Sophos analysts have discovered a complex malware operation by security experts that uses the popular messaging service WhatsApp to spread banking Trojans, targeting Brazilian banks and cryptocurrency exchanges. A self-replicating malware emerged on September 29, 2025, featuring advanced evasion techniques and a complex, multi-stage infection chain designed to bypass current security protections. The attack campaign had a widespread impact, affecting more than 1,000 endpoints across over 400 customer environments, demonstrating the effectiveness and vast reach of the threat. The attack occurs when victims download a malicious ZIP archive via WhatsApp Web from a previously infected contact. The social engineering component is particularly

China continues to pursue technological independence, and this time the signal has come not from microchip manufacturers, but from government officials. For the first time, the Chinese Ministry of Commerce has released official documents that cannot be opened in Microsoft Word . All materials are published exclusively in a format supported by the Chinese office suite WPS Office, developed by Beijing-based Kingsoft . This publication coincided with a new wave of tensions between Beijing and Washington. Last week, China announced the expansion of export controls on rare earths, strategically important materials essential for the production of electronics, weapons, and communications systems. Washington

A critical vulnerability has been identified in the AMD SEV-SNP hardware security architecture, impacting major cloud providers (AWS, Microsoft Azure, and Google Cloud) . This flaw allows malicious hypervisors to compromise encrypted virtual machines and gain full access to their memory. The attack, dubbed RMPocalypse , undermines the fundamental confidentiality and integrity guarantees on which the SEV-SNP trusted execution model is based. The research, presented at the ACM CCS 2025 conference in Taipei, details how a vulnerability is exploited during the initialization of SEV-SNP’s key structure, the Reverse Map Table (RMP) . This table maps host physical addresses to guest virtual pages

Researchers at Anthropic, in collaboration with the UK government’s AI Safety Institute, the Alan Turing Institute, and other academic institutions, reported that just 250 specially crafted malicious documents were enough to force an AI model to generate incoherent text when it encountered a specific trigger phrase. AI poisoning attacks rely on introducing malicious information into AI training datasets, which ultimately causes the model to return, for example, incorrect or malicious code snippets. Previously, it was believed that an attacker needed to control a certain percentage of a model’s training data for the attack to work. However, a new experiment has shown that

Israeli company NSO Group, developer of the infamous Pegasus spyware , recently came under the control of American investors. A company spokesperson announced that the new funding amounts to tens of millions of dollars and confirmed the transfer of a controlling stake. According to Calcalist, Hollywood producer Robert Simonds, who had previously attempted to acquire the company, played a key role in the deal. Details regarding the investor group and the exact amount of the deal were not disclosed. NSO emphasizes that the agreement does not affect jurisdiction or oversight: the company’s headquarters will remain in Israel and it will continue to

At DevDay, OpenAI’s annual conference this week, CEO Sam Altman took questions from reporters, an increasingly rare occurrence among tech leaders. Altman acknowledged the uncertainty surrounding the AI industry today, saying that “many areas of AI are in a state of flux.” Fears of a new tech bubble are growing in Silicon Valley. The Bank of England, the International Monetary Fund, and JPMorgan CEO Jamie Dimon have expressed similar concerns. Dimon, in an interview with the BBC, emphasized that ” most people should feel more uncertain about the future.” During Italian Tech Week in Turin, Jeff Bezos, founder of Amazon and one

Over 1.2 million kilometers of fiber optic cables lie on the ocean floor, long considered solely part of a global telecommunications network. However, distributed acoustic sensing (DAS) technology , rapidly emerging from the experimental stage, is opening up a fundamentally new field : the use of these lines for underwater monitoring and anti-submarine warfare. What until recently seemed like a hypothesis is already beginning to materialize in concrete military developments. DAS transforms a conventional fiber optic cable into a continuous chain of sensitive acoustic sensors. When a short pulse of laser light passes through the fiber, the reflected signals are modified by

Security flaws have been discovered in network communication between Microsoft Defender for Endpoint (DFE) cloud services , allowing attackers, following a breach, to bypass authentication, manipulate data, release sensitive information, and even upload malicious files within investigation packages. A recent analysis by InfoGuard Labs detailed these vulnerabilities , which highlight the risks still present within Endpoint Detection and Response (EDR) systems, which could undermine incident management efforts. The main concern, as identified by InfoGuard Labs , is requests sent by the agent to endpoints, such as https://[location-specific-host]/edr/commands/cnc, to execute specific commands, including isolation, forensic data collection, or scanning. The research builds on

The quote, “We’ll definitely build a bunker before we launch AGI,” that inspired the article, was attributed to a Silicon Valley leader, though it’s unclear who exactly he meant by “we.” The phrase perfectly captured the paradox of our times , and the irony is evident: those who are advancing the world’s most sophisticated artificial intelligence are the same ones who are terribly worried about its repercussions. While they continue their research, they are simultaneously devising escape strategies. The situation is similar to that of someone who builds a dam knowing it will eventually fail, but instead of reinforcing it, prefers to