News

Tech Times
techtimes.com > articles > 320868 > 20/26/0717 > fairlife-ransomware-attack-stops-all-us-milk-production-it-ot-breach-unconfirmed.htm

Fairlife Ransomware Attack Stops All US Milk Production: IT-OT Breach Unconfirmed

1+ hour, 18+ min ago  (765+ words) Ransomware has shut down every US production facility belonging to Fairlife, the Coca-Cola subsidiary that generates nearly $4 billion in annual sales, with investigators still unable to answer the one question that determines how serious this attack really was: did the…...

Tech Times
techtimes.com > articles > 320871 > 20/26/0717 > vishing-call-brought-down-tfl-scattered-spider-duo-jailed-record-uk-prosecution.htm

Vishing Call Brought Down TfL: Scattered Spider Duo Jailed in Record UK Prosecution

1+ hour, 3+ min ago  (819+ words) A phone call to a helpdesk worker broke open one of the largest public transport networks in the world. The attack ran from August 31 to September 3, 2024, across a network that handles roughly nine million journeys a day. Once inside, Flowers…...

Tech Times
techtimes.com > articles > 320796 > 20/26/0717 > goserpent-backdoor-looted-police-biometric-data-across-southeast-asia-five-years.htm

GoSerpent Backdoor Looted Police and Biometric Data Across Southeast Asia for Five Years

8+ hour, 31+ min ago  (453+ words) What makes the campaign technically notable is how the final data transfer happened: it looked like an authorized employee accessing a file share — because the attackers used credentials stolen months earlier to do exactly that. Standard network monitoring tools, which…...

Tech Times
techtimes.com > articles > 320815 > 20/26/0717 > no-fix-stolen-dna-42-states-win-18m-23andme-over-feature-flaw.htm

No Fix for Stolen DNA: 42 States Win $18M From 23andMe Over Feature Flaw

8+ hour, 57+ min ago  (409+ words) The 42-state $18 million settlement announcement represents the culmination of a multistate investigation launched immediately after the October 2023 disclosure. Investigators concluded that 23andMe had engaged in unreasonable data security practices — a finding the company contested. The company did not launch a full…...

Tech Times
techtimes.com > articles > 320797 > 20/26/0717 > cursor-patched-silent-repo-poisoning-zero-day-no-advisory-no-cve.htm

Cursor Patched a Silent Repo-Poisoning Zero-Day With No Advisory and No CVE

9+ hour, 34+ min ago  (441+ words) Clone a stranger's repository and open it in Cursor on Windows. That is the entire exploit. If the repository contains a file named git.exe at its root, the AI IDE runs it immediately — no click, no approval dialog, no…...

Tech Times
techtimes.com > articles > 320671 > 20/26/0716 > grok-build-open-sourced-after-covert-upload-code-exfiltrate-repos-stays.htm

Grok Build Open-Sourced After Covert Upload: Code to Exfiltrate Repos Stays In

1+ day, 15+ hour ago  (319+ words) Any developer who ran Grok Build before July 13, 2026 in a directory containing a Git repository should treat every credential in their tracked files and commit history as potentially transmitted to xAI's servers — including API keys, database passwords, cloud tokens, and…...

Tech Times
techtimes.com > articles > 320656 > 20/26/0715 > openai-built-ai-attack-itself-gpt-red-exposed-flaws-humans-missed.htm

OpenAI Built an AI to Attack Itself: GPT-Red Exposed Flaws Humans Missed

1+ day, 23+ hour ago  (502+ words) GPT-Red is trained using self-play reinforcement learning — the same general training paradigm that produced superhuman chess and Go programs, applied here to adversarial AI security. The compute cost is substantial — OpenAI trained GPT-Red at a scale comparable to its largest…...

Tech Times
techtimes.com > articles > 320600 > 20/26/0715 > prompt-injection-flipped-defender-plants-text-that-stops-ai-attackers.htm

Prompt Injection Flipped: Defender Plants Text That Stops AI Attackers

2+ day, 4+ hour ago  (577+ words) The new research asks whether a canary can do more than raise an alarm — whether the decoy itself can slow or stop the attack. A context bomb is a short piece of text placed directly inside a canary resource: a…...

Tech Times
techtimes.com > articles > 320559 > 20/26/0715 > post-quantum-cryptography-comes-windows-tls-three-ml-kem-groups-now-configurable.htm

Post-Quantum Cryptography Comes to Windows TLS: Three ML-KEM Groups Now Configurable

2+ day, 6+ hour ago  (273+ words) The ML-KEM hybrid groups ship disabled by default. Enabling them requires explicit administrator action — an intentional design choice that gives organizations time to test before broad deployment. Configuration routes mirror those used for existing TLS elliptic-curve preferences, as documented on…...

Tech Times
techtimes.com > articles > 320508 > 20/26/0714 > ant-group-open-sources-agent-security-tool-days-after-agentic-ransomware-hit.htm

Ant Group Open-Sources Agent Security Tool Days After Agentic Ransomware Hit

2+ day, 23+ hour ago  (497+ words) To understand why SingGuard matters, it helps to understand what JadePuffer actually did. What made the attack remarkable was not the sophistication of any individual technique. None of the specific moves were novel or clever. What was new was that an…...