Featured
Hijacked AWS Storage Buckets Expose Major Organizations to Supply Chain Attacks

Security researchers discovered 150 abandoned AWS S3 storage buckets previously used by major organizations that could be easily re-registered and hijacked. The vulnerability allowed researchers to gain control over storage locations still receiving millions of requests from government agencies and corporations.
European Surveillance Campaign Exposed: Paragon Spyware Targets Journalists and Activists

Italian authorities reveal widespread deployment of Paragon Solutions' surveillance technology targeting individuals across 14 European countries. The operation, affecting journalists and activists, has sparked investigations into potential surveillance abuse despite the company's claims of ethical standards.
Okta Bcrypt Vulnerability Exposes Critical API Design Flaws

A security incident at Okta revealed how Bcrypt's 72-character input limitation could be exploited to bypass authentication in certain conditions. The case highlights crucial lessons for modern API design, emphasizing explicit input validation over silent modifications.
Cybercriminals Target Organizations with Sophisticated ADFS Phishing Scheme

Security researchers have uncovered a sophisticated phishing campaign targeting organizations using Microsoft ADFS, with attackers creating convincing fake login portals to steal credentials and bypass MFA. The scam has affected over 150 organizations across education, healthcare, government and technology sectors, primarily in the US, Canada, Australia and Europe.
Security Experts Alarmed as DOGE Gains Unprecedented Access to Federal Systems

Cybersecurity professionals raise red flags over security breaches as Elon Musk's Department of Government Efficiency obtains access to sensitive Treasury and OPM systems. Growing concerns emerge about data exposure and employee safety as protests mount against controversial security protocol violations.
Hidden Threat: Security Expert Exposes Dangerous Vulnerability in Modified USB Cables

Cybersecurity researcher Mike Grover demonstrates how a seemingly innocent charging cable can be weaponized to remotely access and control computers from up to 300 feet away. The modified cable can capture keystrokes, implant malware, and execute malicious commands without detection.
Chinese CDN Exploits AWS and Azure in Massive Cloud Infrastructure Abuse Scheme

Investigation reveals Funnull, a Chinese CDN, is misusing AWS and Azure cloud services to host scam websites through deceptive IP address cycling. The scheme involves over 1,400 rented IPs used for investment scams and fake gambling operations, highlighting growing challenges in cloud security.
OpenEuroLLM: Europe's €52M Bid for AI Independence

A powerful European alliance launches OpenEuroLLM, a €52 million open-source initiative to develop language models reflecting European values. The project unites 20+ research institutions and tech companies in a bid to reduce dependence on foreign AI while maintaining transparency and cultural diversity.
Bluesky Surpasses 30 Million Users as Decentralized Social Media Platform Gains Momentum

Decentralized social network Bluesky hits major milestone with 30 million users, attracting high-profile figures and news organizations. The platform differentiates itself through AT Protocol, enhanced moderation tools, and a stance against AI training using user content.