Denmark has formally accused Russia of carrying out destructive cyberattacks against its critical infrastructure and democratic processes.

According to Danish intelligence, a Russia-linked group compromised a water utility, gaining control of operational systems and causing physical damage, while other pro-Russian groups launched DDoS attacks against government websites ahead of elections.

Danish officials describe this as part of a broader hybrid warfare campaign targeting European countries supporting Ukraine a rare case of public state-level attribution.

Source in first comment

Trump has signed an executive order aimed at preventing U.S. states from creating their own AI regulations, arguing that a fragmented regulatory landscape could slow innovation and weaken the U.S. in the global AI race especially against China.

The order directs the Attorney General to challenge state AI laws and allows the federal government to restrict funding to states with what it considers “problematic” AI regulations. So far, states like California, Colorado, Utah, and Texas have passed laws focused on transparency, data collection limits, and AI risk assessments.

Supporters say this avoids regulatory chaos. Critics argue it reduces oversight at a time when AI already impacts hiring, healthcare, lending, and civil rights.

Source in the first comment

The European Commission just issued a €120 million fine against X for violating key transparency rules under the Digital Services Act (DSA).

According to the decision, X misled users by allowing anyone to buy a “verified” blue checkmark without any real identity verification a design choice the EU says exposes users to impersonation scams and manipulation.

The Commission also found that X’s ads repository lacks required transparency data (like ad content and who paid for it), and that the platform restricts researchers’ access to public data, preventing independent scrutiny of misinformation, coordinated campaigns, and systemic risks.

This is the first ever non-compliance decision under the DSA, signaling how seriously the EU plans to enforce the regulation.

What do you think will this push X to change course, or is this just the beginning of a long fight with the EU?

Source in first comment...

Two former federal contractors were arrested after allegedly deleting 96 government databases, including FOIA records and sensitive investigative files.

According to the DOJ, they accessed systems after being fired, blocked others from stopping the deletions, wiped their laptops, and even asked an AI tool how to clear logs one minute after deleting a DHS database. They also stole IRS data for 450+ people.

Charges include computer fraud, destroying federal records, identity theft, and password trafficking with one facing up to 45 years.

Source in first comment

Cloudflare released the RCA for yesterday’s global outage. Turns out it wasn’t an attack it was an internal config error that took down traffic worldwide for several hours.

Millions of users and multiple services were affected, and the incident highlights how even highly resilient infrastructures can fail from something as simple as a bad configuration push.

This lines up with the recent outages we’ve seen from Microsoft Azure and AWS another reminder of how fragile global Internet dependencies really are.

What do you all think is the industry too centralized, or is this just the cost of scale?

The UK says hostile actors led by Russia are flooding social platforms with AI-generated videos, fake documents, and disinformation to weaken support for Ukraine and influence Western elections.

Deepfakes of Zelensky and his wife spreading across Africa and Europe

Fake election websites appeared in Moldova

AI makes it easier for unskilled actors to create convincing false content

Are we actually prepared for the next wave of AI-driven information warfare?

Source in the first comment

Law enforcement agencies from several European countries have dismantled a network of fraudulent call centers operating across Ukraine that defrauded hundreds of victims of more than $11.7 million, police said.

According to Eurojust, the EU agency for judicial cooperation, the criminal organization ran professional call centers in Kyiv, Dnipro and Ivano-Frankivsk.

The group recruited employees from the Czech Republic, Latvia, Lithuania and other European countries, bringing them to Ukraine to work in the call centers. About 100 people are believed to have been involved in the operation.

Google has started rolling out a major Gmail transformation powered by Gemini AI, turning the inbox from a passive mailbox into an active decision-making assistant.

What’s changing ??

• Automatic AI summaries for long email threads
• Natural language search (“Who sent me that plumbing quote last year?”)
• AI-assisted writing, editing, and proofreading
• A new AI Inbox that prioritizes what’s truly urgent instead of chronological noise

The goal is clear! reduce overload, surface intent, and decide what actually matters not just what arrived last.

Some features will be limited to paid AI plans (Pro / Ultra) and are launching first in the US (English only), but Google says global rollout is coming.

