This is an automated aggregator of newsworthy articles collected from multiple web sites, summarised by AI. Last updated: .

⚠️

This is an archived news list from the past. Click here to view the latest news.

Tech News

AI / Technology Policy: OpenAI has proposed significant policy changes to address the societal impacts of advanced AI, including taxing automated labor, establishing a public wealth fund, and experimenting with a four-day workweek. These ideas aim to mitigate job displacement and ensure societal benefits from AI advancements. 👉 cdn.openai.com 👉 businessinsider.com^$
AI Compute Deals: AI research firm Anthropic has secured a multi-gigawatt deal for next-generation TPU capacity from Google and Broadcom, expected to come online starting in 2027. This deal coincides with Anthropic announcing its run-rate revenue has surpassed $30 billion, significantly up from $9 billion at the end of 2025. 👉 anthropic.com 👉 bloomberg.com^$ 👉 wsj.com^$
Semiconductor Industry: Broadcom has confirmed a long-term agreement to produce future versions of Google's AI chips and expand its deal with Anthropic, granting the AI startup access to approximately 3.5 GW of computing capacity. This expanded collaboration is expected to boost Broadcom's stock. 👉 cnbc.com 👉 theinformation.com 👉 sherwood.news
Semiconductor Market: Samsung Electronics reported a preliminary first-quarter operating profit of approximately $38 billion, an eight-fold increase year-over-year and a new record, driven by surging demand and prices for AI chips. Revenue also increased by 68% year-over-year to around $88 billion. 👉 reuters.com 👉 bloomberg.com^$ 👉 cnbc.com
Social Media Dynamics: Nate Silver's analysis suggests that X (formerly Twitter) is becoming a "freak show" due to its algorithm prioritizing engagement over quality and punishing external links, leading to lower-quality accounts gaining more influence than established news organizations. 👉 natesilver.net 👉 reason.com
Space Exploration: NASA's Artemis II mission has surpassed the Apollo 13 mission's record for the farthest distance humans have traveled from Earth. The crew also had the opportunity to provisionally name lunar craters they observed during their mission. 👉 nasa.gov 👉 science.slashdot.org
Legal Precedent for Prediction Markets: A federal appeals court ruled that New Jersey gaming regulators cannot prevent Kalshi from offering its prediction market services within the state, establishing that the U.S. Commodity Futures Trading Commission (CFTC) has exclusive jurisdiction over such event contracts. 👉 reuters.com 👉 arstechnica.com 👉 engadget.com
Tech Industry Layoffs: The Associated Press is offering buyouts to its U.S. journalists as part of a strategic shift away from traditional newspaper reporting and towards digital, broadcast, and tech clients, acknowledging its customer base has changed significantly. 👉 apnews.com
Rollable Phone Technology: A teardown video of LG's unreleased Rollable phone reveals the complex engineering challenges, including high costs, fragility, and manufacturing difficulties, that likely prevented rollable phones from becoming a mainstream product category. 👉 youtube.com 👉 arstechnica.com
US Economic Trends: Research indicates that a larger proportion of Americans have moved into the upper-middle-class over the past few decades, with this group significantly expanding while the lower and core middle classes have shrunk. 👉 wsj.com^$ 👉 msn.com
Agtech Funding: New Zealand agtech startup Halter has raised $220 million, valuing the company at $2 billion, to expand its AI-powered cattle management system globally. The funding will support expansion into new markets and further development of its virtual fencing and data collection technology. 👉 halterhq.com 👉 inc.com
AI and Copyright: Several AI companies, including Microsoft, OpenAI, and xAI, are cautioning users in their terms of service not to rely solely on AI outputs for critical information, citing potential inaccuracies and the need for verification. Microsoft has stated its Copilot terms include "legacy language" that will be updated. 👉 techcrunch.com 👉 tomshardware.com
Linux Kernel Development: Support for the Intel 486 CPU is being phased out and will be removed from the Linux kernel with version 7.1, as no known Linux distributions still ship with i486 support. This decision reflects the obsolescence of the 37-year-old processor in modern computing. 👉 phoronix.com 👉 xda-developers.com
Russian Internet Restrictions: Russia's efforts to crack down on VPNs and Telegram inadvertently caused a widespread banking outage, according to Telegram's founder Pavel Durov. The blocking attempts are believed to have overloaded filtering systems, leading to the disruption. 👉 finance.yahoo.com 👉 tech.slashdot.org
Space Tourism and Privacy: A New Yorker investigation into OpenAI and its CEO Sam Altman reveals allegations of persistent lying, misleading disclosures, and a lack of concern for consequences, with former colleagues describing him as potentially sociopathic. The report also touches on OpenAI's policy proposals for managing AI's societal impact. 👉 newyorker.com 👉 gizmodo.com 👉 businessinsider.com^$
AI Coding Tools: The rapid adoption of AI coding tools is enabling developers to generate vast amounts of code, leading to challenges for companies in reviewing and securing this AI-generated output, potentially introducing new vulnerabilities. 👉 nytimes.com^$ 👉 cryptobriefing.com
US-China Chip Competition: A Taiwan intelligence report indicates that China is targeting Taiwan's semiconductor technology and talent to circumvent global "containment" efforts and advance its own chip manufacturing capabilities. 👉 reuters.com 👉 asia.nikkei.com
AI Music Licensing: Licensing negotiations between AI music startup Suno and major record labels like Universal Music Group and Sony have reportedly stalled, with labels arguing that AI tools should compensate for using human-created music in their training data. 👉 ft.com^$
Apple's Foldable iPhone Development: Sources indicate that Apple is encountering engineering challenges during the test phase of its first foldable iPhone, which could potentially lead to delays in mass production. 👉 asia.nikkei.com 👉 appleinsider.com 👉 macrumors.com
Project Prometheus: Jeff Bezos' secretive startup, Project Prometheus, has hired Kyle Kosic, a co-founder of xAI, from OpenAI. The startup, which focuses on systems that understand the physical world, has hundreds of staff across its offices in San Francisco, London, and Zurich. 👉 ft.com^$
OpenAI vs. Elon Musk: OpenAI has sent letters to the California and Delaware attorneys general, urging them to investigate Elon Musk for alleged "anti-competitive behavior" and coordinated attacks with Meta, ahead of a trial concerning OpenAI's structure and governance. 👉 cnbc.com 👉 gizmodo.com 👉 bloomberg.com^$
Data Center Controversies: An Indianapolis city councilor reported his home was targeted in a shooting, with a "No Data Centers" note left behind, following his support for a proposed data center project in the city. This incident highlights growing public concerns and opposition to data center development. 👉 cbsnews.com 👉 businessinsider.com^$ 👉 nytimes.com^$
