Elon Musk’s X botched its security key switchover, locking users out
As part of an effort to retire the old Twitter.com domain, X is requiring passkey and security key users to re-enroll — but are getting stuck in endless loops and unable to finish.
cybersecurity
Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage
Australia’s intelligence chief warned that Chinese hackers are trying to break into its networks, sometimes successfully, to “pre-position” for sabotage ahead of an anticipated invasion of Taiwan.
Why a lot of people are getting hacked with government spyware
Government surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficult to justify, given the broad range of victims — journalists, activists, and now political consultants — that have come forward.
Washington Post confirms data breach linked to Oracle hacks
The Washington Post is the latest victim of a hacking campaign by the notorious Clop ransomware gang, which relied on vulnerabilities in Oracle software used by many corporations.
Congressional Budget Office confirms it was hacked
The congressional research office confirmed a breach, but did not comment on the cause. A security researcher suggested the hack may have originated because CBO failed to patch a firewall for more than a year.
‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones
A newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch.
Italian political consultant says he was targeted with Paragon spyware
WhatsApp notified the consultant, who works for left-wing politicians, that his phone was targeted with spyware made by Paragon.
Phone location data of top EU officials for sale, report finds
Journalists in Europe found it was “easy” to spy on top European Union officials using commercially obtained location data sold by data brokers, despite the continent having some of the strongest data protection laws in the world.
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
Peter Williams sold eight exploits to a Russian zero-day broker by smuggling them from his employer’s highly secured air-gapped network. A court document, plus exclusive reporting by TechCrunch and interviews with former Trenchant staff, explains how Williams pulled off the heist of hacking tools.
DOJ accuses US ransomware negotiators of launching their own ransomware attacks
Three people, including two U.S. ransomware negotiators, are accused of working on behalf of the ALPHV/BlackCat ransomware gang.