lemmydev2

Zac Bowden / Windows Central: In the latest Windows 11 preview build, Microsoft removed the “bypassnro” command, which let users skip signing into a Microsoft Account when installing Windows  —  The popular “bypassnro” command, which let users to skip connecting to the Internet and signing into a Microsoft Account, is being removed.

Disney’s latest release, Snow White (2025), has turned into a cybersecurity crisis for unsuspecting users. With a disappointing IMDb rating of 1.6/10 and lackluster box office results, the film’s absence from Disney+ has led many to search for pirated versions online.  Cybercriminals have seized this opportunity to launch a sophisticated malware campaign targeting torrent users. […] The post Fake Snow White Movie Attacking Viewers Device With New Malware appeared first on Cyber Security News.

Researchers has identified a novel mobile banking Trojan, designated “Crocodilus,” marking a significant advancement in the evolution of Android-targeted malware. Unlike predecessors such as Anatsa, Octo, and Hook, which incrementally refined their capabilities, Crocodilus emerges as a fully mature threat, integrating sophisticated features including overlay attacks, accessibility-based data harvesting, remote access trojan (RAT) functionality, and […] The post Crocodilus – A New Android Malware Remotely Control Your Android Devices appeared first on Cyber Security News.

Cloudflare announced the open-sourcing of OPKSSH (OpenPubkey SSH) on March 25, 2025.  This technology integrates single sign-on (SSO) with SSH authentication, eliminating the need for manual SSH key management.  Previously owned by BastionZero (acquired by Cloudflare), the code has been donated to the OpenPubkey project under the Apache 2.0 license. The announcement represents a significant […] The post Cloudflare Announces OpenPubkey SSH to Integrate Single-Sign-on With SSH appeared first on Cyber Security News.

Alleged breaches affect Oracle Cloud and Oracle Health.

A new court document shows the FBI raced to stop hackers moving the ransom Caesars paid, with authorities freezing much of the extortion payment.

Posted by Chrome Root Program, Chrome Security Team

The Chrome Root Program launched in 2022 as part of Google’s ongoing commitment to upholding secure and reliable network connections in Chrome. We previously described how the Chrome Root Program keeps users safe, and described how the program is focused on promoting technologies and practices that strengthen the underlying security assurances provided by Transport Layer Security (TLS). Many of these initiatives are described on our forward looking, public roadmap named “Moving Forward, Together.”

At a high-level, “Moving Forward, Together” is our vision of the future. It is non-normative and considered distinct from the requirements detailed in the Chrome Root Program Policy. It’s focused on themes that we feel are essential to further improving the Web PKI ecosystem going forward, complementing Chrome’s core principles of speed, security, stability, and simplicity. These themes include:

Encouraging modern infrastructures and agility

Focusing on simplicity

Promoting automation

Reducing mis-issuance

Increasing accountability and ecosystem integrity

Streamlining and improving domain validation practices

Preparing for a "post-quantum" world

Earlier this month, two “Moving Forward, Together” initiatives became required practices in the CA/Browser Forum Baseline Requirements (BRs). The CA/Browser Forum is a cross-industry group that works together to develop minimum requirements for TLS[...]

Financial Times: Sources: the EU will impose minimal fines on Apple and Meta next week, far below the DMA's 10% of global turnover cap, to avoid tensions with President Trump  —  Brussels to push ahead with enforcing digital rules on Big Tech groups but with low financial penalties for breaches

89% of healthcare organizations have the top 1% of riskiest Internet of Medical Things (IoMT) devices – which contain known exploitable vulnerabilities (KEVs) linked to active ransomware campaigns as well as an insecure connection to the internet – on their networks, according to Claroty. These figures represent a highly targeted, critical area where most security teams should prioritize their remediation efforts. The report is based on an analysis of over 2.25 million IoMT and 647,000 … More → The post Healthcare’s alarming cybersecurity reality appeared first on Help Net Security.

Global cybersecurity spending is expected to grow by 12.2% in 2025, according to the latest forecast from the IDC Worldwide Security Spending Guide. The rise in cyber threats is pushing organizations to invest more in their defenses. AI tools are making these threats more sophisticated, which is adding to the urgency. IDC says this steady climb in spending will continue through 2028, hitting $377 billion by then. The U.S. and Western Europe will still make … More → The post Cybersecurity spending set to jump 12.2% in 2025 appeared first on Help Net Security.

Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers' systems. [...]

Irish and Spanish law enforcement authorities have successfully apprehended 12 members of a high-risk criminal network in a coordinated operation spanning both countries.  The arrests, announced on March 26, 2025, included six suspects in Ireland and six in Spain, all allegedly involved in large-scale drug trafficking operations.  The criminals were identified through digital evidence obtained […] The post 12 Cybercriminals Arrested Following Takedown of Ghost Communication Platform appeared first on Cyber Security News.