Alibaba's AI Sourcing Tool: Alibaba has launched Accio, an AI-powered sourcing tool designed to help small online sellers connect with manufacturers, including those in China. The platform has seen rapid adoption, exceeding 10 million monthly active users in March. 👉 technologyreview.com
Cisco's Networking Business: Cisco CEO Chuck Robbins discussed the company's strategy regarding data centers in space, the ongoing memory shortage, its networking business, the AI bubble, potential layoffs, and AI's role in coding during a recent interview. 👉 techcrunch.com 👉 fierce-network.com
OpenAI's Economic Policy Proposals: OpenAI has published a policy document outlining ideas for a future economy shaped by superintelligence, including proposals for higher taxes on capital gains, a public AI investment fund, bolstered safety nets, and potentially a four-day workweek. 👉 wsj.com^$ 👉 openai.com 👉 businessinsider.com^$
AI for Retail Fit: Startups like Catches are developing AI tools that allow shoppers to visualize clothing fit and style before purchasing, aiming to reduce the high rate of returns in online fashion retail. 👉 cnbc.com 👉 pymnts.com
Amazon-USPS Delivery Deal: Amazon and the U.S. Postal Service have reached a new delivery agreement, which will reduce Amazon's package volume shipped through USPS by 20%, a modification from an earlier proposal for a two-thirds cut. 👉 wsj.com^$ 👉 engadget.com 👉 economictimes.indiatimes.com
AI in Software Development: The increasing use of AI coding tools is leading to a surge in generated code, presenting challenges for companies in reviewing and securing this output, potentially introducing new vulnerabilities and impacting development workflows. 👉 nytimes.com^$ 👉 cryptobriefing.com
Australian AI Infrastructure Funding: Australian AI infrastructure startup Firmus has raised $505 million in a funding round led by Coatue at a $5.5 billion valuation, bringing its total funding in the last six months to $1.35 billion. The company plans to expand its AI infrastructure across the Asia-Pacific region. 👉 bloomberg.com^$ 👉 siliconangle.com 👉 afr.com
China's Tech Targeting: A Taiwan intelligence report indicates that China is actively targeting Taiwan's semiconductor technology and talent to circumvent global containment efforts and bolster its domestic chip industry. 👉 reuters.com
SpaceX IPO Plans: SpaceX is reportedly planning to allocate a significant portion of its shares to retail investors and host approximately 1,500 of them at an event in June following the launch of its IPO roadshow. 👉 reuters.com 👉 proactiveinvestors.com
Anthropic's Enterprise AI Venture: Anthropic is in talks to raise $1 billion for a new venture with private equity firms, planning to invest $200 million in the effort to sell AI tools to portfolio companies. 👉 wsj.com^$ 👉 asiae.co.kr
NHTSA Closes Tesla Summon Probe: The U.S. National Highway Traffic Safety Administration (NHTSA) has concluded its investigation into Tesla's "Actually Smart Summon" feature, citing a low frequency and severity of incidents, with no reported fatalities or injuries. 👉 reuters.com 👉 electrek.co 👉 teslarati.com
Netflix Kids Gaming App: Netflix has launched "Netflix Playground," a new standalone app offering ad-free games for children aged eight and under in the US, UK, Canada, Australia, the Philippines, and New Zealand, expanding its content ecosystem for younger audiences. 👉 theverge.com 👉 about.netflix.com 👉 netflix.com
Binance Compliance Departures: Binance's Chief Compliance Officer Noah Perlman is reportedly planning to leave the company in 2026 or 2027, following a series of departures among other senior compliance staff in recent months, amid ongoing scrutiny of financial crime monitoring. 👉 bloomberg.com^$ 👉 pymnts.com
OpenAI's Podcast Acquisition: Ben Thompson of Stratechery criticizes OpenAI's acquisition of TBPN, calling it nonsensical and possibly indicative of a company that stumbled into a large market without a viable business model, similar to Twitter's challenges. 👉 stratechery.com 👉 garbageday.email
Intel's Advanced Chip Packaging: Intel is reportedly in talks with Google and Amazon to utilize its advanced chip packaging services, highlighting the growing importance of this technology for the AI boom and Intel's strategic focus on this area. 👉 wired.com 👉 blockonomi.com
Xoople's Earth Data for AI: Spanish startup Xoople has raised $130 million in Series B funding to develop a satellite constellation that collects Earth data for training AI models, aiming to provide foundational data infrastructure for AI advancements. 👉 techcrunch.com 👉 thenextweb.com 👉 siliconangle.com
Jack Dorsey's Bitchat Removed from China App Store: Jack Dorsey's peer-to-peer messaging app, Bitchat, has been removed from China's App Store at the request of the Cyberspace Administration of China (CAC), with Dorsey stating the app was flagged for violating article 3 of the CAC's provisions on security assessment. [cointelegraph.com](👉 cointelegraph.com Dorsey-china-app-store-removed) 👉 decrypt.co 👉 iphoneincanada.ca
AI Coding Tool Vulnerabilities: China-linked threat actor Storm-1175 is exploiting zero-day and N-day vulnerabilities to conduct high-velocity attacks, with Medusa ransomware being rapidly deployed against healthcare, education, finance, and professional services organizations in Australia, the UK, and the US. 👉 thehackernews.com 👉 bleepingcomputer.com
Flowise AI Agent Builder Exploited: A critical security flaw (CVE-2025-59528) in the open-source AI platform Flowise AI Agent Builder is being actively exploited, allowing for remote code execution with a CVSS score of 10.0, potentially exposing over 12,000 instances. 👉 thehackernews.com 👉 bleepingcomputer.com
Password Spraying Campaign Targeting Israel: An Iran-linked threat actor is suspected of conducting a password-spraying campaign against over 300 Microsoft 365 organizations in Israel and the UAE, amidst the ongoing Middle East conflict. 👉 thehackernews.com
DPRK Hackers Using GitHub for C2: Threat actors associated with North Korea are reportedly using GitHub as command-and-control infrastructure in multi-stage attacks targeting South Korean organizations, utilizing obfuscated LNK files and PowerShell scripts. 👉 thehackernews.com
Multi-OS Cyberattacks: Cybersecurity researchers highlight the growing challenge of multi-OS cyberattacks, where threat actors move across different platforms, and SOC teams struggle with fragmented workflows, leading to slower incident response and increased risk. 👉 thehackernews.com
Qilin and Warlock Ransomware: Threat actors using Qilin and Warlock ransomware are employing the "bring your own vulnerable driver" (BYOVD) technique to disable over 300 endpoint detection and response (EDR) tools, effectively silencing security measures on compromised systems. 👉 thehackernews.com 👉 bleepingcomputer.com
