Pulse of Truth

Margaret Attridge / Courthouse News Service: A US jury finds Meta violated the California Invasion of Privacy Act when it intentionally recorded the health data of women via the period tracking app Flo  —  The jury got to decide how seriously Big Tech takes privacy, the attorney for a class of Flo users said in closing arguments.

Won't someone think of the King of Ink?!

Our tests have shown there are ways to get around the promised security improvements exclusive  Microsoft Recall, the AI app that takes screenshots of what you do on your PC so you can search for it later, has a filter that's supposed to prevent it from screenshotting sensitive info like credit card numbers. But a The Register test shows that it still fails in many cases, creating a potential treasure trove for thieves.…

US semiconductor giant is trying to revive sales in the country.

Cybersecurity researchers have successfully demonstrated how Large Language Model (LLM) honeypots can effectively deceive threat actors into revealing their attack methodologies and malicious payloads. In a recent breakthrough incident, an SSH-based LLM honeypot managed to capture a real threat actor who unknowingly interacted with the artificial intelligence system, believing they had compromised a legitimate server […] The post LLM Honeypot’s Can Trick Threat Actors to Leak Binaries and Known Exploits appeared first on Cyber Security News.

Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel the brunt.

The Tea app is a warning.

Crims warned 40% of respondents that they and their families would suffer Ransomware gangs now frequently threaten physical violence against employees and their families as a way to force victim organizations into paying their demands.…

Russia spying on foreign embassies? Say it ain't so Russian cyberspies are abusing local internet service providers' networks to target foreign embassies in Moscow and collect intel from diplomats' devices, according to a Microsoft Threat Intelligence warning.…

If you want to work with dead bodies, AI probably won't steal your career.

A covert ATM attack used a Raspberry Pi to breach bank systems, employing stealthy malware and anti-forensics techniques

Cyber threats are becoming more frequent and sophisticated, and rural hospitals and clinics are feeling the pressure from all sides: tight budgets, small teams, limited training, complex technology, and vendors that do not always offer much help. Often, they are left juggling security tools without the IT support to use them effectively, according to Paubox. Compared to their urban counterparts, rural healthcare organizations are hitting more cybersecurity roadblocks, and not just in one or two … More → The post Why rural hospitals are losing the cybersecurity battle appeared first on Help Net Security.

FBI Dallas seized 20 BTC from Chaos ransomware affiliate “Hors,” tied to cyberattacks on Texas firms, on April 15, 2025. The FBI division in Dallas seized about 20 Bitcoins on April 15, 2025, from a wallet belonging to a Chaos ransomware affiliate named as “Hors.” The Hors affiliate is responsible for multiple cyberattacks on Texas […]

Lovense, the maker of internet-connected sex toys, left user emails exposed for months — even after it became aware of the vulnerability. In a blog post spotted by TechCrunch and Bleeping Computer, security researcher BobDaHacker found that they could “turn any username into their email address,” which they could then use to take over someone’s […]

Ernesto Londoño / New York Times: Gov. Tim Walz activates the Minnesota National Guard to help St. Paul address a cyberattack detected Friday that led the city to shut down many of its systems  —  Gov. Tim Walz of Minnesota activated the National Guard to help the city of St. Paul address a cyberattack that was detected last Friday.

Researchers from IMDEA Networks, in collaboration with Universidad Carlos III de Madrid, IMDEA Software Institute, and the University of Calgary, have conducted the first large-scale study—"Your Signal, Their Data: An Empirical Privacy Analysis of Wireless-scanning SDKs in Android"—on how certain Android mobile applications use a device's WiFi and Bluetooth connections to track users' movements in their daily lives, thereby violating their privacy.

Switzerland’s top research institutions are in early talks with arms makers including Rheinmetall AG to fund a new $250 million semiconductor plant, according to people familiar with the plans, as the historically neutral country wades deeper into defense amid surging European military spending.

A threat actor, Tsar0Byte, allegedly claimed to have breached the company’s internal network through a vulnerable third-party link, exposing sensitive data belonging to more than 94,500 employees. The alleged breach, reported on dark web forums including DarkForums, represents one of the most extensive corporate data exposures affecting Nokia in recent years. According to the threat […] The post Threat Actors Allegedly Claim Access to Nokia’s Internal Network appeared first on Cyber Security News.

AI models large and small were found to introduce cross-site scripting errors and seriously struggle with secure Java generation

"This step is necessary to prove I'm not a bot," wrote the bot as it passed an anti-AI screening step.

Alphabet Inc.’s YouTube will soon begin using artificial intelligence to determine whether viewers in the US are under the age of 18, following increased pressure on the biggest tech companies to strengthen online safety for children.

Cybersecurity researchers have discovered a new, large-scale mobile malware campaign that's targeting Android and iOS platforms with fake dating, social networking, cloud storage, and car service apps to steal sensitive personal data. The cross-platform threat has been codenamed SarangTrap by Zimperium zLabs. Users in South Korea appear to be the primary focus. "This extensive campaign involved

Rising SaaS security threats are being overlooked, new research shows

Plus, 60% don't have enough analysts to make sense of it Too many threats, too much data, and too few skilled security analysts are making companies more vulnerable to cyberattacks, according to the IT and security leaders tasked with protecting these organizations from digital threats.…

The more than one million messages obtained by 404 Media are as recent as last week, discuss incredibly sensitive topics, and make it trivial to unmask some anonymous Tea users.