Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: sec Clear Filter

Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack

bleepingcomputer.com Unknown 2025-07-20 03:41:49

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. The PoisonSeed threat actors are known to employ large-volume phishing attacks for financial fraud. In the past, distributing emails containing crypto seed phrases used to drain cryptocurrency wallets. In the recent phishing attack observed by Expel, the PoisonSeed threat actors

Topics: authentication device key phishing security
Read More
Shop Amazon

MCP Security Vulnerabilities and Attack Vectors

news.ycombinator.com Unknown 2025-07-20 04:14:19

Elevenlabs AudioNative Player Been digging into Model Context Protocol implementations lately and found some stuff that's keeping me up at night. Not because it's earth-shattering, but because it's the kind of boring security debt that bites you when you least expect it. This is Part 1 of a two-part series. Read Part 2: Actually Fixing This Mess → MCP is Anthropic's attempt at standardizing how AI models talk to external tools1. Instead of every AI app rolling their own integration layer, you

Topics: ai mcp security tool tools
Read More
Shop Amazon

A CarFax for Used PCs: Hewlett Packard wants to give old laptops new life

news.ycombinator.com Abu Baker 2025-07-16 09:02:37

The United Nations’ Global E-waste Monitor estimates that the world generates over 60 million tonnes of e-waste annually. Furthermore, this number is rising five times as fast as e-waste recycling. Much of this waste comes from prematurely discarded electronic devices. Many enterprises follow a standard three-year replacement cycle, assuming older computers are inefficient. However, many of these devices are still functional and could perform well with minor upgrades or maintenance. The issue i

Topics: data pcfax security telemetry usage
Read More
Shop Amazon

How OpenAI’s red team made ChatGPT agent into an AI fortress

venturebeat.com Louis Columbus 2025-07-20 09:13:52

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now In case you missed it, OpenAI yesterday debuted a powerful new feature for ChatGPT and with it, a host of new security risks and ramifications. Called the “ChatGPT agent,” this new feature is an optional mode that ChatGPT paying subscribers can engage by clicking “Tools” in the prompt entry box and selecting “agent mode,” at which point, t

Topics: agent chatgpt openai red security
Read More
Shop Amazon

Shutting Down Clear Linux OS

news.ycombinator.com Unknown 2025-07-20 10:45:12

After years of innovation and community collaboration, we’re ending support for Clear Linux OS. Effective immediately, Intel will no longer provide security patches, updates, or maintenance for Clear Linux OS, and the Clear Linux OS GitHub repository will be archived in read-only mode. So, if you’re currently using Clear Linux OS, we strongly recommend planning your migration to another actively maintained Linux distribution as soon as possible to ensure ongoing security and stability. Rest ass

Topics: clear intel linux os security
Read More
Shop Amazon

Phishers have found a way to downgrade—not bypass—FIDO MFA

arstechnica.com Unknown 2025-07-20 16:07:21

Researchers recently reported encountering a phishing attack in the wild that bypasses a multifactor authentication scheme based on FIDO (Fast Identity Online), the industry-wide standard being adopted by thousands of sites and enterprises. If true, the attack, reported in a blog post Thursday by security firm Expel, would be huge news, since FIDO is widely regarded as being immune to credential phishing attacks. After analyzing the Expel write-up, I’m confident that the attack doesn’t bypass F

Topics: attack device expel fido security
Read More
Shop Amazon

GrapheneOS makers take a knife to this ‘Google-free’ phone coming to the US (Updated)

androidauthority.com Unknown 2025-07-20 22:40:51

Update, July 18, 2025 (04:40 PM ET): We have just heard back from Fairphone in response to our inquiry. In a statement, the company explains: Fairphone and Murena have a strong, proud partnership that offers many users around the world a secure, sustainable, and modular smartphone alternative – with a clear focus on longevity and lasting value. We’re committed to delivering operating systems that meet market-standard security expectations. While we respect that there are different approaches to

Topics: 2025 android et fairphone security
Read More
Shop Amazon

When root meets immutable: OpenBSD chflags vs. log tampering

news.ycombinator.com Rafael Sadowski 2025-07-21 01:36:47

Why ISO 27001 Demands Immutable Logs (Without Actually Saying So) # ISO 27001 is like that careful lawyer who never says exactly what they mean – it tells you what needs to be achieved, not how to do it. When it comes to logging, this is particularly telling: Control A.12.4.2 simply states that “logging information and logging facilities shall be protected against tampering and unauthorized access.” Period. How? That’s your problem to solve. But anyone who’s ever had to investigate a security

