2025

SonicWall investigates ‘cyber incidents,’ including ransomware targeting suspected 0-day

Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day' SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.…

Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

Devs told to exercise 'extreme caution' with emails disguised as account update prompts Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.…

German phone repair biz collapses following 2023 ransomware attack

Founder miffed over prosecutors holding onto its Bitcoin The founder of a German mobile phone repair and insurance biz has begun insolvency proceedings for some operations in his company after struggling financially following a costly ransomware attack in 2023.…

When hyperscalers can’t safeguard one nation’s data from another, dark clouds are ahead

If it’s not on-prem, it’s on the menu Opinion  The details of cloud data regionalization are rarely the stuff of great drama. When they’ve reached the level of an exec admitting to the Senate that a foreign power can help itself to that nation's data, no matter where…

Millions of age checks performed as UK Online Safey Act gets rolling

But it's OK, claims Brit government, no personal data stored 'unless absolutely necessary' The UK government has reported that an additional five million age checks are being made daily as UK-based internet users seek to access age-restricted sites following the implementation of the Online Safety Act."…

China’s botched Great Firewall upgrade invites attacks on its censorship infrastructure

Attempts to censor QUIC traffic create chance to block access to offshore DNS resolvers China’s attempts to censor traffic carried using Quick UDP Internet Connections (QUIC) are imperfect and have left the country at risk of attacks that degrade its censorship apparatus, or even cut access to offshore…

Silent Push CEO on cybercrime takedowns: ‘It’s an ongoing cat-and-mouse game’

Plus: why takedowns aren't in threat-intel analysts' best interest interview  It started out small: One US financial services company wanted to stop unknown crooks from spoofing their trading app, tricking customers into giving the digital thieves their login credentials and account information, thus allowing them to drain their…

CISA roasts unnamed critical national infrastructure body for shoddy security hygiene

Plaintext passwords, shared admin accounts, and insufficient logging rampant at mystery org CISA is using the findings from a recent probe of an unidentified critical infrastructure organization to warn about the dangers of getting cybersecurity seriously wrong.…

OpenAI removes ChatGPT self-doxing option

Checkbox to make chatbot conversations appear in search engines deemed a footgun OpenAI has removed the option to make ChatGPT interactions indexable by search engines to prevent users from unwittingly exposing sensitive information.…

Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks

Our tests have shown there are ways to get around the promised security improvements exclusive  Microsoft Recall, the AI app that takes screenshots of what you do on your PC so you can search for it later, has a filter that's supposed to prevent it from screenshotting sensitive…

Copyright © 2026 Lugapel