Author Archives: John Leyden

Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project’s author claims makes the “update process robust and effectively unexploitable.”… Continue reading Notepad++ declares hardened update process ‘effectively unexploitable’→

No worries if the US doesn’t want to be friends with Europe anymore Lockheed Martin’s F-35 fighter aircraft can be jailbroken “just like an iPhone,” the Netherlands’ defense secretary has claimed.… Continue reading You can jailbreak an F-35 just like an iPhone, says Dutch defense chief→

CEO lauds security researchers, insists they’re not ‘inputs’ HackerOne has clarified its stance on GenAI after researchers fretted their submissions were being used to train its models.… Continue reading HackerOne ‘updating’ Ts&Cs after bug hunters question if they’re training AI→

Sees little enterprise AI adoption other than coding assistants, buys Koi for what comes next If enterprises are implementing AI, they’re not showing it to Palo Alto Networks CEO Nikesh Arora, who on Tuesday said business adoption of the tech lags cons… Continue reading Palo Alto CEO says AI isn’t great for business, yet→

Full scale of infections remains ‘unknown’ China-linked attackers exploited a maximum-severity hardcoded-credential bug in Dell RecoverPoint for Virtual Machines as a zero-day since at least mid-2024. It’s all part of a long-running effort to backdoor … Continue reading China-linked snoops have been exploiting Dell 0-day since mid-2024, using ‘ghost NICs’ to avoid detection→

Plus 3 new goon squads targeted critical infrastructure last year Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew – Volt Typhoon – continued to compromise cellular gateways and routers, … Continue reading China remains embedded in US energy networks ‘for the purpose of taking it down’→

Keep behavioral tracking American? PC giant says the claim is ‘false’ A US law firm has accused Lenovo of violating Justice Department strictures about the bulk transfer of data to foreign adversaries, namely China.… Continue reading US lawyers fire up privacy class action accusing Lenovo of bulk data transfers to China→

Police say seized kit contained logins, passwords, and server IP addresses Polish police have arrested and charged a man over ties to the Phobos ransomware group following a property raid.… Continue reading Polish cops nab 47-year-old man in Phobos ransomware raid→

Digital burglaries remain routine, and data shows most corps still don’t stick to basic infosec standards Britain is telling businesses to “lock the door” on cybercrims as new government data suggests most still haven’t even found the latch.… Continue reading UK.gov launches cyber ‘lockdown’ campaign as 80% of orgs still leave door open→

Social media platform’s legal eagles prepare to fight ever-growing number of countries The Irish Data Protection Commission (DPC) is the latest regulator to open an investigation into Elon Musk’s X following repeated reports of harmful image generation… Continue reading Ireland joins regulator smackdown after X’s Grok AI accused of undressing people→