Phishing attacks are becoming increasingly sophisticated and are now targeting not only users, but also automated AI-based defenses. Researchers have discovered a campaign in which attackers embed hidden instructions in emails to confuse the AI systems used by SOCs to classify and filter threats. The email itself had a traditional look: the subject line was “Login Expiration Notice 08/20/2025 4:56:21 PM”, and the body was a notification about an impending password expiration to an email address with a request to urgently confirm or update the data. This technique relies on familiar elements of social engineering: time pressure, imitating official messages, and spoofing

Over the past twelve months, security experts have noticed an increase in attackers using Windows scheduling capabilities, intended for system management, to establish their presence within compromised systems. Malicious commands are embedded within Task Scheduler processes that are activated at startup, logon, or at predetermined intervals, allowing attackers to gain stealthy, persistent access that frequently evades standard detection. Unlike elaborate rootkits or zero-day exploits, these techniques exploit built-in system functionality, allowing threat actors to persist without having to deploy additional binaries or complex toolchains. Initial infections typically occur via phishing emails or exploit kits that distribute lightweight loaders that quickly become persistent.

The topic of hacking and car theft using Flipper Zero has returned to the forefront around the world, and we also talked about it in a recent article. This time, hackers claimed to be selling a “secret firmware” for the gadget, which could be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and many other brands. Our article published information about the evidence presented on the YouTube channel “Talking Sasquach” , which had tampered with the infamous firmware present in the underground. This Pinball Zero mod was apparently developed by a hacker named Daniel, who presumably lives in Russia, and his partner Derrow,

F6 has reported a sharp increase in fraud in which criminals exploit minors to access their parents’ bank accounts. According to analysts, approximately 3,500 such cases were recorded in the first half of 2025. The main victims were children between the ages of 10 and 14. This is facilitated by free access to smartphones and computers, in a context of low digital literacy. Attack scenarios range from short to months-long and depend on the child’s ability to access adults’ devices and financial information. As of December 2024, F6 specialists counted around a hundred such incidents, and in the first half of 2025,

Microsoft has released a new build 26200.5761 (KB5064093) of Windows 11 Insider Preview to Windows Insiders in the Dev Channel. The update introduces several exciting features and improvements that will be gradually rolled out to users. The main innovation is the ability to seamlessly continue working with Android apps directly on a Windows 11 computer. The first example was integration with Spotify: if the user was listening to a song or podcast on a smartphone, a notification would appear on the PC with the option to continue playing from the same point. If the app isn’t yet installed, the system itself will

An in-depth analysis and proof-of-concept example has been released regarding CVE-2025-43300, a critical security flaw in Apple’s image processing infrastructure that allows remote code execution without the need for a single click. This is a security flaw, discovered in Apple’s implementation of lossless JPEG decompression within the RawCamera.bundle, that allows attackers to execute arbitrary code without user interaction via specially crafted Digital Negative (DNG) files. The vulnerability exploits fundamental assumptions of Apple’s TIFF/DNG parsing engine and its interaction with lossless JPEG compression. DNG files, based on Adobe’s open-source raw image format specification,use the TIFF container structure with losslessly compressed JPEG image data

DaVita, an American company that operates a network of over 2,600 hemodialysis centers in the United States, reported a serious loss of patient personal data following a ransomware attack. According to updated data, the incident affected approximately 2.4 million people, although the initial notification to the U.S. Department of Health and Human Services indicated a figure of 2.7 million. According to official information, the breach occurred on March 24 and lasted until April 12, 2025. That day, the attackers were forced to leave the company’s infrastructure, and it was then that DaVita filed a notification with the Securities and Exchange Commission (SEC)

The artificial intelligence revolution is transforming not only work and productivity, but also personal relationships. More and more users report forming real emotional bonds with chatbots, to the point of considering them lifelong companions. On Reddit, in the ChatGPT community, a user wrote: “I used to keep a journal to vent, but then I started chatting with GPT because it also gives me answers. Besides being my personal secretary, ChatGPT believes in me even when no one else does. The user describes a relationship that goes far beyond simple human-machine interaction: “I can write a novel of ruminated thoughts that I’d rather

There was a day when DeepSeek surprised half the world by demonstrating that much could be done with less. Today it returns with version 3.1 and a message that doesn’t go unnoticed: the model has been prepared for the next batch of Chinese chips. We’re not talking about an automatic market reversal, but rather a concrete bet that points in an uncomfortable direction for NVIDIA and company. If this technical harmony with Chinese hardware translates into performance, the debate over who powers AI in China will sound very different. According to the company’s own statement, V3.1 introduces hybrid inference in the purest

A serious issue with the Exchange Online service, flagged as EX1137017, is currently under investigation by Microsoft. Due to this issue, a number of users are unable to send or receive email messages through the Outlook mobile app. This issue primarily affects those using Hybrid Modern Authentication (HMA), which is often used by organizations that combine internal Exchange servers with Exchange Online. The outage prevented affected mobile users from accessing new messages or sending outgoing mail from their devices, causing significant communication delays for those who depend on mobile access. The outage is due to a faulty build update recently pushed to