Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: security Clear Filter

Using AI to secure AI

news.ycombinator.com Matt Sayar 2025-11-18 04:36:06

One of Anthropic's quieter releases recently was their "Security Review," where Claude Code can identify and fix security issues in your code. But how good is it really? In my case, will it find issues with code it helped me write for my newsletter service and Chrome extension? The release states it uses a "specialized security-focused prompt that checks for common vulnerability patterns." After throwing so much compute at model training, LLMs are nearing the top of the S-Curve, so finding ways

Topics: claude code review security testing
Read More
Shop Amazon

Rain: Transiently Leaking Data from Public Clouds Using Old Vulnerabilities

news.ycombinator.com Unknown 2025-11-14 00:42:11

OpenReview Anonymous Preprint Submission696 Authors Keywords : Cloud computing security; Hardware security; Systems security TL;DR : Leaking memory across virtual machine boundaries at a public cloud provider, bypassing mitigations against these types of attacks. Abstract : Given their vital importance for governments and enterprises around the world, we need to trust public clouds to provide strong security guarantees even in the face of advanced attacks and hardware vulnerabilities. While t

Topics: attacks clouds end security vulnerabilities
Read More
Shop Amazon

Letting inmates run the asylum: Using AI to secure AI

news.ycombinator.com Matt Sayar 2025-11-19 04:36:06

One of Anthropic's quieter releases recently was their "Security Review," where Claude Code can identify and fix security issues in your code. But how good is it really? In my case, will it find issues with code it helped me write for my newsletter service and Chrome extension? The release states it uses a "specialized security-focused prompt that checks for common vulnerability patterns." After throwing so much compute at model training, LLMs are nearing the top of the S-Curve, so finding ways

Topics: claude code review security testing
Read More
Shop Amazon

Microsoft reminds of Windows 10 support ending in two months

bleepingcomputer.com Unknown 2025-11-19 14:09:18

Microsoft has reminded customers that Windows 10 will be retired in two months after all editions of Windows 10, version 22H2 reach their end of servicing on October 14. On the same date, Windows 10 2015 LTSB and Windows 10 IoT Enterprise LTSB 2015 will also reach the end of extended support. After Windows 10 is retired, Microsoft will no longer provide bug fixes or technical assistance for issues affecting the system's security, stability, or usability. "On October 14, 2025, Windows 10, vers

Topics: 10 11 enterprise security windows
Read More
Shop Amazon

Plex warns users to patch security vulnerability immediately

bleepingcomputer.com Unknown 2025-11-20 05:41:16

Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability. The company has yet to assign a CVE-ID to track the flaw and didn't provide additional details regarding the patch, only saying that it impacts Plex Media Server versions 1.41.7.x to 1.42.0.x. Yesterday, four days after releasing security updates that addressed the mysterious security bug, Plex emailed those running affected versions to update their software

Topics: media plex security server vulnerability
Read More
Shop Amazon

Computing’s Top 30: Zhihao “Zephyr” Yao

computer.org Laurel Tweed 2025-11-22 03:00:10

On a typical mobile device today, financial and medical apps nestled up next to everything from karaoke playlists to time-killing games like Fruit Ninja. How to secure data that matters in this diverse digital buffet is a challenge for many researchers. For Zhihao “Zephyr” Yao, it’s a challenge that fuels his life’s work and also led to an award-winning project. That project—which earned ACM MobiSys 2023’s Best Artifact Award—demonstrated that making systems less complex can actually enhance m

Topics: hardware mobile new research security
Read More
Shop Amazon

Canada’s House of Commons investigating data breach after cyberattack

bleepingcomputer.com Unknown 2025-11-22 09:06:43

The House of Commons of Canada is currently investigating a data breach after a threat actor reportedly stole employee information in a cyberattack on Friday. While the lower house of the Parliament of Canada has yet to issue a public statement regarding this incident, CBC News reports that House of Commons staff were notified of a breach on Monday via email. The alert states that the attacker exploited a recent Microsoft vulnerability to gain access to a database containing sensitive informat

Topics: commons cse house microsoft security
Read More
Shop Amazon

Microsoft patches more than 100 Windows security flaws - update your PC now

zdnet.com Lance Whitney 2025-11-22 09:54:15

Elyse Betters Picaro / ZDNET ZDNET's key takeaways The August Patch Tuesday update for Windows fixes 107 security flaws. Among all the security flaws, 13 are ranked as critical. Also adds the new Black Screen of Death and Quick Machine Recovery. Microsoft's August Patch Tuesday update adds a couple of cool new features. But the main reason you'll want to install it is to squash a large array of security bugs. Patches 107 flaws, including 13 critical Released this past Tuesday, the latest

