Cybercriminals have compromised over 30,000 Fortinet firewalls and VPNs globally in a campaign dubbed FortiBleed. Hackers exploit weak or reused passwords to gain access, using compromised devices to steal more credentials and expand their reach. Major companies like Accenture, Comcast, and Samsung are among the victims.
Ahmedabad Cyber Crime Police arrested a 19-year-old student from Bihar for attempting to divert NEET-UG 2026 fee refunds to his accounts. The accused targeted 350 accounts, exploiting weak passwords in 150, but NTA's security systems helped foil the large-scale fraud.
Readers discuss the security benefits and drawbacks of passkeys, with some finding them confusing and others championing them as a superior alternative to passwords.
Apple enhances its default apps (Safari, Passwords, Messages, Calendar, Phone, Mail) with AI-powered features via Apple Intelligence, set to roll out with iOS 27, iPadOS 27, and macOS 27 later this year.
Hackers used Meta's AI-powered support chatbot to gain unauthorized access to high-profile Instagram accounts, including those of Barack Obama's White House and the US Space Force. Meta has since resolved the issue and is securing affected accounts.
Atlas Menu, a cheat service for Grand Theft Auto V, has been hacked, exposing nearly 64,000 accounts. Stolen data includes emails, usernames, scrambled passwords, IP addresses, and support tickets. The hacker claimed revenge against a scammer.
A public GitHub repository named "Private-CISA" exposed sensitive CISA assets like plaintext passwords and SSH keys since at least November 2025. The repo, managed by CISA contractor Nightwing, allowed high-level access to AWS GovCloud accounts.
A security researcher discovered publicly exposed credentials for CISA and DHS systems on GitHub, potentially averting a major breach. The credentials were left by a contractor's employee. CISA is investigating.
Yesterday, I told you how a hacker ran me over with a robot lawn mower. We explained how thousands of these bladed Chinese robots, made by Yarbo, could be hijacked with ease - exposing people's GPS coordinates, Wi-Fi passwords, email addresses, and more to any casual hacker who comes along. Today, Yarbo has issued a […]
Robinhood users are being targeted by a phishing attack that exploits Gmail's dot alias feature and flaws in Robinhood's account creation process. Scammers create fake Robinhood accounts using email addresses that differ only by dots (e.g., [email protected] vs [email protected]), then inject malicious HTML into the device name field. This sends emails from Robinhood's official noreply address that pass SPF, DKIM, and DMARC authentication, containing fake login warnings and phishing links. Robinhood confirmed the exploit but said no personal information or funds were impacted.
Police investigating sexual assault, sexual harassment, and religious coercion cases at TCS Nashik office face digital evidence challenges as the prime accused uses separate passwords for each file and application. The main accused, a TCS employee charged with rape, sexual harassment, and hurting religious sentiments, was taken to a forensic laboratory to unlock his Face ID-protected phone. Four suspects have been remanded in police custody until April 29.
The UK's National Cyber Security Centre has urged people to switch from passwords to passkeys, calling it an overhaul of decades of security practice. Passkeys use public key cryptography tied to devices with biometric sensors like Face ID and Touch ID, offering unique credentials for each website. While Apple, Google and X already support passkeys and the UK Government adopted them last year, experts caution they are 'not a silver bullet'.
Login method for apps and websites stored on users’ devices provides stronger security and is resistant to phishing and breachesThe UK’s National Cyber Security Centre has called time on the password – from now on, you should use a passkey.The NCSC said this week it would no longer recommend using passwords where passkeys were available. They should be consumers’ first choice of login across all digital services because passwords were not secure enough to stand up to modern cyber threats. Continue reading...
OpenAI has released a small, free model that strips names, addresses, passwords, and account numbers out of any text, right on your laptop, before you paste it into an AI chatbot.
The FBI announced the dismantling of the W3LL phishing operation, which allegedly targeted over 17,000 victims globally and facilitated over $20 million in fraud by selling phishing kits and stolen credentials.