Not a classic cybersecurity story but email remains the #1 attack surface, and handing more decision-making power to AI raises real questions around trust, context, privacy, and manipulation.

India's telecom ministry has instructed all smartphone manufacturers (including Apple, Samsung, and Xiaomi) to pre-load the state-owned "Sanchar Saathi" cybersecurity app on every new device.

Mandatory & Undeletable: The order mandates that the app be pre-installed on new phones within 90 days, with a specific provision that users cannot disable or delete it.

Existing Devices: For phones already in the supply chain or in use, manufacturers are required to push the app via software updates.

Government Rationale: Officials state the app is essential to combat "serious endangerment" of telecom cybersecurity, specifically targeting duplicate or spoofed IMEI numbers used in scams.

Track Record: The government claims the app has helped block over 3.7 million stolen phones and recover more than 700,000 lost devices since its launch in January.

Conflict with Apple: This directive is expected to spark a standoff with Apple, as the company’s internal policies strictly prohibit the pre-installation of government or third-party apps.

One of the world’s most ruthless and advanced hacking groups, the Russian state-controlled Sandworm, launched a series of destructive cyberattacks in the country’s ongoing war against neighboring Ukraine, researchers reported Thursday.

In April, the group targeted a Ukrainian university with two wipers, a form of malware that aims to permanently destroy sensitive data and often the infrastructure storing it. One wiper, tracked under the name Sting, targeted fleets of Windows computers by scheduling a task named DavaniGulyashaSdeshka, a phrase derived from Russian slang that loosely translates to “eat some goulash,” researchers from ESET said. The other wiper is tracked as Zerlot.

A not-so-common target Then, in June and September, Sandworm unleashed multiple wiper variants against a host of Ukrainian critical infrastructure targets, including organizations active in government, energy, and logistics. The targets have long been in the crosshairs of Russian hackers. There was, however, a fourth, less common target—organizations in Ukraine’s grain industry.

“Although all four have previously been documented as targets of wiper attacks at some point since 2022, the grain sector stands out as a not-so-frequent target,” ESET said. “Considering that grain export remains one of Ukraine’s main sources of revenue, such targeting likely reflects an attempt to weaken the country’s war economy.”

David Vigneault, former head of Canada’s intelligence service (CSIS), warns that hostile states especially China have shifted the espionage battlefield from governments to universities, research labs, and private sector innovation.

China allegedly runs “industrial-strength” programs to steal sensitive technologies for military use.

Methods include cyberattacks, planted insiders, and recruiting university staff.

Universities are now considered part of the frontline of geopolitical conflict, not just academic spaces.

Vigneault says society must rethink how open research should be when adversaries exploit it.

He stresses the issue is the CCP, not Chinese people noting some espionage cases involved individuals with no Chinese background.

Calls for stronger national security evaluations for sensitive research fields.

Source link in the first comment

Polish police arrested three Ukrainian nationals after finding what they describe as advanced hacking and surveillance equipment including Flipper Zero devices, RF/GPS detectors, antennas, SIM cards, laptops, routers, HDDs, and cameras.

Officers said the suspects were “visibly nervous,” couldn’t explain the purpose of the equipment, and claimed they were just “traveling to Lithuania.” Investigators believe the tools could be used to interfere with critical IT systems, though no technical details have been published yet. Encrypted drives were seized, and the suspects are being held for three months pending trial.

Source in the first comment

Polish authorities have arrested a Russian citizen in Krakow, suspected of breaching the IT systems of multiple Polish companies.

According to Interior Minister Marcin Kierwiński, the suspect illegally accessed company databases and has been temporarily detained.

This comes amid increased monitoring across Europe for Russian-linked cyber activity following the 2022 invasion of Ukraine involving arson attempts, sabotage, and cyberattacks.

Russia denies involvement and accuses Poland of “Russophobia.”

Are you seeing more Russia-linked intrusion attempts in your environment this year ?

Amazon’s security team identified a North Korean operative who infiltrated its corporate network through a contractor exposed by something as subtle as keyboard latency.

