It looks like Google is opening its wallet again. The tech giant has agreed to pay $8.25 million to settle a class-action lawsuit that claimed it was secretly collecting data from children. This case focused on how the tech giant handled the personal details of kids under the age of 13 who used apps from the Google Play Store.
Why the Lawsuit Was Filed - The legal trouble centered on a program called “Designed for Families” (DFF). This was supposed to be a safe space where parents could find
Cyber operations are increasingly viewed as a preparatory measure to influence the battlespace before conventional air or ground forces engage. Critical infrastructure such as power grids, communication networks, and information systems has become a strategic target. Disrupting these can impede decision-making, degrade defensive capabilities, and create openings for traditional military units. Recent reports from events concerning US cyber-attacks on Caracas in Venezuela and speculation about
Has your phone been prompting you for months to log into certain sites with a "passkey"? Security writer Kim Key of PC Mag explains why you might want to ditch your passwords in favor of passkeys.
JUANA SUMMERS, HOST: For months now, my phone has been nudging me to create passkeys. And every time it happens, I sort of pause because I don't actually know what a passkey is or whether it's something I actually need. I actually keep almost all of my passwords written down in the back of a secre
UDPGangster is a UDP-based backdoor associated with the MuddyWater threat group, which is known for its cyber espionage operations across the Middle East and neighboring regions. This malware enables remote control of compromised systems by allowing attackers to execute commands, exfiltrate files, and deploy additional payloads, all communicated through UDP channels designed to evade traditional network defenses.
Link to full report: IR-26-021-002_UDPgangster.pdf
FortiGuard Labs recently identified a multi-stage malware campaign primarily targeting users in Russia. The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign. These documents and accompanying scripts serve as visual distractions, diverting victims to fake tasks or status messages while malicious activity runs silently in the background.
As the attack chain progresses, it escalates into a full-system compromise that includes
military
In July 2025, Russian President Vladimir Putin proudly added a new nuclear submarine, the Knyaz Pozharsky, to the country’s fleet. He celebrated it as proof that Russia could still build powerful weapons despite Western sanctions. But the celebration didn’t last long. Only days later, Ukrainian cyber experts managed to hack into Russian military networks. They stole and leaked secret documents that revealed the submarine’s technical details, including its design, systems, and crew infor
A new warning has been issued over continued disruptive cyber-attacks against UK organizations, with local government bodies and operators of critical national infrastructure remaining key targets. Russian-aligned hacktivist groups are continuing to target UK and global organizations by attempting to disrupt operations, take websites offline and disable services. The activity is largely focused on denial-of-service (DoS) attacks intended to overwhelm websites and online systems, preventing acc
A US House subcommittee was warned on 13 January that without federal action, the automotive aftermarket faces an existential threat that would lead to a vertically integrated industry, reduced competition, higher prices, diminished quality and fewer choices for consumers.[1]
In a hearing with the United States House Committee on Energy and Commerce’s Subcommittee on Commerce, Manufacturing, and Trade (CMT), Auto Care Association President and CEO Bill Hanvey emphasized that safe, affordable, an
AI coding assistants are no longer just autocompleting lines of code, they are quietly making decisions for you. Tools like Claude Code are able to read projects, plan multi-step changes, install dependencies, and modify files with minimal human oversight. To make this possible, these assistants rely on plugin marketplaces, where third-party developers can enable ‘skills’ that teach the agent how to manage infrastructure, testing, and dependencies. Though powerful, the model requires a high d
Cybercriminals are increasingly proving they do not need software vulnerabilities to compromise organizations; they need convincing deception. Researchers at Securonix are warning of a sophisticated phishing campaign targeting the hospitality sector that uses fake Booking.com reservation cancellations, deceptive CAPTCHA pages, and a panic-inducing fake Windows Blue Screen of Death (BSOD) to deploy a remote access trojan (RAT). The campaign, named PHALT#BLYX, highlights how attackers are blendi
