Short circuit: Electronics supplier to tech giants suffers ransomware shutdown
Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt its business operations. "The Company is working diligently to restore the affected systems," the manufacturer said in a Form 8-K filed with the US Securities and Exchange Commission yesterday. READ MORE...
China-nexus hacker Silk Typhoon targeting cloud environments
Security researchers are warning about a recent wave of cyberattacks from the Chinese government-linked hacker group Silk Typhoon, which has targeted government agencies, technology firms and other organizations in North America in recent years. Silk Typhoon has exploited zero-day flaws in Citrix and Commvault products to gain access to the cloud environments of software-as-a-service providers, CrowdStrike said in a blog post on Thursday. READ MORE...
Criminal background checker APCS faces data breach
A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company. Access Personal Checking Services (APCS) has written to customers to notify them that their data has been compromised, according to emails seen by The Register, and it confirmed to us that Hull-based Intradev was the organization initially attacked. APCS describes itself as the UK's fastest service for carrying out Disclosure and Barring Service (DBS) checks. READ MORE...
Farmers Insurance Data Breach Impacts Over 1 Million People
Farmers Insurance late last week disclosed a data breach impacting the personal information of more than one million individuals. According to its website, Farmers Insurance serves roughly 10 million households (19 million insurance policies) across the entire United States, offering car, property, life, commercial and other types of insurance. The insurer has approximately 48,000 agents and 21,000 employees. READ MORE...
Aspire Rural Health System Data Breach Impacts Nearly 140,000
Aspire Rural Health System has informed state authorities that it has suffered a data breach impacting nearly 140,000 people. Aspire provides emergency care, outpatient services, diagnostic testing, surgical procedures, and other healthcare services through a network of over 70 facilities across several counties in Michigan. In notifications sent out to affected individuals, the healthcare organization said hackers had access to its network between November 4, 2024, and January 6, 2025. READ MORE...
Fake macOS help sites push Shamos infostealer via ClickFix technique
Criminals are taking advantage of macOS users' need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers are using the so-called ClickFix technique, which relies on users running malicious commands. The cyber crooks created fraudulent macOS help websites and made Google Search deliver ads pointing to them. READ MORE...
New Android malware poses as antivirus from Russian intelligence agency
A new Android malware posing as an antivirus tool software created by Russia's Federal Security Services agency (FSB) is being used to target executives of Russian businesses. In a new report from Russian mobile security firm Dr. Web, researchers track the new spyware as 'Android.Backdoor.916.origin,' finding no links to known malware families. Among its various capabilities, the malware can snoop on conversations, stream from the phone's camera, log user input with a keylogger, and more. READ MORE...
Apple Intelligence Is Picking Up More User Data Than Expected, Researcher Finds
In this Dark Reading News Desk interview at Black Hat USA 2025, Yoav Magid, senior security researcher for Lumia Security, explains that Apple Intelligence, which powers various AI applications including an enhanced Siri, presents a privacy risk to users. His research revealed that Apple collects surprising amounts of contextual data even for simple queries, for example, when asking about weather, Siri might capture and send to Apple servers information about what music a person is currently listening to. READ MORE...
Grok chats show up in Google searches
I'm starting to feel like a broken record, but I feel you should know that yet another AI has been found sharing private conversations so that Google was able to index them, and now they can be found in search results. It's déjà vu in the world of AI: another day, another exposé about chatbot conversations being leaked, indexed, or made public. We have written about the share option in ChatGPT that was swiftly removed because users seemed oblivious to the consequences. READ MORE...
Clickjack attack steals password managers' secrets
Sometimes it can seem as though everything's toxic online, and the latest good thing turned bad is here: Browser pop-ups that look like they're trying to help or authenticate you could be programmed to steal data from your password manager. To make matters worse, most browser extension-based password managers are still vulnerable to the attack. This issue affects password managers like 1Password, LastPass, NordPass, and Enpass. READ MORE...
ReVault Flaw Exposed Millions of Dell Laptops to Malicious Domination
In this interview from Black Hat USA 2025, Philippe Laulheret, a senior vulnerability researcher at Cisco Talos, discusses his discovery of the "ReVault" vulnerability affecting millions of Dell business laptops. Laulheret found that the Control Vault contained multiple security flaws that allow any user to communicate with the board through undocumented APIs, potentially leading to memory corruption, code execution, extraction of secret keys, and permanent firmware modification. READ MORE...
With AI chatbots, Big Tech is moving fast and breaking people
Allan Brooks, a 47-year-old corporate recruiter, spent three weeks and 300 hours convinced he'd discovered mathematical formulas that could crack encryption and build levitation machines. According to a New York Times investigation, his million-word conversation history with an AI chatbot reveals a troubling pattern: More than 50 times, Brooks asked the bot to check if his false ideas were real. More than 50 times, it assured him they were. READ MORE...
- ...in 1910, Walden W. Shaw and John D. Hertz forms the Walden W. Shaw Livery Company, which will later become the Yellow Cab Company.
- ...in 1944, after more than four years of Nazi occupation, Paris is liberated by the U.S. 4th Infantry Division.
- ...in 1985, New York Mets pitcher Dwight Gooden becomes the youngest 20-game winner in Major League Baseball history.
- ...in 1989, NASA scientists receive stunning photographs of Neptune and its moons from Voyager 2.