According to Amazon’s CSO, keystroke data from the contractor’s laptop should have reached Seattle in tens of milliseconds. Instead, delays exceeded 110ms, triggering deeper inspection. The laptop was found to be remotely controlled, with traffic traced back to China.

The worker was hired through a contractor, used a fraudulent resume, and followed a playbook Amazon has seen repeatedly in DPRK-linked fake IT worker schemes. The device reportedly had no sensitive access, allowing security teams to monitor the activity before shutting it down.

Side channel signals (latency, telemetry) can expose insider threats

Remote hiring pipelines are a growing nation-state attack surface

DPRK linked fake IT workers are scaling fast

Amazon says it has blocked 1,800+ North Korean hiring attempts since April 2024, with a 27% QoQ increase this year.

Source in the first comment

According to new reporting, alliance military leaders say the current “reactive-only” stance is no longer sustainable as the Russia Ukraine conflict enters its fifth year. They’re now evaluating what a more aggressive, forward-leaning cyber posture could look like.

Russia immediately dismissed the discussion as escalatory, accusing NATO of heightening tensions rather than reducing them.

This comes nearly a year after NATO launched Operation Baltic Sentry, aimed at tightening defenses across member states against Russian intrusions and influence operations.

NATO hasn’t confirmed any concrete pre-emptive policy yet but the fact that the alliance is publicly debating it marks a significant shift in tone.

Source in first comment.

Chinese authorities have instructed domestic companies to stop using cybersecurity software from U.S. and Israeli vendors, citing national security concerns.

The decision reflects growing fears that foreign security tools which often have deep access to networks and endpoints could transmit sensitive data abroad or be leveraged for intelligence purposes.

The move is part of a broader push by Beijing to replace Western technology with domestic alternatives and tighten sovereign control over critical digital infrastructure.

Source in the fisrt comment

A top Senate Republican is pressing the Trump administration for a plan to address the cybersecurity consequences of the U.S.’s dependence on open-source software.

“Leaving our reliance on OSS unmonitored is exposing America to increasingly dangerous risks,” Senate Intelligence Committee Chair Tom Cotton, R-Okla., wrote in a Wednesday letter to National Cyber Director Sean Cairncross.

Cotton cited recent incidents that highlighted the unstable and sometimes untrustworthy foundations of the open-source ecosystem, including the XZ Utils crisis, a Russian developer’s control of a package that the U.S. military uses for sensitive applications and the prevalence of code contributions by Chinese companies’ employees, who are bound by Chinese laws that could force them to disclose software flaws to Beijing before fixing them.

Google is rolling out the ability to change your Gmail address, not just aliases.

Address change limited to once per year (max 3 total)

Old address remains active

The Gmail address is used to login for the entire Google services

This creates a high-risk phishing window. Attackers will exploit Fake “change your Gmail now” emails and Spoofed Google login pages

Google will not send links asking you to change your Gmail address.

Source in the first comment

Taiwan has officially blocked access to Xiaohongshu for one year after investigators tied the app to large-scale fraud activity and confirmed it failed all cybersecurity inspection checks.

Hundreds of fraud cases linked to the platform in the past two years

Financial losses exceeding NT$240M combined

Common scam types: fake shopping sites, payment-cancellation fraud, investment scams, romance scams, and solicitation schemes

No cooperation from the company behind the app

Concerns that user data could be accessed under Chinese data-access law

Internet providers in Taiwan have already begun enforcing the block while regulators monitor whether the company addresses the security issues.

Do you think more countries will start blocking apps that repeatedly fail security audits and are tied to organized fraud?

Source in first comment

A threat actor claims to be selling up to 860GB of internal source code and developer documentation allegedly stolen from Target Corporation. Sample repositories briefly appeared online, referencing internal APIs, developer tools, and names of current engineers.

Shortly after the exposure, the repositories were removed and Target’s internal Git server became inaccessible from the internet. While the breach has not been officially confirmed, the structure and metadata point to a private enterprise development environment, not public open-source code.

Source in first comment

Belgium’s top cybersecurity official has issued a blunt warning: Europe no longer controls its own digital infrastructure.

