French retail giant Auchan has confirmed a significant cybersecurity incident that resulted in unauthorized access to personal information belonging to hundreds of thousands of customers. The breach specifically targeted the company’s customer loyalty program database, prompting immediate incident response measures and customer notifications across affected regions. Scope and Nature of the Data Compromise According to … Read more

Microsoft reports it has found no evidence that the August security update for Windows 11 24H2 (KB5063878) is causing SSD or HDD failures, despite a wave of user posts linking the patch to drive dropouts and potential data loss. According to the company, internal telemetry and controlled test runs did not reveal disk anomalies after … Read more

The cybersecurity landscape has witnessed a dramatic tactical shift as threat actors abandon traditional mass phishing campaigns in favor of sophisticated, targeted attacks against software developers. Security researchers have documented an unprecedented surge in malicious activities exploiting popular development platforms like GitHub and GitLab, where attackers deploy fake open-source projects as vectors for malware distribution. … Read more

Electronic Arts has confirmed that the Battlefield 6 PC open beta requires Secure Boot enabled in Windows and UEFI/BIOS. The move sparked debate due to the anti‑cheat’s low‑level access, but EA says the decision is already paying off: within the first 48 hours, the Javelin anti‑cheat engine blocked 330,000 tampering and cheating attempts and received … Read more

Mozilla has released security updates for CVE-2025-6430, a medium‑severity browser vulnerability (CVSS v4.0: 6.1) reported by Daniil Satyaev of Positive Technologies. Under certain conditions, the flaw could be chained with cross-site scripting (XSS) to enable credential theft and phishing redirects. Patches are available for Firefox, the Extended Support Release (ESR), and Thunderbird. Affected versions and … Read more

The Russian Ministry of Digital Development has introduced a controversial legislative package aimed at combating cybercrime that could fundamentally reshape the country’s cybersecurity landscape. The proposed amendments to Federal Law No. 149-FZ raise significant concerns among industry professionals and may inadvertently hinder cybersecurity advancement rather than enhance it. Understanding the Proposed Legislative Changes The draft … Read more

Cybersecurity researchers at ESET have uncovered PromptLock, a groundbreaking ransomware variant that represents the first documented case of malware leveraging artificial intelligence to generate malicious code. While the discovered sample appears to be in developmental stages, its emergence signals a significant evolution in cyber threat landscape where AI technologies are being weaponized by cybercriminals. Technical … Read more

Cybersecurity researchers from Trail of Bits have unveiled a groundbreaking attack methodology that exploits artificial intelligence systems through invisible malicious prompts embedded within images. This sophisticated technique poses significant risks to modern AI platforms and demands immediate attention from developers and security professionals worldwide. Understanding Hidden Prompt Injection Mechanisms The innovative attack leverages high-quality image … Read more

The Federal Bureau of Investigation (FBI), in collaboration with Dutch law enforcement agencies, has successfully dismantled VerifTools, a sophisticated illegal marketplace that specialized in mass production and distribution of fraudulent identification documents. This coordinated international operation represents a significant victory in the ongoing battle against cybercrime and identity fraud networks. Inside the VerifTools Criminal Enterprise … Read more

Cybersecurity researchers have discovered a critical vulnerability in Docker Desktop that poses significant risks to Windows and macOS users. The security flaw, designated as CVE-2025-9074, carries a critical CVSS score of 9.3 and enables complete host system compromise through sophisticated attack vectors that bypass existing security mechanisms. Understanding the CVE-2025-9074 Security Vulnerability The newly identified … Read more