Cybersecurity

UEFI Secure Boot for Linux Arm64 – where do we stand?

Still exotic for now, but moves are afoot Arm devices are everywhere today and many of them run Linux. The operating system also powers cloud computing and IT environments all over the world. However, x86 is still the dominant architecture of global computer hardware, where the Unified Extensible…

Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack

Google and ETH Zurich found problems with AMD/SK Hynix combo, will probe other hardware Researchers from Google and Swiss university ETH Zurich have found a new class of Rowhammer vulnerability that could allow attackers to access info stored in DDR5 memory.…

Apple 0-day likely used in spy attacks affected devices as old as iPhone 8

May have been used in 'extremely sophisticated' attacks against 'specific targeted individuals' Apple backported a fix to older iPhones and iPads for a serious bug it patched last month – but only after it may have been exploited in what the company calls "extremely sophisticated" attacks.…

Self-propagating worm fuels latest npm supply chain compromise

Intrusions bear the same hallmarks as recent Nx mess The npm platform is the target of another supply chain attack, with crims already compromising 187 packages and counting.…

‘FileFix’ attacks use fake Facebook security alerts to trick victims into running infostealers

Tech evolved from PoC to global campaign in under two months An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader.…

JLR stuck in neutral as losses skyrocket amid cyberattack cleanup

Latest extension to factory closures takes incident response into fourth week Jaguar Land Rover (JLR) has announced a further extension to its multi-site global shutdown, bringing its cyber-related downtime to nearly four weeks.…

China slaps 1-hour deadline on reporting serious cyber incidents

Cyberspace watchdog tightens reporting regime, leaving little time to hide incidents Beijing will soon expect Chinese network operators to 'fess up to serious cyber incidents within an hour of spotting them – or risk penalties for dragging their feet.…

Security begins with visibility: How IGA brings hidden access risks to light

Who has access to what? Without centralized governance, orgs struggle to answer this simple question. Partner Content  From the moment users log onto their machines, access rights shape their experience. Access rights determine which apps they can run, which directories they can open, and what information they can…

Former FinWise employee may have accessed nearly 700K customer records

Bank says incident went undetected for over a year before discovery in June A US fintech biz is writing to nearly 700,000 customers because a former employee may have accessed or acquired their data after leaving the company.…

Nork snoops whip up fake South Korean military ID with help from ChatGPT

Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory North Korean spies used ChatGPT to generate a fake military ID for use in an espionage campaign against a South Korean defense-related institution, according to new research.…

Copyright © 2026 Lugapel