White House to Launch Smart Device Security Label Program in 2025
The U.S. government is introducing the Cyber Trust Mark program to help consumers identify secure IoT devices through QR code labels. Similar to Energy Star ratings, the initiative will require devices to meet NIST cybersecurity standards and receive certification from approved testing administrators.
Chinese Vessel Suspected in Strategic Taiwan-US Undersea Cable Sabotage
A Chinese-linked cargo ship is under investigation for deliberately damaging a critical undersea internet cable connecting Taiwan and the US, raising regional security concerns. The incident follows similar cases of suspected cable sabotage and comes amid increasing cyberattacks targeting Taiwan's infrastructure.
Critical Security Flaw in Popular WordPress Backup Plugin Threatens Millions of Sites
A severe vulnerability discovered in UpdraftPlus WordPress plugin puts over 3 million websites at risk of code execution attacks. The high-severity flaw affects all versions up to 1.24.11 and requires immediate updating to the patched version.
AI-Powered Cyber Threats Set to Cause $10.5 Trillion in Damages by 2025
Artificial intelligence is transforming cybersecurity threats, with sophisticated phishing and ransomware attacks specifically targeting small and medium businesses. Organizations must adopt multi-layered defense strategies as AI-driven attacks become increasingly harder to detect and more financially devastating.
Cryptocurrency Mining Malware Infiltrates Home Server Through Exposed Docker Container
A cybersecurity researcher's personal server was hijacked by Kinsing malware after briefly exposing a Docker database container online. The incident highlights critical security lessons for home server administrators and the growing sophistication of threats targeting personal networks.
Voltage Glitch Attack Cracks 'Unhackable' Raspberry Pi Chip, Claims $20K Bounty
Engineer Aedan Cullen breached the RP2350 microcontroller's security through an innovative voltage manipulation technique, accessing protected memory despite multiple security layers. The hack exposed critical vulnerabilities in hardware-based security measures and may earn Cullen a $20,000 bounty.
Chinese Hackers Breach Senior US Treasury Officials' Computers in Major Security Incident
Chinese state-sponsored hackers compromised approximately 100 US Treasury Department computers, accessing sensitive but unclassified information through a third-party security vendor. The breach exposed internal documents and communications, though classified systems remained secure.
New Guidelines Aim to Standardize Cyber Threat Actor Naming Conventions
Security experts have released comprehensive recommendations to address the chaos in naming malicious cyber threat actors, targeting issues like multiple aliases and ambiguous naming practices. The new RFC document provides practical guidelines for organizations to improve threat intelligence sharing and analysis.
Google Chrome Extension Vulnerability Exposes Millions to 2FA Bypass Attacks
A sophisticated phishing campaign targeting Chrome extensions has compromised two-factor authentication protection for millions of users since December 2023. The attacks, including a major breach at Cyberhaven, allow hackers to steal and reuse authentication cookies to bypass security measures.
China's Cyber Assault: Unraveling the Wave of State-Sponsored Attacks on US Infrastructure
A series of sophisticated cyber attacks targeting US government agencies and telecommunications giants has been attributed to Chinese state-sponsored hackers, marking what FBI officials call China's most extensive cyber-espionage campaign. The breaches have compromised sensitive data across multiple sectors, including the Treasury Department and major telecom providers.