Large language models have become the engines behind some of the most impressive feats in contemporary computing. They write complex software, summarize scientific papers, and navigate intricate chains of reasoning. Yet as a recent study shows, these same systems falter on a task that most ten-year-olds can perform with pencil and paper. According to a new article from TechXplore and the accompanying research paper Why Can’t Transformers Learn Multiplication? Reverse-Engineering Reveals Long
AI coding assistants are no longer just autocompleting lines of code, they are quietly making decisions for you. Tools like Claude Code are able to read projects, plan multi-step changes, install dependencies, and modify files with minimal human oversight. To make this possible, these assistants rely on plugin marketplaces, where third-party developers can enable ‘skills’ that teach the agent how to manage infrastructure, testing, and dependencies. Though powerful, the model requires a high d
Amazon has prevented more than 1,800 suspected North Korean operatives from securing employment since April 2024, as the Pyongyang regime continues efforts to place IT workers in remote roles at Western companies to generate revenue for the regime. Amazon's Senior Vice President and Chief Security Officer, Stephen Schmidt, revealed the figures in a LinkedIn post, noting a 27% quarter-on-quarter increase in the number of detected DPRK-affiliated applications this year. The aim, he said, is for o
In a bold military exploit on 3 January 2026, US forces captured Venezuelan President Nicolás Maduro in Caracas, employing sophisticated cyber tactics to disable key infrastructure and facilitate the raid. The operation, named Absolute Resolve, involved coordinated efforts across cyber, space, and conventional domains, resulting in Maduro's arrest on charges of drug-trafficking and terrorism. President Donald Trump confirmed the use of cyber capabilities to induce a blackout in the capital, al
In 2025, the cybersecurity landscape revealed a pattern of opportunistic attacks exploiting familiar weaknesses, from unpatched devices to misconfigured cloud services. Criminal groups fragmented under pressure from law enforcement, while state actors amplified their reach through emerging tools. Geopolitical tensions fueled targeted operations, with Russia focusing on Europe and Ukraine, and China expanding influence in Africa and South America. Overall, the year saw a shift towards data thef
A federal judge in New York has affirmed an order compelling OpenAI to produce 20 million anonymized ChatGPT interaction logs in a consolidated copyright infringement case, according to a Bloomberg report. The decision, issued on 5 January 2026, marks a setback for the AI company amid ongoing litigation over the use of copyrighted material in its model training. The ruling stems from multidistrict litigation involving 16 lawsuits against OpenAI, brought by news organizations including The New Y
Krebs on Security first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes.[1] Today, we’ll dig through digital clues left behind by the hackers, network operators and services that appear to have benefitted from Kimwolf’s spread.
On 17 December 2025, the Chinese security firm XLab published a deep dive on Kimwolf, which forces infected devices to participate in
Blockchain investigation firm TRM Labs says ongoing cryptocurrency thefts have been traced to the 2022 LastPass breach, with attackers draining wallets years after encrypted vaults were stolen and laundering the crypto through Russian exchanges. In 2022, LastPass disclosed that attackers breached its systems by compromising a developer environment, stealing portions of the company's source code and proprietary technical information.[1]
In a later, but related security incident, the hackers bre
As the digital landscape continues to evolve, so too do the threats that organizations must contend with. In this year's final Reporter's Notebook conversation, cybersecurity experts Rob Wright from Dark Reading, David Jones from Cybersecurity Dive, and Alissa Irei from Tech Target Search Security share their insights on what the future holds for cybersecurity in 2026. Drawing from AI-summarized industry reports and expert opinions, the conversation highlights key trends, challenges, and oppor
2026 is a pivotal juncture for cyber security. What was once considered an operational safety net and a business cost item is now a determinant of long-term competitiveness, market confidence, and organizational resilience. The data unequivocally indicates that cyber danger is systemic rather than episodic.
Cybersecurity Ventures estimates that cybercrime lost $10.5 trillion in 2025, making it a major global economic driver. Cybercrime To Cost The World $12.2 Trillion Annually By 2031. The av