German Authorities Identify REvil Leaders: German authorities have identified two Russian nationals, Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk, as alleged leaders of the GandCrab and REvil ransomware operations, linking them to numerous cyberattacks and significant financial damages. 👉 krebsonsecurity.com 👉 bleepingcomputer.com
Iran-Linked Wiper Attack on Stryker: A hacktivist group with ties to Iran's intelligence agencies, Handala, claims responsibility for a data-wiping attack against medical technology firm Stryker, citing retaliation for a missile strike. 👉 krebsonsecurity.com 👉 irishexaminer.com
Microsoft Patch Tuesday: Microsoft released updates to fix over 50 vulnerabilities in Windows and other software, including six zero-day flaws that were actively exploited by attackers, with particular attention drawn to critical flaws in SQL Server and MSHTML. 👉 krebsonsecurity.com 👉 bleepingcomputer.com
AI Assistant Security Risks: The growing popularity of AI assistants like OpenClaw poses significant security risks due to their extensive access to user data and potential for misconfiguration, leading to credential theft and supply chain attacks. 👉 krebsonsecurity.com 👉 grith.ai
Kimwolf Botnet Disrupts I2P: The Kimwolf botnet, known for its massive DDoS attacks, has been disrupting the Invisible Internet Project (I2P) network by attempting to join it with hundreds of thousands of infected devices, causing widespread connectivity issues for legitimate users. 👉 krebsonsecurity.com
Phishing Service Starkiller: A new phishing-as-a-service called Starkiller allows cybercriminals to create sophisticated phishing campaigns by dynamically loading legitimate login pages, relaying victim credentials, and capturing MFA codes, effectively neutralizing security measures. 👉 krebsonsecurity.com 👉 abnormal.ai
North Korean Cyber Activity: North Korean-linked threat actors are using GitHub as command-and-control infrastructure in multi-stage attacks targeting South Korean organizations, employing phishing emails with malicious LNK files and PowerShell scripts. 👉 thehackernews.com
Hackers Exploit React2Shell: A large-scale campaign is underway to steal credentials by exploiting the React2Shell vulnerability (CVE-2025-55182) in vulnerable Next.js applications, facilitating automated data theft. 👉 thehackernews.com 👉 bleepingcomputer.com
Axios npm Package Compromise: Threat actors tied to North Korea have compromised the npm account of an Axios lead maintainer, injecting malicious versions of the package containing malware named WAVESHAPER.V2, impacting thousands of users. 👉 thehackernews.com 👉 bleepingcomputer.com
Fortinet FortiClient EMS Vulnerability: Fortinet has released an emergency patch for a critical, actively exploited vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) that allows for pre-authentication API access bypass and privilege escalation. 👉 bleepingcomputer.com 👉 thehackernews.com
QR Code Phishing Scams: Phishing scams are increasingly using QR codes in fake "Notice of Default" traffic violation texts to trick individuals into visiting malicious websites that steal personal and financial information while demanding payment. 👉 bleepingcomputer.com
LinkedIn's Browser Extension Scanning: A report indicates that LinkedIn uses hidden JavaScript scripts to scan users' browsers for installed extensions and collect device data, raising privacy concerns about its data collection practices. 👉 bleepingcomputer.com
Hims & Hers Data Breach: Telehealth provider Hims & Hers is warning of a data breach resulting from the theft of support tickets from a third-party customer service platform, potentially exposing customer information. 👉 bleepingcomputer.com
Qilin Ransomware Attacks Die Linke: The German political party Die Linke has confirmed that its data was stolen by the Qilin ransomware group, leading to an IT systems outage and threats of sensitive data leaks. 👉 bleepingcomputer.com
Revil/GandCrab Leaders Identified: German authorities have identified Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk as alleged leaders of the GandCrab and REvil ransomware groups, linking them to numerous attacks and significant financial damages. 👉 krebsonsecurity.com 👉 bleepingcomputer.com
GPUBreach Attack: A new attack dubbed GPUBreach can induce Rowhammer bit-flips on GPU GDDR6 memory, enabling privilege escalation and potentially leading to full system compromise. 👉 bleepingcomputer.com
BlueHammer Windows Zero-Day: An unpatched Windows privilege escalation vulnerability, referred to as "BlueHammer," has had its exploit code released by a disgruntled researcher, allowing attackers to gain SYSTEM-level access. 👉 bleepingcomputer.com
Microsoft Support and Recovery Assistant Removed: Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) utility from Windows, impacting users who rely on it for troubleshooting and support. 👉 bleepingcomputer.com
LiteLLM Supply Chain Attack: The LiteLLM AI development library was targeted in a supply chain attack by the TeamPCP actor, injecting malware that harvested credentials from developer machines, highlighting the risks of compromised software dependencies. 👉 thehackernews.com
Dortware and Kimwolf Botnet: Investigations into the Kimwolf botnet's operator, known as "Dort," reveal a history linked to the Minecraft cheating software "Dortware" and later involvement in cybercrime forums, SIM-swapping, and developing tools for credential theft and CAPTCHA bypass. 👉 krebsonsecurity.com
OpenAI's AI Economy Vision: OpenAI has outlined policy proposals for an AI-driven economy, including taxing capital gains and automated labor, creating public wealth funds, and exploring a four-day workweek to address potential job displacement and societal impacts. 👉 openai.com 👉 wsj.com^$
AI Startup Rocket's Consulting Model: Indian AI startup Rocket aims to provide McKinsey-style consulting reports at a significantly lower cost by leveraging AI, targeting businesses seeking strategic insights without the premium price tag. 👉 techcrunch.com
Picsart Creator Monetization: AI design platform Picsart has launched a new program to enable creators to monetize their work, allowing users to earn from their designs and contributions within the platform's ecosystem. 👉 techcrunch.com
Google's Offline AI Dictation App: Google has quietly released an AI-powered dictation app for iOS that functions offline, offering users a private and accessible way to convert speech to text without requiring an internet connection. 👉 techcrunch.com
North Korea's Open Source Hijacking: A sophisticated cyberattack by North Korea successfully hijacked a widely used open-source project, likely over several weeks, demonstrating advanced capabilities in targeting critical software infrastructure. 👉 techcrunch.com
Netflix Kids Gaming App: Netflix is expanding its offerings for children by launching "Netflix Playground," a dedicated app featuring ad-free games for younger users, available in select countries including the US, UK, Canada, Australia, the Philippines, and New Zealand. 👉 theverge.com 👉 about.netflix.com