Topics: log logs root secure var
Read More
Shop Amazon

GrapheneOS makers take a knife to this ‘Google-free’ phone coming to the US

androidauthority.com Unknown 2025-07-22 12:36:51

Paul Jones / Android Authority TL;DR The team behind the GrapheneOS platform has criticized the Fairphone Gen 6 for apparent security issues. The team added that the Fairphone model sold in the US lacks “bare minimum” privacy and security protections. Even the standard Fairphone Gen 6 was criticized for delayed software patches and the lack of a secure element. The Fairphone Gen 6 is one of the best Android phones to get if you want a repairable and sustainable smartphone experience. The dev

Topics: fairphone gen os security team
Read More
Shop Amazon

When Root Meets Immutable: OpenBSD Chflags vs. Log Tampering

news.ycombinator.com Rafael Sadowski 2025-07-22 12:36:47

Why ISO 27001 Demands Immutable Logs (Without Actually Saying So) # ISO 27001 is like that careful lawyer who never says exactly what they mean – it tells you what needs to be achieved, not how to do it. When it comes to logging, this is particularly telling: Control A.12.4.2 simply states that “logging information and logging facilities shall be protected against tampering and unauthorized access.” Period. How? That’s your problem to solve. But anyone who’s ever had to investigate a security

Topics: log logs root secure var
Read More
Shop Amazon

Microsoft Offers Free Windows 10 Security Updates for Those Who Don't Want to Upgrade to Windows 11

cnet.com See Full Bio 2025-07-22 15:13:03

The Windows 10 era is almost at an end. Microsoft is ending support for Windows 10 and stopping security support in October. Initially, Microsoft was offering a one-year extended security update for $30, but we've got some good news: Microsoft has added a free option, allowing you to stick with Windows 10 for another year. However, in order to access it, you'll need to use cloud backup and connect it with your OneDrive account. The ability to get free updates on Windows 10 is a pretty big deal

Topics: 10 microsoft security updates windows
Read More
Shop Amazon

Linux and Secure Boot certificate expiration

news.ycombinator.com Unknown 2025-07-22 12:53:31

Linux and Secure Boot certificate expiration [LWN subscriber-only content] Welcome to LWN.net The following subscription-only content has been made available to you by an LWN subscriber. Thousands of subscribers depend on LWN for the best news from the Linux and free software communities. If you enjoy this article, please consider subscribing to LWN. Thank you for visiting LWN.net! Linux users who have Secure Boot enabled on their systems knowingly or unknowingly rely on a key from Microsoft t

Topics: boot key linux secure shim
Read More
Shop Amazon

Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai

krebsonsecurity.com Unknown 2025-07-22 15:23:20

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 firms. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam te

Topics: ai company paradox password security
Read More
Shop Amazon

Elon Musk gets more time to respond to SEC suit over Twitter disclosure

cnbc.com Annie Palmer 2025-07-24 02:13:49

Elon Musk listens as US President-elect Donald Trump speaks during a House Republicans Conference meeting at the Hyatt Regency on Capitol Hill on November 13, 2024 in Washington, DC. The Securities and Exchange Commission has agreed to give Elon Musk more time to respond to its lawsuit over his alleged failure to properly disclose purchases of Twitter stock before bidding to buy the company. In a motion filed Thursday in U.S. District Court in Washington, the SEC said it had reached a joint ag

Topics: elon lawsuit musk sec twitter
Read More
Shop Amazon

Confident Security, ‘the Signal for AI,’ comes out of stealth with $4.2M

techcrunch.com Rebecca Bellan 2025-07-24 02:00:00

As consumers, businesses, and governments flock to the promise of cheap, fast, and seemingly magical AI tools, one question keeps getting in the way: How do I keep my data private? Tech giants like OpenAI, Anthropic, xAI, Google, and others are quietly scooping up and retaining user data to improve their models or monitor for safety and security, even in some enterprise contexts where companies assume their information is off limits. For highly regulated industries or companies building on the

