News
Fairlife Ransomware Attack Stops All US Milk Production: IT-OT Breach Unconfirmed
1+ hour, 18+ min ago (765+ words) Ransomware has shut down every US production facility belonging to Fairlife, the Coca-Cola subsidiary that generates nearly $4 billion in annual sales, with investigators still unable to answer the one question that determines how serious this attack really was: did the…...
Vishing Call Brought Down TfL: Scattered Spider Duo Jailed in Record UK Prosecution
1+ hour, 3+ min ago (819+ words) A phone call to a helpdesk worker broke open one of the largest public transport networks in the world. The attack ran from August 31 to September 3, 2024, across a network that handles roughly nine million journeys a day. Once inside, Flowers…...
GoSerpent Backdoor Looted Police and Biometric Data Across Southeast Asia for Five Years
8+ hour, 31+ min ago (453+ words) What makes the campaign technically notable is how the final data transfer happened: it looked like an authorized employee accessing a file share — because the attackers used credentials stolen months earlier to do exactly that. Standard network monitoring tools, which…...
No Fix for Stolen DNA: 42 States Win $18M From 23andMe Over Feature Flaw
8+ hour, 57+ min ago (409+ words) The 42-state $18 million settlement announcement represents the culmination of a multistate investigation launched immediately after the October 2023 disclosure. Investigators concluded that 23andMe had engaged in unreasonable data security practices — a finding the company contested. The company did not launch a full…...
Cursor Patched a Silent Repo-Poisoning Zero-Day With No Advisory and No CVE
9+ hour, 34+ min ago (441+ words) Clone a stranger's repository and open it in Cursor on Windows. That is the entire exploit. If the repository contains a file named git.exe at its root, the AI IDE runs it immediately — no click, no approval dialog, no…...
Grok Build Open-Sourced After Covert Upload: Code to Exfiltrate Repos Stays In
1+ day, 15+ hour ago (319+ words) Any developer who ran Grok Build before July 13, 2026 in a directory containing a Git repository should treat every credential in their tracked files and commit history as potentially transmitted to xAI's servers — including API keys, database passwords, cloud tokens, and…...
OpenAI Built an AI to Attack Itself: GPT-Red Exposed Flaws Humans Missed
1+ day, 23+ hour ago (502+ words) GPT-Red is trained using self-play reinforcement learning — the same general training paradigm that produced superhuman chess and Go programs, applied here to adversarial AI security. The compute cost is substantial — OpenAI trained GPT-Red at a scale comparable to its largest…...
Prompt Injection Flipped: Defender Plants Text That Stops AI Attackers
2+ day, 4+ hour ago (577+ words) The new research asks whether a canary can do more than raise an alarm — whether the decoy itself can slow or stop the attack. A context bomb is a short piece of text placed directly inside a canary resource: a…...
Post-Quantum Cryptography Comes to Windows TLS: Three ML-KEM Groups Now Configurable
2+ day, 6+ hour ago (273+ words) The ML-KEM hybrid groups ship disabled by default. Enabling them requires explicit administrator action — an intentional design choice that gives organizations time to test before broad deployment. Configuration routes mirror those used for existing TLS elliptic-curve preferences, as documented on…...
Ant Group Open-Sources Agent Security Tool Days After Agentic Ransomware Hit
2+ day, 23+ hour ago (497+ words) To understand why SingGuard matters, it helps to understand what JadePuffer actually did. What made the attack remarkable was not the sophistication of any individual technique. None of the specific moves were novel or clever. What was new was that an…...