Pulse of Truth

Encrypted messaging app Signal continues to see spiking downloads in the wake of the messaging scandal that saw The Atlantic’s editor-in-chief Jeffrey Goldberg added to a group chat where high-ranking officials in the Trump administration were discussing an attack on Houthi rebels in Yemen. The resulting press coverage around the leak of these sensitive plans […]

ChatGPT's new image generator is raising concerns for being really good at creating fake receipts.

Indiana University quietly removes profile of tenured professor and refuses to say why.

arXiv:2503.23175v1 Announce Type: new Abstract: Several recent works have argued that Large Language Models (LLMs) can be used to tame the data deluge in the cybersecurity field, by improving the automation of Cyber Threat Intelligence (CTI) tasks. This work presents an evaluation methodology that other than allowing to test LLMs on CTI tasks when using zero-shot learning, few-shot learning and fine-tuning, also allows to quantify their consistency and their confidence level. We run experiments with three state-of-the-art LLMs and a dataset of 350 threat intelligence reports and present new evidence of potential security risks in relying on LLMs for CTI. We show how LLMs cannot guarantee sufficient performance on real-size reports while also being inconsistent and overconfident. Few-shot learning and fine-tuning only partially improve the results, thus posing doubts about the possibility of using LLMs for CTI scenarios, where labelled datasets are lacking and where confidence is a fundamental factor.

New Turing Institute Report Urges Government to Create AI Crime Task ForceBritish law enforcement agencies are ill-equipped to tackle artificial intelligence-enabled cybercrime, a report by The Alan Turing Institute says, pointing to an "enormous gap" between police technical capabilities and the growing sophistication of threat actors.

Amazon has disabled two key privacy features in its Alexa smart speakers, in a push to introduce artificial intelligence-powered "agentic capabilities" and turn a profit from the popular devices.

Explanation leaves a 'lot of questions unanswered,' says infosec researcher A digital burglar is claiming to have nabbed a trove of "highly sensitive" data from Check Point - something the American-Israeli security biz claims is a huge exaggeration.…

Hackers Claim on BreachForums to Have Stolen 'Highly Sensitive' DataIsraeli cybersecurity firm Check Point rejected Monday a hackers' assertion that he stole "highly sensitive" information offered for sale on an online marketplace for illicit data. The incident "doesn’t pose and risk or has any security implications to our customers or employees."

Georgina Quach / Financial Times: Barclays, Monzo, Lloyds, and other major UK banks join Amazon, Google, Match, Meta, BT, and Three in committing to live data sharing in a UK fraud clampdown  —  Industry-led initiative promises to beat existing scam-monitoring systems  —  Britain's biggest banks, technology and telecoms companies …

France’s antitrust regulator fined Apple Inc. €150 million ($162 million) after a lengthy probe into how the technology company asks to collect iOS users’ data and the impact on advertisers.

Software also found in states, critical infrastructure.

arXiv:2503.22156v1 Announce Type: new Abstract: Cryptocurrency is a novel exploration of a form of currency that proposes a decentralized electronic payment scheme based on blockchain technology and cryptographic theory. While cryptocurrency has the security characteristics of being distributed and tamper-proof, increasing market demand has led to a rise in malicious transactions and attacks, thereby exposing cryptocurrency to vulnerabilities, privacy issues, and security threats. Particularly concerning are the emerging types of attacks and threats, which have made securing cryptocurrency increasingly urgent. Therefore, this paper classifies existing cryptocurrency security threats and attacks into five fundamental categories based on the blockchain infrastructure and analyzes in detail the vulnerability principles exploited by each type of threat and attack. Additionally, the paper examines the attackers' logic and methods and successfully reproduces the vulnerabilities. Furthermore, the author summarizes the existing detection and defense solutions and evaluates them, all of which provide important references for ensuring the security of cryptocurrency. Finally, the paper discusses the future development trends of cryptocurrency, as well as the public challenges it may face.

Microsoft has begun testing a new Windows 11 tool called Quick Machine Recovery, which is designed to remotely deploy fixes for buggy drivers and configurations that prevent the operating system from starting. [...]

Zac Bowden / Windows Central: In the latest Windows 11 preview build, Microsoft removed the “bypassnro” command, which let users skip signing into a Microsoft Account when installing Windows  —  The popular “bypassnro” command, which let users to skip connecting to the Internet and signing into a Microsoft Account, is being removed.