Topics: new pc security update windows
Read More
Shop Amazon

CISA warns of N-able N-central flaws exploited in zero-day attacks

bleepingcomputer.com Unknown 2025-11-22 22:15:14

​CISA warned on Wednesday that attackers are actively exploiting two security vulnerabilities in N‑able's N-central remote monitoring and management (RMM) platform. N-central is commonly used by managed services providers (MSPs) and IT departments to monitor, manage, and maintain client networks and devices from a centralized web-based console. According to CISA, the two flaws can allow threat actors to gain command execution via an insecure deserialization weakness (CVE-2025-8875) and inject

Topics: 2025 central cisa cve security
Read More
Shop Amazon

Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild

bleepingcomputer.com Unknown 2025-11-23 18:23:15

Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM is a central security monitoring and analytics system used for logging, network telemetry, and security incident alerts, serving as an integral part of security operation centers, where it's an essential tool in the hands of IT ops teams and analysts. The product is generally used by governments,

Topics: exploit flaw fortinet fortisiem security
Read More
Shop Amazon

Report: Apple planning ecosystem of home security devices to compete with Ring and Nest

9to5mac.com Chance Miller 2025-11-24 04:36:46

A new report from Bloomberg dives deep into Apple’s plans to lean on artificial intelligence as a way to expand into robotics, home security, and smart displays. One interesting tidbit in the report is that Apple is aiming to develop a system of smart home cameras and other home security products to compete with the likes of Amazon’s Ring brand. Bloomberg first reported that Apple was developing a home doorbell with support for Face ID last December. As it turns out, the company’s ambitions ex

Topics: apple device home room security
Read More
Shop Amazon

Supporting org.apache.xml.security in graalVM

news.ycombinator.com Unknown 2025-11-25 04:03:04

Supporting org.apache.xml.security in graalVM When working today at out european trusted lists feature $DAY_JOB we had an issue which was coming from org.apache.xml.security when trying to run our testsuite natively compiled with graalVM. java.util.MissingResourceException: Can't find bundle for base name org/apache/xml/security/resource/xmlsecurity locale en_US -H:IncludeResourceBundles=org.apache.xml.security.resource.xmlsecurity org.apache.xml.security.signature.XMLSignatureException: The

Topics: apache need org security xml
Read More
Shop Amazon

When DEF CON partners with the U.S. Army

news.ycombinator.com Jack Poulson 2025-11-25 04:33:45

DEF CON founder Jeff “Dark Tangent” Moss (left) downing a jello shot and shouting “Go Army” at the end of his fireside chat with former National Security Agency director Paul M. Nakasone (right) on Friday. The previously imprisoned hacktivist Jeremy Hammond was ejected from the conference shortly afterward, yelling “Free Palestine!” Amidst a backdrop of continually airborne beach balls and a remix of the indie rock hit “Heads Will Roll,” entrants to the ‘Arcade Party’ on the second floor of the

Topics: conference def intelligence nakasone security
Read More
Shop Amazon

The end of perimeter defense: When your own AI tools become the threat actor

venturebeat.com Louis Columbus 2025-11-25 18:04:55

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Russia’s APT28 is actively deploying LLM-powered malware against Ukraine, while underground platforms are selling the same capabilities to anyone for $250 per month. Last month, Ukraine’s CERT-UA documented LAMEHUG, the first confirmed deployment of LLM-powered malware in the wild. The malware, attributed to APT28, utilizes stolen Hugging

Topics: ai cato malware security simonovich
Read More
Shop Amazon

Android's pKVM hypervisor earns SESIP Level 5 security certification

bleepingcomputer.com Unknown 2025-11-27 09:00:00

Google announced that its protected Kernel-based Virtual Machine (pKVM) for Android has achieved SESIP Level 5 certification, the highest security assurance level for IoT and mobile platforms. The pKVM is the hypervisor underpinning the Android Virtualization Framework (AVF), providing an isolated, high-assurance environment for executing critical workloads. These include Google's AI models like Gemini Nano for local personal data processing, biometric authentication (face, fingerprint), DRM co

Topics: data google level pkvm security
Read More
Shop Amazon

Best Home Security Cameras With Floodlights in 2025: Illuminate Your Yard

cnet.com See Full Bio 2025-11-27 09:00:00

Does the camera have night vision? Does it have extra features like color night vision? Does the floodlight camera have adjustable motion detection? Does it have motion zones or sensitivity options? Does it include objection recognition for people? Are there extra costs for these features? Do you prefer a wired or wireless camera? Do you have a junction box where you want to install a wired camera or are you willing to have one installed? Can you control the brightness of the camera's floodli

