection flaw in Google's AI chatbot opens the door to the creation of convincing phishing or vishing campaigns, researchers are cautioning. Attackers can exploit the vulnerability to craft messages that appear to be legitimate Google security warnings. A researcher discovered the security vulnerability in Google Gemini and reported it to AI security firm 0din. Attackers can embed malicious prompt instructions inside the body of an email with "admin" instructions. READ MORE...
A software-defined radio can derail a US train by slamming the brakes on remotely
When independent security researcher Neil Smith reported a vulnerability in a comms standard used by trains to the US government in 2012, he most likely didn't expect it would take until 2025 to sort the matter out, but here we are. The US Cybersecurity and Infrastructure Security Agency (CISA) issued CVE-2025-1727 (CVSS v3.1 8.1) last week, specifying the issue as one of weak authentication in the end-of-train to head-of-train linking protocol. READ MORE...
- ...in 1799, the Rosetta Stone is found in Egypt by French Army officer Pierre-Francois Bouchard.
- ...in 1961, actor Forest Whitaker ("Bird", "The Last King of Scotland") is born in Longview, TX.
- ...in 1967, film effects designer and "MythBusters" co-host Adam Savage is born in New York City.
- ...in 2003, the Mozilla Foundation is established following the disbanding of its precursor company, Netscape.
