Hack-for-hire group caught targeting Android devices and iCloud backups

Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal ...

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in ...

There’s a brilliant fingerprint hack hiding on your Samsung phone — here’s how to use it

Did you know you can use your Samsung phone's fingerprint sensor to open different apps? Here's how to set up this hidden ...

How ‘residential proxy networks’ invite hackers into your home

Americans may be unwittingly giving hackers an easy path to access their houses. Cybersecurity experts, including FBI ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.
The Hacker News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

A 4 a.m. scramble turned Anthropic's leak into a 'workflow revelation'

On X, Shou linked to a zip file with the leaked code. He is the CTO of Fuzzland and a dropout of the UC Berkeley Ph.D.
CNET

Keep Your Passwords Strong and Secure With These 9 Rules

Clifford led How To coverage. He spent a handful of years at Peachpit Press, editing books on everything from the first iPhone to Python. He also worked at a handful of now-dead computer magazines, ...

YouTube killed my comment alerts, so I vibe-coded a fix to get them back - in just 1 hour

With Gemini and a simple Python script, I rebuilt YouTube email alerts. Now I won't miss another comment. Here's how you can do the same.
Time

New ‘DarkSword’ Spyware Could Be Capable of Hacking Millions of iPhones, Researchers Find. Here’s What You Should Know

Hundreds of millions of iPhone users could be susceptible to hackers using a new malware tool called DarkSword if they have not recently updated their software, according to cyber-security researchers ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...