Topics: ai data disrupt like security
Read More
Shop Amazon

I can't go back to grainy night vision after testing this security camera

zdnet.com Maria Diaz 2025-07-25 00:00:14

ZDNET's key takeaways The EufyCam S3 Pro is available separately for $220 or in a two-pack with the HomeBase 3 for $550. This EufyCam is an excellent 4K outdoor security camera that delivers on its night vision promises, features no monthly fees, and has dual motion detection to reduce false alerts. The biggest downsides are that the camera is expensive, especially when you bundle it with HomeBase 3, and its resolution drops to 1080p with HomeKit. $549.99 at Amazon Eufy Security launched a ne

Topics: camera eufycam pro s3 security
Read More
Shop Amazon

Mistakes Microsoft made in the Xbox security system (2005)

news.ycombinator.com Unknown 2025-07-24 17:23:12

From xboxdevwiki This article has been retrieved from [1]. We might have a similar article. [[]] by Michael Steil Introduction The Xbox is a gaming console, which has been introduced by Microsoft Corporation in late 2001 and competed with the Sony Playstation 2 and the Nintendo GameCube. Microsoft wanted to prevent the Xbox from being used with copied games, unofficial applications and alternative operating systems, and therefore designed and implemented a security system for this purpos

Topics: code microsoft rom secret xbox
Read More
Shop Amazon

Mistakes Microsoft made in the Xbox security system

news.ycombinator.com Unknown 2025-07-24 22:23:12

From xboxdevwiki This article has been retrieved from [1]. We might have a similar article. [[]] by Michael Steil Introduction The Xbox is a gaming console, which has been introduced by Microsoft Corporation in late 2001 and competed with the Sony Playstation 2 and the Nintendo GameCube. Microsoft wanted to prevent the Xbox from being used with copied games, unofficial applications and alternative operating systems, and therefore designed and implemented a security system for this purpos

Topics: code microsoft rom secret xbox
Read More
Shop Amazon

Faraday Future faces potential SEC enforcement action after three-year probe

techcrunch.com Sean O'Kane 2025-07-26 10:12:49

The Securities and Exchange Commission (SEC) has sent letters to Faraday Future founder Jia Yueting and president Jerry Wang, alerting them that they may soon face enforcement actions from the agency as the result of a three-year fraud investigation. The letters, known as “Wells Notices,” state that the commission’s staff has made an internal determination to recommend an enforcement action against the electric vehicle company, the two executives, and two former employees who weren’t named, acc

Topics: company faraday future jia sec
Read More
Shop Amazon

Samsung fixes the Secure Folder flaw that let anyone see what apps you’re hiding

androidauthority.com Unknown 2025-07-27 07:30:35

Mishaal Rahman / Android Authority TL;DR Samsung has patched a Secure Folder flaw that previously allowed anyone with physical access to see your hidden apps and photos. The vulnerability existed because Secure Folder was implemented as a “work profile,” which key system components didn’t recognize as a highly secure space. One UI 8 reclassifies Secure Folder as a “private” profile, ensuring system apps now correctly hide its sensitive files and app information from view. Samsung’s Secure Fo

Topics: folder private profile samsung secure
Read More
Shop Amazon

The Future of Social Security Looks Grim. 6 Tips to Help You Save for Retirement Now

cnet.com See Full Bio 2025-07-27 17:00:00

Getty Images/Zooey Liao/CNET Social Security payments can help you fund part of your retirement -- but don't bank on it as your only source of income. The Social Security trust fund is expected to dry up by 2034, according to the Social Security Administration. That's one year sooner than initially forecast. While the fund won't vanish completely, it's estimated that you'll only receive 81% of your benefits, at best. Why? The fund has been running out of money for years, but President Donald

Topics: money plan retirement security social
Read More
Shop Amazon

Windows KB5064489 emergency update fixes Azure VM launch issues

bleepingcomputer.com Unknown 2025-07-28 06:47:07

Microsoft has released an emergency update to fix a bug that prevents Azure virtual machines from launching when the Trusted Launch setting is disabled and Virtualization-Based Security (VBS) is enabled. The bug impacted Windows Server 2025 and Windows 11 24H2 and was introduced during the July Patch Tuesday security updates. "This update addresses an issue that prevented some virtual machines (VMs) from starting when Virtualization-Based Security (VBS) was enabled," explains Microsoft. "It a

