Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- OpenAI furious DeepSeek might have stolen all the data OpenAI stole from us
- Microsoft now hosts AI model accused of copying OpenAI data
- WhatsApp says journalists and civil society members were targets of Israeli spyware
- EU sanctions Russian GRU hackers for cyberattacks against Estonia
- Google says hackers abuse Gemini AI to empower their attacks
- Cracked and Nulled marketplaces disrupted in international cyber operation
- Google blocked 2.36 million risky Android apps from Play Store in 2024
For the more technical
- Get the latest software updates from Apple
- Stealing HttpOnly cookies with the cookie sandwich technique
- Clone2Leak: Your Git credentials belong to us
- The J-magic show: Magic packets and where to find them
- Wiz research uncovers exposed DeepSeek database leaking sensitive information, including chat history
- Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics
- BYOVD to the next level. Blind EDR with Windows Symbolic Link
- New SLAP & FLOP attacks expose Apple M-series chips to speculative execution exploits
- Browser Syncjacking: How any browser extension can be used to takeover your device
- Threat actors take taxes into account
- Active exploitation: New Aquabot variant phones home
- Active exploitation of zero-day Zyxel CPE vulnerability (CVE-2024-40891)
- Arctic Wolf observes campaign exploiting SimpleHelp RMM software for initial access
- Coyote Banking Trojan: A stealthy attack via LNK files
- Lumma Stealer’s GitHub-based delivery explored via managed detection and response
- Phorpiex – downloader delivering ransomware
- APT28, the long hand of Russian interests
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.