Tesla Summon Probe Closed: The NHTSA has closed its investigation into Tesla's "Actually Smart Summon" feature, citing a low frequency and severity of incidents, and indicating that software fixes have addressed potential risks. 👉 reuters.com 👉 electrek.co
Apple's Supreme Court Appeal: Apple is seeking to take its legal battle over App Store commissions back to the Supreme Court, challenging a ruling that could impact its control over third-party app distribution on its devices. 👉 techcrunch.com 👉 engadget.com
Iran Threatens AI Data Centers: Iranian authorities have reportedly threatened "Stargate" AI data centers, signaling potential geopolitical tensions extending into the realm of artificial intelligence infrastructure. 👉 techcrunch.com
Convicted Spyware Maker Fleming Avoids Jail: Bryan Fleming, who was convicted of creating spyware, has avoided jail time at his sentencing, a decision that has raised questions about the accountability for cybercrime tools. 👉 techcrunch.com
AI for Used EVs: Factors beyond just gas prices, such as advancements in AI and technology, are contributing to the increasing sales of used electric vehicles, indicating a broader shift in the automotive market. 👉 techcrunch.com
OpenAI Alums' New Fund: Former OpenAI employees have established a new investment fund, potentially valued at $100 million, focusing on early-stage technology companies, signaling continued interest and investment from key figures in the AI sector. 👉 techcrunch.com
AI and Cybersecurity: A SANS Institute report highlights the evolving cyber workforce in 2026, focusing on skills, shortages, and shifts driven by AI, offering insights for leaders and professionals in the cybersecurity field. 👉 thehackernews.uk
China-Linked APT Storm-1175: The China-linked threat actor Storm-1175 is actively exploiting zero-day and N-day vulnerabilities to deploy Medusa ransomware, targeting organizations across Australia, the UK, and the US, particularly in the healthcare sector. 👉 thehackernews.com 👉 bleepingcomputer.com
Flowise AI Agent Builder Exploitation: A critical vulnerability (CVE-2025-59528) in the Flowise AI Agent Builder, an open-source platform, is being actively exploited, potentially allowing remote code execution and exposing over 12,000 instances. 👉 thehackernews.com
Iran-Linked Password Spraying: An Iran-nexus threat actor is suspected of conducting password-spraying attacks against more than 300 Microsoft 365 organizations in Israel and over 25 in the UAE, amid ongoing regional tensions. 👉 thehackernews.com
DPRK Hackers Using GitHub: Hackers linked to North Korea are reportedly using GitHub as a command-and-control server in multi-stage attacks targeting South Korean organizations, utilizing obfuscated LNK files and PowerShell scripts. 👉 thehackernews.com
Multi-OS Cyberattack Challenges: The increasing prevalence of multi-OS cyberattacks poses significant challenges for Security Operations Centers (SOCs) due to fragmented workflows and slower incident response across different platforms. 👉 thehackernews.com
Qilin and Warlock Ransomware Tactics: Ransomware groups Qilin and Warlock are leveraging vulnerable drivers (BYOVD) to disable over 300 EDR tools, effectively neutralizing security defenses on compromised systems. 👉 thehackernews.com
German Authorities Identify REvil Leaders: German federal police have identified Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk as leaders of the GandCrab and REvil ransomware groups, responsible for numerous attacks and significant financial damages. 👉 krebsonsecurity.com 👉 bleepingcomputer.com
Drift Hack Linked to DPRK Operation: The $285 million hack of the Drift protocol is traced back to a six-month social engineering operation by a North Korean state-sponsored group (UNC4736), known for targeting the cryptocurrency sector. 👉 thehackernews.com
Malicious npm Packages: Researchers discovered 36 malicious npm packages disguised as Strapi CMS plugins, which exploit Redis and PostgreSQL to deploy malware, harvest credentials, and establish persistence. 👉 thehackernews.com
Fortinet Patches Actively Exploited Flaw: Fortinet has released an emergency patch for a critical FortiClient EMS vulnerability (CVE-2026-35616) that is being actively exploited in the wild for pre-authentication API access bypass and privilege escalation. 👉 fortinet.com 👉 thehackernews.com
QR Code Phishing Texts: Scammers are using QR codes in fake traffic violation texts to trick recipients into visiting phishing sites that steal personal and financial information. 👉 bleepingcomputer.com
LinkedIn Extends Extension Scanning: LinkedIn's practice of scanning users' browsers for installed extensions and collecting data via hidden JavaScript scripts has raised privacy concerns among security experts. 👉 bleepingcomputer.com
Hims & Hers Data Breach: Telehealth company Hims & Hers has reported a data breach stemming from a compromise of support tickets stored on a third-party customer service platform. 👉 bleepingcomputer.com
Qilin Ransomware Hits German Party: The German political party Die Linke confirmed a data breach by the Qilin ransomware group, leading to an IT outage and threats of data leaks. 👉 bleepingcomputer.com
GPUBreach Attack: A new attack technique called GPUBreach allows attackers to induce Rowhammer bit-flips in GPU GDDR6 memory, enabling privilege escalation and potentially full system takeover. 👉 bleepingcomputer.com
BlueHammer Windows Zero-Day: A critical Windows zero-day vulnerability, "BlueHammer," allowing privilege escalation to SYSTEM level, has had its exploit code publicly released, posing an immediate threat to users. 👉 bleepingcomputer.com
Microsoft Removes SaRA Tool: Microsoft has removed the Support and Recovery Assistant (SaRA) tool from Windows, impacting users who relied on it for troubleshooting and resolving system issues. 👉 bleepingcomputer.com
Medusa Ransomware Affiliate: Microsoft has identified Storm-1175, a China-based financially motivated cybercriminal group, as an affiliate deploying Medusa ransomware and exploiting zero-day vulnerabilities in high-velocity attacks. 👉 bleepingcomputer.com
LiteLLM Supply Chain Attack: The popular LiteLLM library was compromised in a supply chain attack, with TeamPCP injecting malware that harvested developer credentials and secrets from compromised machines. 👉 thehackernews.com
Qilin/Warlock Ransomware Tactics: Ransomware groups Qilin and Warlock are using vulnerable drivers (BYOVD) to disable over 300 EDR tools, effectively neutralizing security measures on victim systems. 👉 thehackernews.com
Dort Identity Linked to Kimwolf Botnet: Investigations into the operator of the Kimwolf botnet, known as "Dort," link them to Minecraft cheating software and later cybercrime activities, including SIM-swapping and credential theft tools. 👉 krebsonsecurity.com
Starkiller Phishing Service: The Starkiller phishing service allows criminals to use dynamic links that mimic legitimate login pages and relay credentials, including MFA codes, effectively bypassing security measures. 👉 krebsonsecurity.com