Alleged breaches affect Oracle Cloud and Oracle Health.

Disney’s latest release, Snow White (2025), has turned into a cybersecurity crisis for unsuspecting users. With a disappointing IMDb rating of 1.6/10 and lackluster box office results, the film’s absence from Disney+ has led many to search for pirated versions online.  Cybercriminals have seized this opportunity to launch a sophisticated malware campaign targeting torrent users. […] The post Fake Snow White Movie Attacking Viewers Device With New Malware appeared first on Cyber Security News.

Cloudflare announced the open-sourcing of OPKSSH (OpenPubkey SSH) on March 25, 2025.  This technology integrates single sign-on (SSO) with SSH authentication, eliminating the need for manual SSH key management.  Previously owned by BastionZero (acquired by Cloudflare), the code has been donated to the OpenPubkey project under the Apache 2.0 license. The announcement represents a significant […] The post Cloudflare Announces OpenPubkey SSH to Integrate Single-Sign-on With SSH appeared first on Cyber Security News.

Researchers has identified a novel mobile banking Trojan, designated “Crocodilus,” marking a significant advancement in the evolution of Android-targeted malware. Unlike predecessors such as Anatsa, Octo, and Hook, which incrementally refined their capabilities, Crocodilus emerges as a fully mature threat, integrating sophisticated features including overlay attacks, accessibility-based data harvesting, remote access trojan (RAT) functionality, and […] The post Crocodilus – A New Android Malware Remotely Control Your Android Devices appeared first on Cyber Security News.

Financial Times: Sources: the EU will impose minimal fines on Apple and Meta next week, far below the DMA's 10% of global turnover cap, to avoid tensions with President Trump  —  Brussels to push ahead with enforcing digital rules on Big Tech groups but with low financial penalties for breaches

Global cybersecurity spending is expected to grow by 12.2% in 2025, according to the latest forecast from the IDC Worldwide Security Spending Guide. The rise in cyber threats is pushing organizations to invest more in their defenses. AI tools are making these threats more sophisticated, which is adding to the urgency. IDC says this steady climb in spending will continue through 2028, hitting $377 billion by then. The U.S. and Western Europe will still make … More → The post Cybersecurity spending set to jump 12.2% in 2025 appeared first on Help Net Security.

A new court document shows the FBI raced to stop hackers moving the ransom Caesars paid, with authorities freezing much of the extortion payment.

Posted by Chrome Root Program, Chrome Security Team

The Chrome Root Program launched in 2022 as part of Google’s ongoing commitment to upholding secure and reliable network connections in Chrome. We previously described how the Chrome Root Program keeps users safe, and described how the program is focused on promoting technologies and practices that strengthen the underlying security assurances provided by Transport Layer Security (TLS). Many of these initiatives are described on our forward looking, public roadmap named “Moving Forward, Together.”

At a high-level, “Moving Forward, Together” is our vision of the future. It is non-normative and considered distinct from the requirements detailed in the Chrome Root Program Policy. It’s focused on themes that we feel are essential to further improving the Web PKI ecosystem going forward, complementing Chrome’s core principles of speed, security, stability, and simplicity. These themes include:

Encouraging modern infrastructures and agility

Focusing on simplicity

Promoting automation

Reducing mis-issuance

Increasing accountability and ecosystem integrity

Streamlining and improving domain validation practices

Preparing for a "post-quantum" world

Earlier this month, two “Moving Forward, Together” initiatives became required practices in the CA/Browser Forum Baseline Requirements (BRs). The CA/Browser Forum is a cross-industry group that works together to develop minimum requirements for TLS[...]

89% of healthcare organizations have the top 1% of riskiest Internet of Medical Things (IoMT) devices – which contain known exploitable vulnerabilities (KEVs) linked to active ransomware campaigns as well as an insecure connection to the internet – on their networks, according to Claroty. These figures represent a highly targeted, critical area where most security teams should prioritize their remediation efforts. The report is based on an analysis of over 2.25 million IoMT and 647,000 … More → The post Healthcare’s alarming cybersecurity reality appeared first on Help Net Security.

Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid. [...]

Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers' systems. [...]