We had already discussed the proposed “ChatControl” regulation almost two years ago, but given the roadmap currently underway, we find ourselves embarrassed to have to discuss it again. It feels like déjà vu, but instead of the black cat in the hallway, we are witnessing the EU, alternating generous doses of fatal slopes and stolen arguments, continuing to align its desire for technological control with the US example denounced at the time by Snowden. Probably because of the ambition inherent in the Old Continent, which still believes itself to be the center of the world. But can we really think that it

A malicious version of the ISO image named Servicenow-BNM-Verify.iso has been identified on VirusTotal, reported as originating from Malaysia, with virtually no detection. The image contains four files, two visible and two hidden, suggesting packaging designed to deceive superficial analysis. Among the visible files, a Windows shortcut named servicenow-bnm-verify.lnk runs PanGpHip.exe, a legitimate executable produced by Palo Alto Networks. Although the link’s target path points to a nonexistent directory on the victim machines, the LNK file correctly redirects to its own directory, ensuring that PanGpHip.exe runs every time the ISO is mounted. DLL sideloading is a technique used by attackers in which

Linux systems are being targeted by a recent malware campaign, known as “Sindoor Dropper,” which uses advanced spear-phishing techniques and a complex infection process. Victims are tricked with lures related to the recent conflict between Pakistan and India, known as Operation Sindoor, into launching malicious files. According to analysis of the Nextron system, once executed, it opens a benign PDF to maintain the illusion of legitimacy, while silently launching a complex and heavily obfuscated infection process in the background. This process is designed to evade both static and dynamic analysis: the initial payload, at the time of its discovery, had no detections

Fifteen of the most notorious cybercriminal groups, including Scattered Spider, ShinyHunters, and Lapsus$, have announced their closure. Their collective statement, published on BreachForums, is the most explicit message from the underground in recent years. The group emphasized that their goal was less extortion than to demonstrate the weaknesses of digital systems. Now, however, they have declared that they prefer “silence” to public attacks. The document, published under several pseudonyms of well-known hackers, claims that the decision was made after three days of silence, spent by the participants with their families and reviewing their plans in the event of persecution. They said they

OpenAI has announced new security measures for ChatGPT following a series of tragic stories and lawsuits accusing the chatbot of involvement in teen suicides. The system will now attempt to determine the age of the person chatting with and, if necessary, request ID to confirm the user is over 18. The company acknowledged that this limits the privacy of adults, but deemed the tradeoff justified for security reasons. OpenAI CEO Sam Altman said he did not expect unanimous approval for these measures, but considered them necessary amid growing conflict over artificial intelligence regulation. This decision was influenced by a series of high-profile

The Artificial Intelligence Security Governance Forum was held in Kunming, Yunnan Province, southwestern China, as part of the National Cybersecurity Publicity Week 2025. The event offered an opportunity to discuss the risks and challenges associated with AI, governance measures, and developments related to the security of applications and algorithms. Researchers, technicians, and representatives from various sectors shared experiences and practical results, highlighting how AI is revolutionizing numerous fields, including cybersecurity. At the security fair, technicians emphasized how large companies are now exposed to a wide range of cyber attacks. The threats range from more common, such as web application attacks, to more

In the Taiwan Strait, the local Coast Guard ha intensified patrolling activities To protect the undersea cables, infrastructure considered vital to the country’s communications. Commander Ruan Zhongqing led a 100-ton patrol boat, equipped with water cannons and machine guns, towards the “Taiwan-Pengzhou No. 3” cable to monitor any suspicious vessels. According to authorities, these links have become a new target of Chinese operations in the so-called “gray zone.” The Taiwan-Penghu 3 cable is one of 24 that connect the island to national and international networks. Attention to these infrastructures has increased after a Chinese captain was convicted in June for deliberately cutting

A massive ad fraud scheme called SlopAds has been hiding behind hundreds of “harmless” Android apps and has reached global proportions. Recently, the Satori team at HUMAN described how 224 apps have amassed a total of 38 million installs across 228 countries and territories, generating up to 2.3 billion bids per day at peak times. Google removed all the detected apps from the Play Store, but the tactic itself deserves a separate analysis: it demonstrates how sophisticated click and impression fraud has become. The build relies on the simulated launch of malicious behavior. After installation, the app accesses the Mobile Marketing Attribution

CERT-FR reported that Apple warned users late last week that their devices were being targeted by spyware attacks. Experts say they are aware of at least four cases of such notifications sent in 2025. The alerts were sent on March 5, April 29, June 25, and September 3 to phone numbers and email addresses associated with Apple user accounts. The alerts also appear at the top of the page on account.apple.com after a user logs in to their account. “These alerts report sophisticated attacks, most of which exploit zero-day vulnerabilities or require no user interaction,” writes CERT-FR. “These sophisticated attacks target individuals

Google has changed its Android security update strategy, breaking its tradition of disclosing vulnerabilities monthly for the first time in a decade. In its July 2025 bulletin, the company didn’t report a single vulnerability, the first time in 120 publications. But in September, the list included 119 fixes at once. The reason isn’t that July was “safe,” but that Google is moving to a new Risk-Based Update System (RBUS) model. Now, monthly updates will only contain fixes for “high-risk” vulnerabilities, meaning those actively exploited or part of known attack chains. The remaining vulnerabilities will be grouped into major quarterly releases: in March,