Topics: best camera floodlight home security
Read More
Shop Amazon

Blackwater’s founder would like to sell you a privacy phone made in the USA

theverge.com Dominic Preston 2025-11-27 09:00:00

Unplugged, a company cofounded and backed by Erik Prince, who is also the founder of infamous private military contractor Blackwater, has just released a new version of its “privacy-first” UP Phone that will be made in the US — at some point. The original UP Phone was described by the company as “the ultimate privacy-focused smartphone” and by privacy platform GrapheneOS as “a clear cut scam.” (It was first announced in June 2022, though it didn’t reach customers until 2024; Unplugged wouldn’t

Topics: phone prince privacy security unplugged
Read More
Shop Amazon

A Unified Approach to Branch Security and SD-WAN: Streamlining Operations

computer.org Laurel Tweed 2025-11-27 11:00:51

The way we work has fundamentally shifted, with hybrid and remote models becoming a widespread reality. This evolution brings tremendous benefits but also presents significant challenges for IT and security teams tasked with ensuring seamless access to applications and protecting sensitive data outside the traditional corporate perimeter. Traditionally, network deployments often routed all internet traffic back to a central site through a perimeter firewall. While this provided security, backha

Topics: access internet network secure security
Read More
Shop Amazon

The ex-CIA agents deciding Facebook's content policy (2022)

news.ycombinator.com Alan Macleod 2025-11-27 14:07:34

It is an uncomfortable job for anyone trying to draw the line between “harmful content and protecting freedom of speech. It’s a balance”, Aaron says. In this official Facebook video, Aaron identifies himself as the manager of “the team that writes the rules for Facebook”, determining “what is acceptable and what is not.” Thus, he and his team effectively decide what content the platform’s 2.9 billion active users see and what they don’t see. Aaron is being interviewed in a bright warehouse-turn

Topics: cia facebook intelligence meta security
Read More
Shop Amazon

275M patient records breached—How to meet HIPAA password manager requirements

bleepingcomputer.com Unknown 2025-11-27 23:57:05

In 2024, the healthcare sector experienced over 700 data breach incidents, which is higher than any other industry, including finance. These breaches exposed more than 275 million patient records, with password-related vulnerabilities serving as the primary attack vector in most of the cases. While threat actors use various penetration methods, compromised credentials remain the most consistent and damaging entry point. These statistics reflect a fundamental threat to patient and organizationa

Topics: healthcare hipaa organizations password security
Read More
Shop Amazon

Trump strikes “wild” deal making US firms pay 15% tax on China chip sales

arstechnica.com Unknown 2025-11-30 04:31:51

Ahead of an August 12 deadline for a US-China trade deal, Donald Trump's tactics continue to confuse those trying to assess the country's national security priorities regarding its biggest geopolitical rival. For months, Trump has kicked the can down the road regarding a TikTok ban, allowing the app to continue operating despite supposedly urgent national security concerns that China may be using the app to spy on Americans. And now, in the latest baffling move, a US official announced Monday t

Topics: china deal national security trump
Read More
Shop Amazon

Cutting Through the Security Noise: How XDR helps Teams Focus on Real Threats

computer.org Laurel Tweed 2025-11-30 06:00:39

Extended Detection and Response (XDR) is a modern security technology designed primarily as a Security Operations Centre (SOC) enabler tool. It addresses the complexities and challenges faced by security teams in today’s evolving threat landscape. The core idea behind XDR is to take challenging incident response processes and make security analysts more effective, even at more junior levels. The term XDR itself has emerged over the last few years and can be seen as somewhat nebulous, with diffe

Topics: data response security tools xdr
Read More
Shop Amazon

Hyundai wants Ioniq 5 owners to pay to fix a keyless entry security hole

theverge.com Tom Warren 2025-12-01 10:52:30

is a senior editor and author of Notepad , who has been covering all things Microsoft, PC, and tech for over 20 years. Posts from this author will be added to your daily email digest and your homepage feed. Hyundai is now offering an “optional” security upgrade for the Ioniq 5 in the UK that prevents the car being stolen with a Game Boy-like device. Hyundai wants some Ioniq 5 owners to pay a £49 ($65) to upgrade hardware and software components to prevent thieves using handheld devices to unlo

