Pulse of Truth

There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype. Quarterly breakdown (Source: Sonatype) The Q1 figure represents a significant decrease from the more than 34,000 malicious packages discovered last quarter, largely due to a sharp drop in security holdings packages. However, compared to the same period last year, the overall malware count more than doubled. … More → The post Open-source malware doubles, data exfiltration attacks dominate appeared first on Help Net Security.

In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, including edge devices such as firewalls and VPNs, and by leveraging valid accounts. Compromised credentials remain the top cause of attacks The combination of external remote services and valid accounts aligns with the top root causes of attacks. For the second year in row, compromised credentials were the number one … More → The post Cybercriminals exfiltrate data in just three days appeared first on Help Net Security.

"I would log in and I couldn’t see my children but I could see a kid in California. I refreshed and would see a different child.”

A Y Combinator partner proudly launched an AI recipe app that told people how to make “Actual Cocaine” and a “Uranium Bomb.”

First 27 satellites.

Automated AI bots seeking training data threaten Wikipedia project stability, foundation says.

The Wikimedia Foundation, the umbrella organization of Wikipedia and a dozen or so other crowdsourced knowledge projects, said on Wednesday that bandwidth consumption for multimedia downloads from Wikimedia Commons has surged by 50% since January 2024. The reason, the outfit wrote in a blog post Tuesday, isn’t due to growing demand from knowledge-thirsty humans, but […]

A survey by Naoris Protocol highlights growing concerns among IT leaders over cybersecurity vulnerabilities, indicating that a shift may be needed toward decentralized infrastructure for resilience and security, ComputerWeekly reports.

Microsoft recently shared the discovery of several critical vulnerabilities in open-source bootloaders, notably GRUB2 . These findings are particularly significant for us Linux security admins, who must now address these newly identified risks to ensure robust boot security on their systems.

A generative AI nudify service has been found storing explicit deepfakes in an unprotected cloud database.

Microsoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today. [...]

Encrypted messaging app Signal continues to see spiking downloads in the wake of the messaging scandal that saw The Atlantic’s editor-in-chief Jeffrey Goldberg added to a group chat where high-ranking officials in the Trump administration were discussing an attack on Houthi rebels in Yemen. The resulting press coverage around the leak of these sensitive plans […]

Amazon has disabled two key privacy features in its Alexa smart speakers, in a push to introduce artificial intelligence-powered "agentic capabilities" and turn a profit from the popular devices.

Indiana University quietly removes profile of tenured professor and refuses to say why.

ChatGPT's new image generator is raising concerns for being really good at creating fake receipts.

​North Korea's IT workers have expanded operations beyond the United States and are now increasingly targeting organizations across Europe. [...]

arXiv:2503.23175v1 Announce Type: new Abstract: Several recent works have argued that Large Language Models (LLMs) can be used to tame the data deluge in the cybersecurity field, by improving the automation of Cyber Threat Intelligence (CTI) tasks. This work presents an evaluation methodology that other than allowing to test LLMs on CTI tasks when using zero-shot learning, few-shot learning and fine-tuning, also allows to quantify their consistency and their confidence level. We run experiments with three state-of-the-art LLMs and a dataset of 350 threat intelligence reports and present new evidence of potential security risks in relying on LLMs for CTI. We show how LLMs cannot guarantee sufficient performance on real-size reports while also being inconsistent and overconfident. Few-shot learning and fine-tuning only partially improve the results, thus posing doubts about the possibility of using LLMs for CTI scenarios, where labelled datasets are lacking and where confidence is a fundamental factor.

New Turing Institute Report Urges Government to Create AI Crime Task ForceBritish law enforcement agencies are ill-equipped to tackle artificial intelligence-enabled cybercrime, a report by The Alan Turing Institute says, pointing to an "enormous gap" between police technical capabilities and the growing sophistication of threat actors.

Explanation leaves a 'lot of questions unanswered,' says infosec researcher A digital burglar is claiming to have nabbed a trove of "highly sensitive" data from Check Point - something the American-Israeli security biz claims is a huge exaggeration.…

Hackers Claim on BreachForums to Have Stolen 'Highly Sensitive' DataIsraeli cybersecurity firm Check Point rejected Monday a hackers' assertion that he stole "highly sensitive" information offered for sale on an online marketplace for illicit data. The incident "doesn’t pose and risk or has any security implications to our customers or employees."

France’s antitrust regulator fined Apple Inc. €150 million ($162 million) after a lengthy probe into how the technology company asks to collect iOS users’ data and the impact on advertisers.

Software also found in states, critical infrastructure.

Georgina Quach / Financial Times: Barclays, Monzo, Lloyds, and other major UK banks join Amazon, Google, Match, Meta, BT, and Three in committing to live data sharing in a UK fraud clampdown  —  Industry-led initiative promises to beat existing scam-monitoring systems  —  Britain's biggest banks, technology and telecoms companies …

Zac Bowden / Windows Central: In the latest Windows 11 preview build, Microsoft removed the “bypassnro” command, which let users skip signing into a Microsoft Account when installing Windows  —  The popular “bypassnro” command, which let users to skip connecting to the Internet and signing into a Microsoft Account, is being removed.

arXiv:2503.22156v1 Announce Type: new Abstract: Cryptocurrency is a novel exploration of a form of currency that proposes a decentralized electronic payment scheme based on blockchain technology and cryptographic theory. While cryptocurrency has the security characteristics of being distributed and tamper-proof, increasing market demand has led to a rise in malicious transactions and attacks, thereby exposing cryptocurrency to vulnerabilities, privacy issues, and security threats. Particularly concerning are the emerging types of attacks and threats, which have made securing cryptocurrency increasingly urgent. Therefore, this paper classifies existing cryptocurrency security threats and attacks into five fundamental categories based on the blockchain infrastructure and analyzes in detail the vulnerability principles exploited by each type of threat and attack. Additionally, the paper examines the attackers' logic and methods and successfully reproduces the vulnerabilities. Furthermore, the author summarizes the existing detection and defense solutions and evaluates them, all of which provide important references for ensuring the security of cryptocurrency. Finally, the paper discusses the future development trends of cryptocurrency, as well as the public challenges it may face.