The Microsoft Edge security team made significant changes to Internet Explorer mode after receiving confirmation of targeted attacks using it. Experts discovered that attackers exploited vulnerabilities in the outdated Chakra JavaScript engine, integrated into Internet Explorer, to gain remote access to users’ devices. The attacks demonstrated that even in modern browsers, legacy features can become a dangerous conduit for system compromise. Internet Explorer mode in Edge was created as a temporary solution to support legacy websites and corporate portals that relied on technologies like ActiveX and Flash . While much of the web has migrated to modern standards, many organizations still use

A major Canadian craft beer competition has become the center of controversy after unexpectedly introducing artificial intelligence into the beverage judging process. The decision to integrate algorithms without warning sparked outrage among judges and members of the brewing community, who viewed it as interfering with the delicate tasting process. The AI system evaluated the same samples as the human judges, using data accumulated from previous competitions: scores, notes on taste and aroma, and audio recordings of discussions. These materials formed the basis of an algorithm designed to mimic the human tasting process. However, neither the participants nor the judges were informed in

On October 21, 2025, an international team of researchers from 29 leading institutions—including Stanford University, MIT, and the University of California, Berkeley —completed a study that marks a milestone in the development of artificial intelligence: the definition of the first quantitative framework for evaluating Artificial General Intelligence (AGI). Based on the Cattell-Horn-Carroll (CHC) psychological theory, the proposed model divides general intelligence into ten distinct cognitive domains , each with a 10% weight, for a total of 100 points representing the human cognitive level. Based on this scale, GPT-4 achieved a score of 27%, while GPT-5 achieved 58% , highlighting an uneven distribution

Jaguar Land Rover continues to deal with the fallout from the cyber attack that paralyzed production, disrupted its dealer network, and jeopardized supply chains. Vehicle production at major UK plants was halted for nearly five weeks. A reduction in production of nearly 5,000 vehicles per week was recorded in the UK during the shutdown, resulting in an estimated weekly loss of £108 million for JLR’s UK operations , including both fixed costs and lost profits. The Cyber Monitoring Centre estimates that the event caused a financial impact in the UK of £1.9 billion and affected over 5,000 UK organizations . The modeled

A federal court has ordered Israeli company NSO Group (developer of the commercial spyware Pegasus) to stop using spyware to target and attack WhatsApp users. Please note that Pegasus is a spyware platform developed by NSO Group. Pegasus is sold as legitimate spyware and used for espionage and surveillance activities worldwide. Pegasus (and, through it, NSO Group’s customers) can collect text messages and app information from iOS and Android devices, intercept calls, track locations, steal passwords, and more. In 2019, WhatsApp representatives filed a lawsuit against NSO Group, accusing the company of aiding and abetting cyberattacks conducted on behalf of various governments

An advanced security flaw exists in M365 Copilot that allows attackers to exfiltrate sensitive information from tenants, such as recent emails, through indirect command injection. Security researcher Adam Logue detailed a vulnerability in a recently published blog post. This vulnerability, thanks to the integration of the AI assistant into Office documents and native support for Mermaid diagrams, allows data leakage with a single initial click by the user, without requiring further interaction. The attack begins when a user asks M365 Copilot to summarize a specially created Excel spreadsheet. Hidden instructions, embedded in white text across multiple sheets, use progressive task editing and

Russia is preparing a new version of a bill legalizing white hat hackers . Two sources in government agencies and the cybersecurity industry told RBC that the document has already passed the primary approval stage and is being prepared for submission to the State Duma. The initiative envisions the creation of a unified system of government regulation for all types of research activities related to vulnerability detection . The project will involve specialists hired by companies to test their information systems, both directly and through bug bounty platforms , where rewards are paid for discovered bugs and vulnerabilities. The new version of

A new wave of digital deception has hit the Microsoft Azure ecosystem, where newly discovered vulnerabilities have allowed cybercriminals to create malicious apps that perfectly mimic official services like Microsoft Teams or the Azure Portal . These “fake” applications are identical to the originals, capable of deceiving even experienced users. The discovery, made by researchers at Varonis , revealed that Azure security measures designed to block sensitive names could be bypassed using invisible Unicode characters. By inserting characters like the Combining Grapheme Joiner (U+034F) between letters, such as in “Az͏u͏r͏e͏ ͏P͏o͏r͏t͏a͏l” , attackers were able to register apps that appeared legitimate but

Anthropic has launched a web version of Claude Code , its rapidly growing AI assistant for programmers, which can now be used directly from your browser. Starting Monday, the new platform is available to subscribers to the Pro, Max, and Max+ plans, which cost between $20 and $200 per month. The web version is accessible from the claude.ai website, by selecting the “Code” tab, or via the iOS mobile app. Previously, Claude Code existed only as a CLI tool launched from the terminal, but the company is now focusing on enabling developers to build and manage their AI agents in a familiar

Researchers discovered 131 extensions for automating WhatsApp Web in the official Chrome store. All were being used to send mass spam to Brazilian users. According to Socket analysts, all these extensions share the same code base, design patterns, and infrastructure. Together, they have approximately 20,905 active users. “This isn’t classic malware; it’s a high-risk, automated spam campaign that violates the platform’s rules,” explains Kirill Boychenko, Socket specialist. “The code is injected directly into the WhatsApp web page, working with WhatsApp scripts to automate mass mailings and schedule them, thus bypassing spam protection.” The ultimate goal of this campaign is to send mass