Pulse of Truth

Hackers allegedly broke into the FBI’s networks, according to a report by CNN.

Last year California’s Digital Age Assurance Act (AB 1043) was signed into law, requiring among other things that operating system providers implement an API for age verification purposes. With the …read more

Of the 90 zero-days GTIG tracked in 2025, 43 hit enterprise tech Zero-day exploitation targeting enterprise tech products reached an all-time high last year, with China-linked cyber-espionage groups remaining the most prolific state-backed users, according to Google.…

A cybersecurity competition produced what may be the largest controlled dataset comparing AI-augmented teams to human-only teams on professional-grade offensive security tasks. The event, called NeuroGrid, ran for 72 hours on the Hack The Box platform and drew 1,337 registered human-only teams and 156 registered AI-agent teams competing across 36 challenges in nine security domains at four difficulty levels. AI teams operated through Model Context Protocol with human oversight in the loop. The analysis covers … More → The post What happens when AI teams compete against human hackers appeared first on Help Net Security.

Pakistan's APT36 threat group has begun using vibe-coding to churn out mediocre malware, but at a scale that could overwhelm defenses.

Governments are preparing for 6G, the next generation of mobile networks, placing security and resilience among their top priorities. In response, seven countries participating in the Global Coalition on Telecoms (GCOT) have introduced a set of 6G Security and Resilience Principles, developed with support from industry partners. The coalition brings together the governments of the United Kingdom, the United States, Canada, Japan, and Australia. Sweden and Finland recently joined as new members. Industry partners supporting … More → The post Western governments lay the groundwork for secure 6G networks appeared first on Help Net Security.

Sander Lutz / Decrypt: The FBI arrests the son of a federal contractor who managed critical services and charges him with stealing ~$46M in crypto from the US Marshals Service  —  John Daghita was publicly accused of the crime by blockchain sleuth ZachXBT in January.  —  In brief

Comments

The person behind the $5M crypto theft confessed to South Korean police and returned the funds — before they were stolen again. The post Crypto leaked by South Korean tax officials stolen a second time appeared first on Protos.

Europol seizes LeakBase cybercrime and hacker forum used to trade stolen data, disrupting a global platform with over 140,000 members.

Spanish and Ukrainian law enforcement authorities dismantled a criminal ring that exploited war-displaced Ukrainian women to run an online gambling scheme that laundered nearly €4.75 million in illicit proceeds. [...]

Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances. [...]

Much of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage.

Bank details and intimate moments captured without people realizing they are being recorded are the new privacy nightmare behind the latest tech fashion hit, Meta Ray-Ban smart glasses. A joint investigation by Svenska Dagbladet and Göteborgs-Posten found that footage and audio recorded by Meta’s Ray-Ban smart glasses are reviewed by human contractors in Kenya, including recordings containing sensitive personal material. A contractor workforce in Nairobi A troubling reality for tech giants is that a large … More → The post Workers reviewing Meta Ray-Ban footage encounter users’ intimate moments appeared first on Help Net Security.

[This is a Guest Diary by Joseph Gruen, an ISC intern as part of the SANS.edu BACS program]

Lindsey Weedston / The Daily Dot: Deveillance's upcoming anti-surveillance device, Spectre I, went viral after its founder said it blocks nearby listening devices with AI, but some are skeptical  —  “This would be extraordinary and would require equally extraordinary proof if true.” … A startup called Deveillance …

Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed A developer says their company is on the hook for more than $82,000 in unauthorized charges after a stolen Google Gemini API key racked massive usage costs up in just 48 hours.…

Joe Tidy / BBC: TikTok won't add E2EE to DMs because it would prevent police and safety teams from reading messages if needed, saying it wants to protect young users from harm  —  TikTok will not introduce end-to-end encryption (E2EE) - the controversial privacy feature used by nearly all its rivals - arguing it makes users less safe.

A highly sophisticated set of iPhone hijacking techniques has likely infected tens of thousands of phones or more. Clues suggest it was originally built for the US government.

A powerful iOS exploit kit has circulated among multiple threat actors over the past year, moving from a commercial surveillance operation to state-linked espionage campaigns and, ultimately, ended into the hands of financially motivated hackers, according to new research from Google’s Threat Intelligence Group (GTIG). “The exploit kit, named ‘Coruna’ by its developers, contained five full iOS exploit chains and a total of 23 exploits,” the analysts noted. The exploit list includes both CVE-tracked vulnerabilities … More → The post Coruna: Spy-grade iOS exploit kit powering financial crime appeared first on Help Net Security.

AI chatbot Claude going down is just one example of a recent IT outage. One of the main vulnerabilities of the modern internet is to blame for the growing number of incidents

Phishing drives about 90% of cyberattacks in 2026, using tactics like encrypted flows, QR code scams, and trusted cloud platforms to steal credentials.

Reports of a "Great British Firewall" are exaggerated. And even if they wanted to, here's why it would be virtually impossible.