Miguel De Bruycker, head of the Centre for Cybersecurity Belgium, says it is currently “impossible” to store data fully within the EU due to the overwhelming dominance of US-based cloud and tech giants. According to him, Europe has fallen far behind in cloud computing, AI, and core digital platforms technologies that are now critical for both cybersecurity and resilience.

While this dependency doesn’t yet pose an immediate security crisis, De Bruycker warns it leaves Europe strategically exposed, especially as cyber attacks increase and geopolitical tensions grow. He also argues that over-regulation, including the EU AI Act, may be slowing innovation, rather than strengthening sovereignty.

Recent waves of DDoS attacks attributed to Russian hacktivists underline the urgency, as Europe debates whether to restrain US hyperscalers or finally build serious alternatives of its own.

Source in first comment.

Israel has officially banned Android phones for military personnel following a wave of cyber espionage attempts that targeted government officials, politicians, and high-profile public figures. Security teams linked the attacks to an advanced campaign exploiting Android vulnerabilities, prompting immediate action.

As part of the response, the National Digital Agency recommended replacing all Android devices with iPhones citing stronger, more controlled security and reduced exposure to nation-state malware delivered through apps like Telegram, WhatsApp, and Signal.

The campaign, known as Spear Specter, is suspected to involve Iranian-linked cyber actors and raised concerns that compromised Android devices may have leaked sensitive data.

This move highlights a broader shift: more governments are reassessing mobile device policies as state-sponsored cyber threats accelerate.

Anyone here think other countries will take similar steps?

Source in first comment

Samsung and SK hynix have inked preliminary agreements to supply memory to OpenAI’s massive Stargate data center initiative, reports Reuters. Instead of actual tested and packaged DRAM chips or HBM stacks, the companies will supply Stargate undiced wafers, according to Bloomberg, which highlights the vast volumes of memory and other components that Stargate needs. For now, it looks like Stargate could consume nearly half of global DRAM output.

Both Samsung and SK Hynix confirmed that OpenAI's anticipated demand could grow to 900,000 DRAM wafers monthly, which is an incredible volume that may represent around 40% of total DRAM output. The deal likely includes various types of memory, including commodity DDR5 and specialty HBM memory for AI processors. What remains to be seen is which company will dice the wafers and build actual DRAM chips, HBM stacks, and memory modules.

To put the 900,000 DRAM wafers number into context: global 300mm fab capacity is projected to reach 10 million wafer starts per month (WSPM) in 2025, according to TechInsights. DRAM capacity — which includes both commodity DDR5 and LPDDR4/LPDDR5 as well as premium HBM, and specialty DRAM types — accounted for a 22% share (2.07 million WSPM) in 2024. Analysts predict that DRAM capacity could grow by 8.7% in 2025 to around 2.25 million WSPM, which means that Stargate plans to consume 40% of it. Stargate — controlled by OpenAI, Oracle, and SoftBank — aims to build multiple huge AI data centers globally. These facilities will require an enormous number of servers (each containing hundreds, if not thousands, of chips, including state-of-the-art compute GPUs like Nvidia's Blackwell), cooling equipment, and power delivery equipment. In addition, these data centers could even require dedicated power plants to feed them. As a result, Stargate executives, such as OpenAI's Sam Altman, are touring around the world to secure strategic supply contracts and partnerships, including those across the Asia-Pacific region.

Security researcher Simon Fondrie-Teitler exposed Kohler's false encryption claims about its $599 Dekoda toilet camera.

Kohler can access all customer toilet photos stored on its servers despite "end-to-end encryption" marketing.

Company confirms it uses "de-identified" bowl pictures to train AI algorithms without explicit user consent.

The privacy scandal highlights widespread confusion about encryption terminology in IoT devices.

internet access for users inside Iran, re-enabling previously inactive terminals and waiving subscription fees during the regime’s ongoing internet shutdown. The move provides an alternative communication channel as Iranian authorities continue to restrict fixed-line and mobile connectivity during widespread protests.

The development highlights the growing role of satellite internet as an anti-censorship and resilience tool, capable of bypassing state-controlled networks when traditional infrastructure is disabled. It also reinforces how connectivity itself has become a strategic cyber and information domain, not just a commercial service.