Tech News

AI / Technology Policy: OpenAI has proposed significant policy changes to address the societal impacts of advanced AI, including taxing automated labor, establishing a public wealth fund, and experimenting with a four-day workweek. These ideas aim to mitigate job displacement and ensure societal benefits from AI advancements. 👉 cdn.openai.com 👉 businessinsider.com^$

AI Compute Deals: AI research firm Anthropic has secured a multi-gigawatt deal for next-generation TPU capacity from Google and Broadcom, expected to come online starting in 2027. This deal coincides with Anthropic announcing its run-rate revenue has surpassed $30 billion, significantly up from $9 billion at the end of 2025. 👉 anthropic.com 👉 bloomberg.com^$ 👉 wsj.com^$

Semiconductor Industry: Broadcom has confirmed a long-term agreement to produce future versions of Google's AI chips and expand its deal with Anthropic, granting the AI startup access to approximately 3.5 GW of computing capacity. This expanded collaboration is expected to boost Broadcom's stock. 👉 cnbc.com 👉 theinformation.com 👉 sherwood.news

Semiconductor Market: Samsung Electronics reported a preliminary first-quarter operating profit of approximately $38 billion, an eight-fold increase year-over-year and a new record, driven by surging demand and prices for AI chips. Revenue also increased by 68% year-over-year to around $88 billion. 👉 reuters.com 👉 bloomberg.com^$ 👉 cnbc.com

Social Media Dynamics: Nate Silver's analysis suggests that X (formerly Twitter) is becoming a "freak show" due to its algorithm prioritizing engagement over quality and punishing external links, leading to lower-quality accounts gaining more influence than established news organizations. 👉 natesilver.net 👉 reason.com

Space Exploration: NASA's Artemis II mission has surpassed the Apollo 13 mission's record for the farthest distance humans have traveled from Earth. The crew also had the opportunity to provisionally name lunar craters they observed during their mission. 👉 nasa.gov 👉 science.slashdot.org

Legal Precedent for Prediction Markets: A federal appeals court ruled that New Jersey gaming regulators cannot prevent Kalshi from offering its prediction market services within the state, establishing that the U.S. Commodity Futures Trading Commission (CFTC) has exclusive jurisdiction over such event contracts. 👉 reuters.com 👉 arstechnica.com 👉 engadget.com

Tech Industry Layoffs: The Associated Press is offering buyouts to its U.S. journalists as part of a strategic shift away from traditional newspaper reporting and towards digital, broadcast, and tech clients, acknowledging its customer base has changed significantly. 👉 apnews.com

Rollable Phone Technology: A teardown video of LG's unreleased Rollable phone reveals the complex engineering challenges, including high costs, fragility, and manufacturing difficulties, that likely prevented rollable phones from becoming a mainstream product category. 👉 youtube.com 👉 arstechnica.com

US Economic Trends: Research indicates that a larger proportion of Americans have moved into the upper-middle-class over the past few decades, with this group significantly expanding while the lower and core middle classes have shrunk. 👉 wsj.com^$ 👉 msn.com

Agtech Funding: New Zealand agtech startup Halter has raised $220 million, valuing the company at $2 billion, to expand its AI-powered cattle management system globally. The funding will support expansion into new markets and further development of its virtual fencing and data collection technology. 👉 halterhq.com 👉 inc.com

AI and Copyright: Several AI companies, including Microsoft, OpenAI, and xAI, are cautioning users in their terms of service not to rely solely on AI outputs for critical information, citing potential inaccuracies and the need for verification. Microsoft has stated its Copilot terms include "legacy language" that will be updated. 👉 techcrunch.com 👉 tomshardware.com

Linux Kernel Development: Support for the Intel 486 CPU is being phased out and will be removed from the Linux kernel with version 7.1, as no known Linux distributions still ship with i486 support. This decision reflects the obsolescence of the 37-year-old processor in modern computing. 👉 phoronix.com 👉 xda-developers.com

Russian Internet Restrictions: Russia's efforts to crack down on VPNs and Telegram inadvertently caused a widespread banking outage, according to Telegram's founder Pavel Durov. The blocking attempts are believed to have overloaded filtering systems, leading to the disruption. 👉 finance.yahoo.com 👉 tech.slashdot.org

Space Tourism and Privacy: A New Yorker investigation into OpenAI and its CEO Sam Altman reveals allegations of persistent lying, misleading disclosures, and a lack of concern for consequences, with former colleagues describing him as potentially sociopathic. The report also touches on OpenAI's policy proposals for managing AI's societal impact. 👉 newyorker.com 👉 gizmodo.com 👉 businessinsider.com^$

AI Coding Tools: The rapid adoption of AI coding tools is enabling developers to generate vast amounts of code, leading to challenges for companies in reviewing and securing this AI-generated output, potentially introducing new vulnerabilities. 👉 nytimes.com^$ 👉 cryptobriefing.com

US-China Chip Competition: A Taiwan intelligence report indicates that China is targeting Taiwan's semiconductor technology and talent to circumvent global "containment" efforts and advance its own chip manufacturing capabilities. 👉 reuters.com 👉 asia.nikkei.com

AI Music Licensing: Licensing negotiations between AI music startup Suno and major record labels like Universal Music Group and Sony have reportedly stalled, with labels arguing that AI tools should compensate for using human-created music in their training data. 👉 ft.com^$

Apple's Foldable iPhone Development: Sources indicate that Apple is encountering engineering challenges during the test phase of its first foldable iPhone, which could potentially lead to delays in mass production. 👉 asia.nikkei.com 👉 appleinsider.com 👉 macrumors.com

Project Prometheus: Jeff Bezos' secretive startup, Project Prometheus, has hired Kyle Kosic, a co-founder of xAI, from OpenAI. The startup, which focuses on systems that understand the physical world, has hundreds of staff across its offices in San Francisco, London, and Zurich. 👉 ft.com^$

OpenAI vs. Elon Musk: OpenAI has sent letters to the California and Delaware attorneys general, urging them to investigate Elon Musk for alleged "anti-competitive behavior" and coordinated attacks with Meta, ahead of a trial concerning OpenAI's structure and governance. 👉 cnbc.com 👉 gizmodo.com 👉 bloomberg.com^$

Data Center Controversies: An Indianapolis city councilor reported his home was targeted in a shooting, with a "No Data Centers" note left behind, following his support for a proposed data center project in the city. This incident highlights growing public concerns and opposition to data center development. 👉 cbsnews.com 👉 businessinsider.com^$ 👉 nytimes.com^$