Topics: cars hyundai ioniq kia security
Read More
Shop Amazon

Encryption made for police and military radios may be easily cracked

arstechnica.com Unknown 2025-11-30 18:18:47

Two years ago, researchers in the Netherlands discovered an intentional backdoor in an encryption algorithm baked into radios used by critical infrastructure–as well as police, intelligence agencies, and military forces around the world–that made any communication secured with the algorithm vulnerable to eavesdropping. When the researchers publicly disclosed the issue in 2023, the European Telecommunications Standards Institute (ETSI), which developed the algorithm, advised anyone using it for

Topics: algorithm encryption end etsi security
Read More
Shop Amazon

Ex-NSA Chief Paul Nakasone Has a Warning for the Tech World

wired.com Lily Hay Newman 2025-12-01 04:21:40

The Trump administration's radical changes to United States fiscal policy, foreign relations, and global strategy—combined with mass firings across the federal government—have created uncertainty around US cybersecurity priorities that was on display this week at two of the country's most prominent digital security conferences in Las Vegas. “We are not retreating, we're advancing in a new direction,” Cybersecurity and Infrastructure Security Agency chief information officer Robert Costello said

Topics: cybersecurity discussion moss nakasone world
Read More
Shop Amazon

It's Staggeringly Easy for Hackers to Trick ChatGPT Into Leaking Your Most Personal Data

futurism.com Unknown 2025-12-01 00:30:27

OpenAI's ChatGPT can easily be coaxed into leaking your personal data — with just a single "poisoned" document. As Wired reports, security researchers revealed at this year's Black Hat hacker conference that highly sensitive information can be stolen from a Google Drive account with an indirect prompt injection attack. In other words, hackers feed a document with hidden, malicious prompts to an AI that controls your data instead of manipulating it directly with a prompt injection, one of the mo

Topics: ai chatgpt data prompt security
Read More
Shop Amazon

Ask Engadget: What are my options when Windows 10 support ends on October 14?

engadget.com Unknown 2025-12-02 14:05:35

Q: I'm hearing that Microsoft is pulling the plug on Windows 10 later this year. What does that mean for my current Windows 10 PC, and what are my options? A: Microsoft will officially end support for Windows 10 on October 14, 2025, a little over 10 years after the operating system was released. While you can continue to use Windows 10 PCs after that date — and it's understandable why, I gave it a glowing review at launch — you'll no longer receive any customer support, security updates or any

Topics: 10 microsoft new security windows
Read More
Shop Amazon

Why I ditched Google Chrome for Firefox Focus within 10 minutes of using the mobile browser

zdnet.com Jack Wallen 2025-12-03 17:30:17

Jack Wallen / Elyse Betters Picaro / ZDNET ZDNET's key takeaways Firefox Focus is a security and privacy-focused mobile browser. This browser offers a minimal UI and maximum privacy features. Firefox Focus is available for both Android and iOS. I've run the gamut of web browsers on Android, and every time I think I've found "the one," I discover a reason not to use it. That reason might be a cluttered UI, a lack of options, or not enough security. Recently, however, I came across a browser

Topics: browser firefox focus privacy security
Read More
Shop Amazon

Black Hat 2025: Why your AI tools are becoming the next insider threat

venturebeat.com Louis Columbus 2025-12-03 17:35:56

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Cloud intrusions increased by 136% in the past six months. North Korean operatives infiltrated 320 companies using AI-generated identities. Scattered Spider now deploys ransomware in under 24 hours. However, at Black Hat 2025, the security industry demonstrated that it finally has an answer that works: agentic AI, delivering measurable resu

Topics: agentic ai security threat using
Read More
Shop Amazon

Encryption made for police and military radios may be easily cracked

news.ycombinator.com Kim Zetter 2025-12-04 17:30:04

Two years ago, researchers in the Netherlands discovered an intentional backdoor in an encryption algorithm baked into radios used by critical infrastructure–as well as police, intelligence agencies, and military forces around the world–that made any communication secured with the algorithm vulnerable to eavesdropping. When the researchers publicly disclosed the issue in 2023, the European Telecommunications Standards Institute (ETSI), which developed the algorithm, advised anyone using it for

Topics: algorithm encryption end etsi security
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3666 apple 3044 new 2418 google 2036 content 1735
Popular
like 1506 company 1433 pro 1339 iphone 1180 app 1133 zdnet 1116 said 1070 data 1054 does 910 reviews 895
Emerging
editorial 874 amazon 862 game 811 samsung 779 phone 768 pixel 761 android 743 just 724 users 689 available 686
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]