The North Korean state-sponsored hackers known as Kimsuky has reportedly suffered a data breach after two hackers, who describe themselves as the opposite of Kimsuky’s values, stole the group’s data and leaked it publicly online. The two hackers, named ‘Saber’ and ‘cyb0rg,’ cited ethical reasons for their actions, saying Kimsuky is “hacking for all the wrong reasons,” claiming
Google Calendar invites let researchers hijack Gemini to leak user data
Google fixed a bug that allowed maliciously crafted Google Calendar invites to remotely take over Gemini agents running on the target’s device and leak sensitive user data. The attack unfolded without requiring any user involvement beyond typical interactions with the assistant, which occur daily for users of Gemini. Gemini is Google’s large language model (LLM)
Could Golden Dome funding get next-gen interceptor back up to speed?
A notional rendering of Lockheed Martin’s Next Generation Interceptor to replace current interceptors in the ground as part of the Ground-Based Midcourse Defense System that protects the homeland against intercontinental ballistic missiles from Iran and North Korea. (Artist rendering courtesy of Lockheed Martin). HUNTSVILLE, Ala. – Lockheed Martin, the developer of the Next Generation Interceptor
Google confirms data breach exposed potential Google Ads customers’ info
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. “We’re writing to let you know about an event that affected a limited set of data in one of Google’s corporate Salesforce instances used to communicate with prospective Ads customers,” reads a
WinRAR zero-day exploited to plant malware on archive extraction
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was fixed in WinRAR 7.13, which allows specially crafted archives to extract files into a file path selected by the attacker. “When extracting a file, previous versions of WinRAR
Fake WhatsApp developer libraries hide destructive data-wiping code
Two malicious NPM packages posing as WhatsApp development tools have been discovered deploying destructive data-wiping code that recursively deletes files on a developer’s computers. Two malicious NPM packages currently available in the registry target WhatsApp developers with destructive data-wiping code. The packages, discovered by researchers at Socket, masquerade as WhatsApp socket libraries and were downloaded over
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. The abused driver is ‘rwdrv.sys’ (used by ThrottleStop), which the threat actors register as a service to gain kernel-level access. This driver is likely used to load a second driver
PBS confirms data breach after employee info leaked on Discord servers
PBS has suffered a data breach exposing the corporate contact information of its employees and those of its affiliates, BleepingComputer has learned. Earlier this month, BleepingComputer was alerted to a file circulated on Discord servers that allegedly contained this information. This data was not distributed on dark web sites, hacking forums, or other mediums frequented
Army plans to grow Patriot battalions, plus one for Guam
A reload crew of Patriot Launching Station Enhanced Operator and Maintainers performs reload operations on their air defense system. (Sgt. Connor Davis/Army) The Army is planning to grow its operational Patriot air-and-missile defense force from 15 to 18 battalions, plus a composite battalion which includes Patriot capability in Guam, an Army spokesperson told Defense News
Fashion giant Chanel hit in wave of Salesforce data theft attacks
French fashion giant Chanel is the latest company to suffer a data breach in an ongoing wave of Salesforce data theft attacks. Chanel says the breach was first detected on July 25th after threat actors gained access to a Chanel database hosted at a third-party service provider, as first reported by WWD. The breach only impacted