Will special operators fly armed dune buggies into battles of the future? Meet the fan-powered, parachute-equipped vehicle designed to carry elite teams through the air into hot zones — the Skyrunner. 5 days ago
Google fixes actively exploited sandbox escape zero day in Chrome
Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser’s sandbox protection. The vulnerability is identified as CVE-2025-6558 and received a high-severity rating of 8.8. It was discovered by researchers at Google’s Threat Analysis Group (TAG) on June 23. The security
UK launches vulnerability research program for external experts
UK’s National Cyber Security Centre (NCSC) has announced a new Vulnerability Research Initiative (VRI) that aims to strengthen relations with external cybersecurity experts. The agency already conducts internal vulnerability research on a wide range of technologies and will continue to do so. However, the launch of VRI will create a parallel program designed to improve
Will Congress approve of the Pentagon’s budget?
Will Congress approve of the Pentagon’s budget? The Pentagon has submitted its 2026 budget – but at the end of the day, it’s just a request. How will Congress react? Our panel looks ahead. 11 days ago
Google Gemini flaw hijacks email summaries for phishing
Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. Such an attack leverages indirect prompt injections that are hidden inside an email and obeyed by Gemini when generating the message summary. Despite
Hackers are exploiting critical RCE flaw in Wing FTP Server
Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. The observed attack ran multiple enumeration and reconnaissance commands followed by establishing persistence by creating new users. The exploited Wing FTP Server vulnerability is tracked as CVE-2025-47812 and received the
‘123456’ password exposed chats for 64 million McDonald’s job applicants
Cybersecurity researchers discovered a vulnerability in McHire, McDonald’s chatbot job application platform, that exposed the chats of more than 64 million job applicants across the United States. The flaw was discovered by security researchers Ian Carroll and Sam Curry, who found that the ChatBot’s admin panel utilized a test franchise that was protected by weak
Windows 11 now uses JScript9Legacy engine for improved security
Microsoft announced that it has replaced the default scripting engine JScript with the newer and more secure JScript9Legacy on Windows 11 version 24H2 and later. The decision is driven by security concerns, as JScript9Legacy is expected to offer better protection against web threats, such as cross-site scripting (XSS), and also improved performance. “To provide a more
Microsoft Authenticator on iOS moves backups fully to iCloud
Microsoft is rolling out a new backup system in September for its Authenticator app on iOS, removing the requirement to use a Microsoft personal account to back up TOTP secrets and account names. Previously, the Microsoft Authenticator app required iOS users to sign in with a personal Microsoft Account to enable backups, regardless of whether they
Samsung announces major security enhancements coming to One UI 8
Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android. Key highlights include the introduction of a system-level architecture named Knox Enhanced Encrypted Protection (KEEP), upgrades to Knox Matrix, and the addition of quantum resistance to WiFi connectivity. Keeping