The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they are.

Should verified identities become the standard online? Australia’s social media ban for under-16s shows why the question matters.

If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do.

Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.

A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions

A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found

Sloppy implementation of Google spec leaves 'hundreds of millions' of devices vulnerable Hundreds of millions of wireless earbuds, headphones, and speakers are vulnerable to silent hijacking due to a flaw in Google's Fast Pair system that allows attackers to seize control without the owner ever touching the pairing button.…

Microsoft claims it's a Secure Launch bug We're not saying Copilot has become sentient and decided it doesn't want to lose consciousness. But if it did, it would create Microsoft's January Patch Tuesday update, which has made it so that some PCs flat-out refuse to shut down or hibernate, no matter how many times you […]

Ransomware kingpin who escaped Armenian custody is believed to be lying low back home German cops have added Russian national Oleg Evgenievich Nefekov to their list of most-wanted criminals for his services to ransomware.…

Check Point observes 40K+ attack attempts in 4 hours, with government organizations under fire A critical HPE OneView flaw is now being exploited at scale, with Check Point tying mass, automated attacks to the RondoDox botnet.…

Owner reverse-engineered his ride, revealing authentication was never properly individualized An Estonian e-scooter owner locked out of his own ride after the manufacturer went bust did what any determined engineer might do. He reverse-engineered it, and claims he ended up discovering the master key that unlocks every scooter the company ever sold.…

Researcher shows how anyone can access Copenhagen experience attendees' names, videos Exclusive  The Carlsberg exhibition in Copenhagen offers a bunch of fun activities, like blending your own beer, and the Danish brewer lets you relive those memories by making images available to download after the tour is over.…

This is a threat to security - and to the weekend for some unlucky netadmins Cisco finally delivered a fix for a maximum-severity bug in AsyncOS that has been under attack for at least a month.…

What's next for Venezuela? Click on the file and see What policy wonk wouldn't want to click on an attachment promising to unveil US plans for Venezuela? Chinese cyberspies used just such a lure to target US government agencies and policy-related organizations in a phishing campaign that began just days after an American military operation […]

Fix landed in July, but OEM firmware updates are required If you use virtual machines, there's reason to feel less-than-Zen about AMD's CPUs. Computer scientists affiliated with the CISPA Helmholtz Center for Information Security in Germany have found a vulnerability in AMD CPUs that exposes secrets in its secure virtualization environment.…

Office workers without AI experience warned to watch for prompt injection attacks - good luck with that Anthropic's tendency to wave off prompt-injection risks is rearing its head in the company's new Cowork productivity AI, which suffers from a Files API exfiltration attack chain first disclosed last October and acknowledged but not fixed by Anthropic.…