Darktrace has recorded a targeted attack on a US chemical company, in which attackers exploited a critical vulnerability in the SAP NetWeaver platform. The threat, registered as CVE-2025-31324, consisted of an error in the file upload mechanism that allowed attackers to execute arbitrary code on the server without authentication. Although SAP released an update in April, the incident occurred at a time when the fix had not yet been installed. The attack unfolded over three days. The first signs were reconnaissance-scan-like activity on internet-accessible devices, presumably running SAP NetWeaver. It was later discovered that the attackers had exploited the vulnerability to download

Can an encrypted email cause a macOS/iOS system to crash immediately? The answer is YES! This is not a science fiction plot, but a real attack, as revealed by the latest research findings from Alibaba Security. To effectively prevent this type of attack, Alibaba Security and Indiana University Bloomington jointly explored and discovered an attack vector to detect potential DoS (Denial-of-Service) security issues in cryptographic algorithm libraries: malformed X.509 certificates. They then conducted a series of searches for related problems in cryptographic algorithm libraries based on this vector. This result was made public at the USENIX Security ’25 conference and was nominated

It has been reported by Group-IB that a Raspberry Pi with 4G support was exploited by the hacker group UNC2891, also known as LightBasin, in order to overcome security measures and access the bank’s network. By connecting to the same network switch as the ATM, the single-board computercreated a breach in the bank’s internal network, allowing attackers to operate laterally and install backdoors. Researchers, who discovered the breach while examining suspicious transactions on the bank’s computer system, determined that the attack was aimed at altering the authorization of ATMs and carrying out cash withdrawals. Although the LightBasin attack failed, researchers emphasize that

The U.S. state of Wyoming, with a population of just under 600,000, could have a data center that consumes more electricity than the state’s entire population. The project, led by energy company Tallgrass and AI infrastructure developer Crusoe, calls for the construction of a 1.8 gigawatt facility, which could be expanded to as many as 10 gigawatts. At launch, the data center will consume approximately 15.8 terawatt-hours per year, five times more than all the single-family homes in Wyoming. If the facility reaches its stated maximum capacity, its annual energy consumption will be 87.6 terawatt-hours, double the current output of the entire

In recent years, global competition in AI has reached unprecedented levels, driven by massive investments: United States, China, and European Unionrespectively plan to invest billions of dollars to be first to innovate in this competitive and highly focused science. This enormous influx of capital reflects the growing awareness of the strategic role of AI in future economic, industrial, and technological development. The World At the 2025 World Conference on Artificial Intelligence, we saw a concrete preview of this revolution: combat robots that move nimbly in the ring, flying electric vehicles to combat urban congestion, autonomous taxis and L4 buses, and even pets

It’s been ten years since the release of Windows 10, the system designed to restore user confidence after the failed experiment with the Windows 8 interface. In 2015, Microsoft attempted to regain control of the desktop ecosystem by offering a universal solution that combined a familiar interface with cross-platform ambitions. While initial expectations were high, the reality has proven contradictory. Support for Windows 10 will end on October 14, 2025. After this date, Microsoft will no longer provide free security updates, software updates, or technical support for Windows 10. PCs will continue to function, but they will become more vulnerable to viruses,

A user with the nickname Tsar0Byte posted a shocking announcement on DarkForums, one of the most well-known underground forums in the cybercrime world: the alleged compromise of sensitive data belonging to 96,252 Nokia employees. In the post, published at 5:15 AM the previous day, Tsar0Byte claimed responsibility for the attack and threatened further breaches, openly referring to a “breach” and declaring that this exposure was only the beginning: the next target would be internal systems, with possible access to the source code and further confidential data. Below is the translation of the post written by cybercriminals. We’ve penetrated deeper than you expected.Through

At the WAIC Global Conference, Huawei showcased the innovative capabilities of its Ascend platform: data processing, training and inference, open source ecosystems, and solutions for industries such as the Internet, finance, energy, and education. Real-world applications demonstrate how Ascend is transforming technological innovation into real-world commercial projects. Huawei unveiled the Ascend 384 Super Node (Atlas 900 A3 SuperPoD) for the first time: a system that connects 384 NPUs via an ultra-high-speed bus, ensuring high bandwidth, low latency, and high stability. This super node overcomes the limitations of traditional clusters, improving resource utilization and reducing failures, so it can function as a single

Those responsible for the Python Package Index (PyPI) have issued a warning about a phishing campaign targeting users. The attackers aim to redirect victims to fake sites disguised as PyPI and steal their credentials. The attackers allegedly sent emails with the subject “[PyPI] Verify Email” from noreply@pypj[.]org. In other words, the domain mimics pypi.org, and the letter “j” replaces the “i.” “This is not a security breach of PyPI itself, but rather a phishing attempt and abuse of the trust users place in PyPI,” writes Mike Fiedler, PyPI administrator. The emails contain a link and invite users to click it to verify

Last weekend the final version of the Linux kernel 6.16 was released, traditionally announced by Linus Torvalds himself. Development proceeded calmly, but without any major innovations: the release proved more technical than sensational. Nevertheless, it includes dozens of performance improvements, support for new instructions, and fundamental improvements in memory usage. According to Phoronix, Linux 6.16 now contains over 38 million lines of code, spread across over 78,000 files. A lot of work has been done, from low-level optimizations to security improvements. One of the most notable changes is the addition of support for Intel’s Advanced Performance Extensions, introduced in 2023. These expand