Alibaba's AI Sourcing Tool: Alibaba has launched Accio, an AI-powered sourcing tool designed to help small online sellers connect with manufacturers, including those in China. The platform has seen rapid adoption, exceeding 10 million monthly active users in March. 👉 technologyreview.com

Cisco's Networking Business: Cisco CEO Chuck Robbins discussed the company's strategy regarding data centers in space, the ongoing memory shortage, its networking business, the AI bubble, potential layoffs, and AI's role in coding during a recent interview. 👉 techcrunch.com 👉 fierce-network.com

OpenAI's Economic Policy Proposals: OpenAI has published a policy document outlining ideas for a future economy shaped by superintelligence, including proposals for higher taxes on capital gains, a public AI investment fund, bolstered safety nets, and potentially a four-day workweek. 👉 wsj.com^$ 👉 openai.com 👉 businessinsider.com^$

AI for Retail Fit: Startups like Catches are developing AI tools that allow shoppers to visualize clothing fit and style before purchasing, aiming to reduce the high rate of returns in online fashion retail. 👉 cnbc.com 👉 pymnts.com

Amazon-USPS Delivery Deal: Amazon and the U.S. Postal Service have reached a new delivery agreement, which will reduce Amazon's package volume shipped through USPS by 20%, a modification from an earlier proposal for a two-thirds cut. 👉 wsj.com^$ 👉 engadget.com 👉 economictimes.indiatimes.com

AI in Software Development: The increasing use of AI coding tools is leading to a surge in generated code, presenting challenges for companies in reviewing and securing this output, potentially introducing new vulnerabilities and impacting development workflows. 👉 nytimes.com^$ 👉 cryptobriefing.com

Australian AI Infrastructure Funding: Australian AI infrastructure startup Firmus has raised $505 million in a funding round led by Coatue at a $5.5 billion valuation, bringing its total funding in the last six months to $1.35 billion. The company plans to expand its AI infrastructure across the Asia-Pacific region. 👉 bloomberg.com^$ 👉 siliconangle.com 👉 afr.com

China's Tech Targeting: A Taiwan intelligence report indicates that China is actively targeting Taiwan's semiconductor technology and talent to circumvent global containment efforts and bolster its domestic chip industry. 👉 reuters.com

SpaceX IPO Plans: SpaceX is reportedly planning to allocate a significant portion of its shares to retail investors and host approximately 1,500 of them at an event in June following the launch of its IPO roadshow. 👉 reuters.com 👉 proactiveinvestors.com

Anthropic's Enterprise AI Venture: Anthropic is in talks to raise $1 billion for a new venture with private equity firms, planning to invest $200 million in the effort to sell AI tools to portfolio companies. 👉 wsj.com^$ 👉 asiae.co.kr

NHTSA Closes Tesla Summon Probe: The U.S. National Highway Traffic Safety Administration (NHTSA) has concluded its investigation into Tesla's "Actually Smart Summon" feature, citing a low frequency and severity of incidents, with no reported fatalities or injuries. 👉 reuters.com 👉 electrek.co 👉 teslarati.com

Netflix Kids Gaming App: Netflix has launched "Netflix Playground," a new standalone app offering ad-free games for children aged eight and under in the US, UK, Canada, Australia, the Philippines, and New Zealand, expanding its content ecosystem for younger audiences. 👉 theverge.com 👉 about.netflix.com 👉 netflix.com

Binance Compliance Departures: Binance's Chief Compliance Officer Noah Perlman is reportedly planning to leave the company in 2026 or 2027, following a series of departures among other senior compliance staff in recent months, amid ongoing scrutiny of financial crime monitoring. 👉 bloomberg.com^$ 👉 pymnts.com

OpenAI's Podcast Acquisition: Ben Thompson of Stratechery criticizes OpenAI's acquisition of TBPN, calling it nonsensical and possibly indicative of a company that stumbled into a large market without a viable business model, similar to Twitter's challenges. 👉 stratechery.com 👉 garbageday.email

Intel's Advanced Chip Packaging: Intel is reportedly in talks with Google and Amazon to utilize its advanced chip packaging services, highlighting the growing importance of this technology for the AI boom and Intel's strategic focus on this area. 👉 wired.com 👉 blockonomi.com

Xoople's Earth Data for AI: Spanish startup Xoople has raised $130 million in Series B funding to develop a satellite constellation that collects Earth data for training AI models, aiming to provide foundational data infrastructure for AI advancements. 👉 techcrunch.com 👉 thenextweb.com 👉 siliconangle.com

Jack Dorsey's Bitchat Removed from China App Store: Jack Dorsey's peer-to-peer messaging app, Bitchat, has been removed from China's App Store at the request of the Cyberspace Administration of China (CAC), with Dorsey stating the app was flagged for violating article 3 of the CAC's provisions on security assessment. [cointelegraph.com](👉 cointelegraph.com Dorsey-china-app-store-removed) 👉 decrypt.co 👉 iphoneincanada.ca

AI Coding Tool Vulnerabilities: China-linked threat actor Storm-1175 is exploiting zero-day and N-day vulnerabilities to conduct high-velocity attacks, with Medusa ransomware being rapidly deployed against healthcare, education, finance, and professional services organizations in Australia, the UK, and the US. 👉 thehackernews.com 👉 bleepingcomputer.com

Flowise AI Agent Builder Exploited: A critical security flaw (CVE-2025-59528) in the open-source AI platform Flowise AI Agent Builder is being actively exploited, allowing for remote code execution with a CVSS score of 10.0, potentially exposing over 12,000 instances. 👉 thehackernews.com 👉 bleepingcomputer.com

Password Spraying Campaign Targeting Israel: An Iran-linked threat actor is suspected of conducting a password-spraying campaign against over 300 Microsoft 365 organizations in Israel and the UAE, amidst the ongoing Middle East conflict. 👉 thehackernews.com

DPRK Hackers Using GitHub for C2: Threat actors associated with North Korea are reportedly using GitHub as command-and-control infrastructure in multi-stage attacks targeting South Korean organizations, utilizing obfuscated LNK files and PowerShell scripts. 👉 thehackernews.com

Multi-OS Cyberattacks: Cybersecurity researchers highlight the growing challenge of multi-OS cyberattacks, where threat actors move across different platforms, and SOC teams struggle with fragmented workflows, leading to slower incident response and increased risk. 👉 thehackernews.com

Qilin and Warlock Ransomware: Threat actors using Qilin and Warlock ransomware are employing the "bring your own vulnerable driver" (BYOVD) technique to disable over 300 endpoint detection and response (EDR) tools, effectively silencing security measures on compromised systems. 👉 thehackernews.com 👉 bleepingcomputer.com