Topics: microsoft security trusted update vms
Read More
Shop Amazon

Police disrupt “Diskstation” ransomware gang attacking NAS devices

bleepingcomputer.com Unknown 2025-07-28 14:53:08

An international law enforcement action dismantled a Romanian ransomware gang known as 'Diskstation,' which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. The law enforcement operation codenamed 'Operation Elicius' was coordinated by Europol and also involved police forces in France and Romania. Diskstation is a ransomware operation that targets Synology Network-Attached Storage (NAS) devices, which are commonly used by companies for centralized

Topics: access diskstation enforcement security systems
Read More
Shop Amazon

America’s EV Slowdown Is Here

gizmodo.com Luc Olinga 2025-07-28 18:02:13

The era of seemingly unstoppable growth for electric vehicles in the United States has come to a screeching halt. New sales figures for the second quarter of 2025 reveal a market in reverse, with momentum waning as the industry confronts significant headwinds from high prices and persistent consumer anxiety. According to a new report from Kelley Blue Book, the U.S. electric vehicle market, long seen as a bastion of growth, hit a significant speed bump, with sales dropping by more than 6% in a s

Topics: electric market new sales second
Read More
Shop Amazon

My favorite indoor security camera has no subscription fees

zdnet.com Maria Diaz 2025-07-28 22:39:40

ZDNET's key takeaways The Eufy Security Indoor Cam S350 is available for purchase at $130. The S350 indoor camera features dual telephoto and wide-angle lenses with 360-degree motion tracking and optional local storage to avoid monthly fees. The only drawback I've found is that I wish the camera had a button to engage privacy mode manually, but you can schedule it as needed on the app. View now at Amazon It's safe to say the Eufy Security Indoor Cam S350 has become indispensable in my home. W

Topics: camera eufy indoor motion security
Read More
Shop Amazon

Don't Want to Upgrade to Windows 11? Microsoft Offers Free Windows 10 Security Updates

cnet.com See Full Bio 2025-07-29 11:45:04

The era of Windows 10 is almost at an end. In October 2025, Microsoft is ending support for Windows 10 and stopping security support. Initially Microsoft was offering a one-year extended security update for $30, but we've got good news. Microsoft has added a free option, allowing you to stick with Windows 10 for another year. However, in order to access it, users will need to use cloud backup and connect it with their OneDrive account. The ability to get free updates on Windows 10 is a pretty b

Topics: 10 microsoft security updates windows
Read More
Shop Amazon

Anthropic signs a $200mm deal with the Department of Defense

news.ycombinator.com Unknown 2025-07-30 06:38:19

The U.S. Department of Defense (DOD), through its Chief Digital and Artificial Intelligence Office (CDAO), has awarded Anthropic a two-year prototype other transaction agreement with a $200 million ceiling. As part of the agreement, Anthropic will prototype frontier AI capabilities that advance U.S. national security. "This award opens a new chapter in Anthropic’s commitment to supporting U.S. national security, which is where our earliest federal deployments began more than a year ago,” said T

Topics: ai claude defense national security
Read More
Shop Amazon

Two new Android 16 security features protect you better - how to switch them on now

zdnet.com Jack Wallen 2025-07-30 13:59:00

JEFF PACHOUD/Getty Images Although Google's earlier-than-expected release of Android 16 was missing a few important features, the updated OS does deliver improved security that every Android user would be well-advised to enable. I'll explain these two key security features and how to find and enable them. Also: Google quietly confirms ChromeOS-Android merger - here's what it means for you 1. Identity Check This feature was added in 2024, but it didn't receive much attention until the releas

Topics: advanced android phone protection security
Read More
Shop Amazon

Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot

bleepingcomputer.com Unknown 2025-07-30 22:30:32

Dozens of Gigabyte motherboard models run on UEFI firmware vulnerable to security issues that allow planting bootkit malware that is invisible to the operating system and can survive reinstalls. The vulnerabilities could allow attackers with local or remote admin permissions to execute arbitrary code in System Management Mode (SMM), an environment isolated from the operating system (OS) and with more privileges on the machine. Mechanisms running code below the OS have low-level hardware access

Topics: binarly firmware gigabyte security vulnerabilities
Read More
Shop Amazon
Trending Topics
Hot Now
ai 1495 apple 1095 new 903 content 844 google 676
Popular
like 654 zdnet 647 amazon 646 does 527 company 527 reviews 520 editorial 506 day 492 app 480 said 450
Emerging
data 447 prime 446 samsung 398 phone 394 game 385 pro 384 just 373 android 352 deals 338 galaxy 323
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]