Critical Security Flaw in Subaru Starlink System Exposed Remote Vehicle Access Risk
Researchers uncovered a severe vulnerability in Subaru's Starlink service that allowed unauthorized access to vehicles and customer data across multiple countries. The flaw, which could be triggered using basic customer information, enabled remote vehicle control and access to sensitive personal data.
The Privacy Paradox: Why Online Age Verification Systems Are More Complex Than Physical ID Checks
Recent state laws mandating online age verification for adult content face mounting criticism over privacy and security concerns. Unlike simple ID checks at stores, these digital systems create lasting records of sensitive data, raising risks of breaches and accessibility issues while achieving limited compliance.
Critical Security Flaws in Subaru Starlink System Expose Millions of Vehicles to Remote Access
Researchers uncovered vulnerabilities in Subaru's Starlink system that allowed unauthorized access to vehicle locations and remote control functions affecting millions of cars. The flaws enabled tracking of detailed location histories and control of features like door locks and engine start, raising broader privacy concerns in the automotive industry.
CISA Under Fire: Homeland Security Nominee Calls for Major Agency Overhaul
South Dakota Governor Kristi Noem, nominee for Secretary of Homeland Security, advocates for a streamlined CISA focused solely on cybersecurity threats. During Senate confirmation hearings, she criticized the agency's disinformation work while facing questions about her own cybersecurity record as governor.
Critical Vehicle Security Flaws Net $382,750 in Rewards at Pwn2Own Automotive 2025
Security researchers exposed 16 critical vulnerabilities in automotive systems during Pwn2Own Automotive 2025's opening day in Tokyo, focusing on infotainment systems, EV chargers, and operating systems. Multiple teams successfully demonstrated exploits of charging infrastructure, while a $500,000 Tesla autopilot challenge remained unattempted.
Sophisticated PNGPlug Malware Campaign Targets Chinese-Speaking Regions
Security researchers uncover a sophisticated cyber attack using PNGPlug loader to deploy ValleyRAT malware through deceptive software installers. The campaign, attributed to the Silver Fox group, specifically targets Chinese speakers in Hong Kong, Taiwan, and Mainland China with advanced malware delivery techniques.
Critical Security Flaw Exposes 4.2 Million Internet Devices to Tunneling Protocol Attacks
A major vulnerability in tunneling protocols has left millions of VPNs, routers, and network devices exposed to potential cyberattacks worldwide. Security researchers discovered multiple flaws that could enable anonymous attacks and unauthorized network access across China, France, Japan, US, and Brazil.
Supreme Court Likely to Uphold Texas Age Verification Law for Adult Websites
The Supreme Court appears set to uphold Texas legislation requiring age verification for accessing pornographic websites, with conservative justices expressing strong support during oral arguments. The case highlights growing concerns about protecting minors from explicit online content while balancing adult constitutional rights.
U.S. Treasury Sanctions Chinese Firm Over Major Government and Telecom Hacks
The U.S. Treasury Department imposed sanctions on a Chinese cybersecurity company and hacker linked to major breaches of government systems and telecommunications networks. The actions target actors connected to the Silk Typhoon group's infiltration of Treasury workstations and the largest telecommunications hack in U.S. history.
Major Data Breach at Wolf Haldenstein Law Firm Exposes 3.5 Million Americans' Sensitive Data
A significant cybersecurity incident at Wolf Haldenstein law firm has compromised sensitive personal information of 3.5 million individuals, including Social Security numbers and medical data. The breach went undetected for months before discovery in April 2024, raising concerns about identity theft and fraud risks.