German Authorities Identify REvil Leaders: German authorities have identified two Russian nationals, Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk, as alleged leaders of the GandCrab and REvil ransomware operations, linking them to numerous cyberattacks and significant financial damages. 👉 krebsonsecurity.com 👉 bleepingcomputer.com

Iran-Linked Wiper Attack on Stryker: A hacktivist group with ties to Iran's intelligence agencies, Handala, claims responsibility for a data-wiping attack against medical technology firm Stryker, citing retaliation for a missile strike. 👉 krebsonsecurity.com 👉 irishexaminer.com

Microsoft Patch Tuesday: Microsoft released updates to fix over 50 vulnerabilities in Windows and other software, including six zero-day flaws that were actively exploited by attackers, with particular attention drawn to critical flaws in SQL Server and MSHTML. 👉 krebsonsecurity.com 👉 bleepingcomputer.com

AI Assistant Security Risks: The growing popularity of AI assistants like OpenClaw poses significant security risks due to their extensive access to user data and potential for misconfiguration, leading to credential theft and supply chain attacks. 👉 krebsonsecurity.com 👉 grith.ai

Kimwolf Botnet Disrupts I2P: The Kimwolf botnet, known for its massive DDoS attacks, has been disrupting the Invisible Internet Project (I2P) network by attempting to join it with hundreds of thousands of infected devices, causing widespread connectivity issues for legitimate users. 👉 krebsonsecurity.com

Phishing Service Starkiller: A new phishing-as-a-service called Starkiller allows cybercriminals to create sophisticated phishing campaigns by dynamically loading legitimate login pages, relaying victim credentials, and capturing MFA codes, effectively neutralizing security measures. 👉 krebsonsecurity.com 👉 abnormal.ai

North Korean Cyber Activity: North Korean-linked threat actors are using GitHub as command-and-control infrastructure in multi-stage attacks targeting South Korean organizations, employing phishing emails with malicious LNK files and PowerShell scripts. 👉 thehackernews.com

Hackers Exploit React2Shell: A large-scale campaign is underway to steal credentials by exploiting the React2Shell vulnerability (CVE-2025-55182) in vulnerable Next.js applications, facilitating automated data theft. 👉 thehackernews.com 👉 bleepingcomputer.com

Axios npm Package Compromise: Threat actors tied to North Korea have compromised the npm account of an Axios lead maintainer, injecting malicious versions of the package containing malware named WAVESHAPER.V2, impacting thousands of users. 👉 thehackernews.com 👉 bleepingcomputer.com

Fortinet FortiClient EMS Vulnerability: Fortinet has released an emergency patch for a critical, actively exploited vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) that allows for pre-authentication API access bypass and privilege escalation. 👉 bleepingcomputer.com 👉 thehackernews.com

QR Code Phishing Scams: Phishing scams are increasingly using QR codes in fake "Notice of Default" traffic violation texts to trick individuals into visiting malicious websites that steal personal and financial information while demanding payment. 👉 bleepingcomputer.com

LinkedIn's Browser Extension Scanning: A report indicates that LinkedIn uses hidden JavaScript scripts to scan users' browsers for installed extensions and collect device data, raising privacy concerns about its data collection practices. 👉 bleepingcomputer.com

Hims & Hers Data Breach: Telehealth provider Hims & Hers is warning of a data breach resulting from the theft of support tickets from a third-party customer service platform, potentially exposing customer information. 👉 bleepingcomputer.com

Qilin Ransomware Attacks Die Linke: The German political party Die Linke has confirmed that its data was stolen by the Qilin ransomware group, leading to an IT systems outage and threats of sensitive data leaks. 👉 bleepingcomputer.com

Revil/GandCrab Leaders Identified: German authorities have identified Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk as alleged leaders of the GandCrab and REvil ransomware groups, linking them to numerous attacks and significant financial damages. 👉 krebsonsecurity.com 👉 bleepingcomputer.com

GPUBreach Attack: A new attack dubbed GPUBreach can induce Rowhammer bit-flips on GPU GDDR6 memory, enabling privilege escalation and potentially leading to full system compromise. 👉 bleepingcomputer.com

BlueHammer Windows Zero-Day: An unpatched Windows privilege escalation vulnerability, referred to as "BlueHammer," has had its exploit code released by a disgruntled researcher, allowing attackers to gain SYSTEM-level access. 👉 bleepingcomputer.com

Microsoft Support and Recovery Assistant Removed: Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) utility from Windows, impacting users who rely on it for troubleshooting and support. 👉 bleepingcomputer.com

LiteLLM Supply Chain Attack: The LiteLLM AI development library was targeted in a supply chain attack by the TeamPCP actor, injecting malware that harvested credentials from developer machines, highlighting the risks of compromised software dependencies. 👉 thehackernews.com

Dortware and Kimwolf Botnet: Investigations into the Kimwolf botnet's operator, known as "Dort," reveal a history linked to the Minecraft cheating software "Dortware" and later involvement in cybercrime forums, SIM-swapping, and developing tools for credential theft and CAPTCHA bypass. 👉 krebsonsecurity.com

OpenAI's AI Economy Vision: OpenAI has outlined policy proposals for an AI-driven economy, including taxing capital gains and automated labor, creating public wealth funds, and exploring a four-day workweek to address potential job displacement and societal impacts. 👉 openai.com 👉 wsj.com^$

AI Startup Rocket's Consulting Model: Indian AI startup Rocket aims to provide McKinsey-style consulting reports at a significantly lower cost by leveraging AI, targeting businesses seeking strategic insights without the premium price tag. 👉 techcrunch.com

Picsart Creator Monetization: AI design platform Picsart has launched a new program to enable creators to monetize their work, allowing users to earn from their designs and contributions within the platform's ecosystem. 👉 techcrunch.com

Google's Offline AI Dictation App: Google has quietly released an AI-powered dictation app for iOS that functions offline, offering users a private and accessible way to convert speech to text without requiring an internet connection. 👉 techcrunch.com

North Korea's Open Source Hijacking: A sophisticated cyberattack by North Korea successfully hijacked a widely used open-source project, likely over several weeks, demonstrating advanced capabilities in targeting critical software infrastructure. 👉 techcrunch.com

Netflix Kids Gaming App: Netflix is expanding its offerings for children by launching "Netflix Playground," a dedicated app featuring ad-free games for younger users, available in select countries including the US, UK, Canada, Australia, the Philippines, and New Zealand. 👉 theverge.com 👉 about.netflix.com

Tesla Summon Probe Closed: The NHTSA has closed its investigation into Tesla's "Actually Smart Summon" feature, citing a low frequency and severity of incidents, and indicating that software fixes have addressed potential risks. 👉 reuters.com 👉 electrek.co

Apple's Supreme Court Appeal: Apple is seeking to take its legal battle over App Store commissions back to the Supreme Court, challenging a ruling that could impact its control over third-party app distribution on its devices. 👉 techcrunch.com 👉 engadget.com

Iran Threatens AI Data Centers: Iranian authorities have reportedly threatened "Stargate" AI data centers, signaling potential geopolitical tensions extending into the realm of artificial intelligence infrastructure. 👉 techcrunch.com

Convicted Spyware Maker Fleming Avoids Jail: Bryan Fleming, who was convicted of creating spyware, has avoided jail time at his sentencing, a decision that has raised questions about the accountability for cybercrime tools. 👉 techcrunch.com

AI for Used EVs: Factors beyond just gas prices, such as advancements in AI and technology, are contributing to the increasing sales of used electric vehicles, indicating a broader shift in the automotive market. 👉 techcrunch.com

OpenAI Alums' New Fund: Former OpenAI employees have established a new investment fund, potentially valued at $100 million, focusing on early-stage technology companies, signaling continued interest and investment from key figures in the AI sector. 👉 techcrunch.com

AI and Cybersecurity: A SANS Institute report highlights the evolving cyber workforce in 2026, focusing on skills, shortages, and shifts driven by AI, offering insights for leaders and professionals in the cybersecurity field. 👉 thehackernews.uk

China-Linked APT Storm-1175: The China-linked threat actor Storm-1175 is actively exploiting zero-day and N-day vulnerabilities to deploy Medusa ransomware, targeting organizations across Australia, the UK, and the US, particularly in the healthcare sector. 👉 thehackernews.com 👉 bleepingcomputer.com

Flowise AI Agent Builder Exploitation: A critical vulnerability (CVE-2025-59528) in the Flowise AI Agent Builder, an open-source platform, is being actively exploited, potentially allowing remote code execution and exposing over 12,000 instances. 👉 thehackernews.com

Iran-Linked Password Spraying: An Iran-nexus threat actor is suspected of conducting password-spraying attacks against more than 300 Microsoft 365 organizations in Israel and over 25 in the UAE, amid ongoing regional tensions. 👉 thehackernews.com

DPRK Hackers Using GitHub: Hackers linked to North Korea are reportedly using GitHub as a command-and-control server in multi-stage attacks targeting South Korean organizations, utilizing obfuscated LNK files and PowerShell scripts. 👉 thehackernews.com

Multi-OS Cyberattack Challenges: The increasing prevalence of multi-OS cyberattacks poses significant challenges for Security Operations Centers (SOCs) due to fragmented workflows and slower incident response across different platforms. 👉 thehackernews.com

Qilin and Warlock Ransomware Tactics: Ransomware groups Qilin and Warlock are leveraging vulnerable drivers (BYOVD) to disable over 300 EDR tools, effectively neutralizing security defenses on compromised systems. 👉 thehackernews.com

German Authorities Identify REvil Leaders: German federal police have identified Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk as leaders of the GandCrab and REvil ransomware groups, responsible for numerous attacks and significant financial damages. 👉 krebsonsecurity.com 👉 bleepingcomputer.com

Drift Hack Linked to DPRK Operation: The $285 million hack of the Drift protocol is traced back to a six-month social engineering operation by a North Korean state-sponsored group (UNC4736), known for targeting the cryptocurrency sector. 👉 thehackernews.com

Malicious npm Packages: Researchers discovered 36 malicious npm packages disguised as Strapi CMS plugins, which exploit Redis and PostgreSQL to deploy malware, harvest credentials, and establish persistence. 👉 thehackernews.com

Fortinet Patches Actively Exploited Flaw: Fortinet has released an emergency patch for a critical FortiClient EMS vulnerability (CVE-2026-35616) that is being actively exploited in the wild for pre-authentication API access bypass and privilege escalation. 👉 fortinet.com 👉 thehackernews.com

QR Code Phishing Texts: Scammers are using QR codes in fake traffic violation texts to trick recipients into visiting phishing sites that steal personal and financial information. 👉 bleepingcomputer.com

LinkedIn Extends Extension Scanning: LinkedIn's practice of scanning users' browsers for installed extensions and collecting data via hidden JavaScript scripts has raised privacy concerns among security experts. 👉 bleepingcomputer.com

Hims & Hers Data Breach: Telehealth company Hims & Hers has reported a data breach stemming from a compromise of support tickets stored on a third-party customer service platform. 👉 bleepingcomputer.com

Qilin Ransomware Hits German Party: The German political party Die Linke confirmed a data breach by the Qilin ransomware group, leading to an IT outage and threats of data leaks. 👉 bleepingcomputer.com

GPUBreach Attack: A new attack technique called GPUBreach allows attackers to induce Rowhammer bit-flips in GPU GDDR6 memory, enabling privilege escalation and potentially full system takeover. 👉 bleepingcomputer.com

BlueHammer Windows Zero-Day: A critical Windows zero-day vulnerability, "BlueHammer," allowing privilege escalation to SYSTEM level, has had its exploit code publicly released, posing an immediate threat to users. 👉 bleepingcomputer.com

Microsoft Removes SaRA Tool: Microsoft has removed the Support and Recovery Assistant (SaRA) tool from Windows, impacting users who relied on it for troubleshooting and resolving system issues. 👉 bleepingcomputer.com

Medusa Ransomware Affiliate: Microsoft has identified Storm-1175, a China-based financially motivated cybercriminal group, as an affiliate deploying Medusa ransomware and exploiting zero-day vulnerabilities in high-velocity attacks. 👉 bleepingcomputer.com

LiteLLM Supply Chain Attack: The popular LiteLLM library was compromised in a supply chain attack, with TeamPCP injecting malware that harvested developer credentials and secrets from compromised machines. 👉 thehackernews.com

Qilin/Warlock Ransomware Tactics: Ransomware groups Qilin and Warlock are using vulnerable drivers (BYOVD) to disable over 300 EDR tools, effectively neutralizing security measures on victim systems. 👉 thehackernews.com

Dort Identity Linked to Kimwolf Botnet: Investigations into the operator of the Kimwolf botnet, known as "Dort," link them to Minecraft cheating software and later cybercrime activities, including SIM-swapping and credential theft tools. 👉 krebsonsecurity.com

Starkiller Phishing Service: The Starkiller phishing service allows criminals to use dynamic links that mimic legitimate login pages and relay credentials, including MFA codes, effectively bypassing security measures. 👉 krebsonsecurity.com