This summer, in the Dubai desert, a flight occurred that few expected to see from a battery-powered quadcopter. The experimental Peregreen 3 reached a speed of 360.4 miles per hour (about 580 kilometers per hour), breaking a record that had stood for a year. At the time, only the test participants knew about it, but on November 18, YouTube blogger Luke Maxima Bell finally revealed the project and shared footage of the flight. The Guinness Book of World Records confirmed the achievement as a new world record for electric remote-controlled quadcopters . The previous record, 350 kilometers per hour, was held by

Users noticed that last week Microsoft developers disabled the offline activation method for Windows 11 and 10 via KMS38, which has been used by hackers around the world for years. However, the official release notes don’t mention these changes. KMS38 was developed by enthusiasts from the Massgrave project ( MAS, Microsoft Activation Scripts ), known for its repository of unofficial tools for activating Windows and Office . The essence of this activation method was to trick the system file GatherOSstate.exe ( a utility that determines whether the current system is eligible for an upgrade ), extending the Key Management Service ( KMS

Artificial intelligence is changing the way recent computer science graduates approach the world of work. It’s not about sudden job disappearances , but rather a transformation of entry-level roles in programming and development. What used to be “write, test, debug” is now done with AI tools that lend a hand, meaning that basic work is no longer the only determining factor. Junior developers today face tasks that require creativity, critical thinking, and collaboration . Software architecture, interface design, systems integration, and ethical computing—all aspects that once seemed reserved for experts—are now essential even in their first professional experiences. AI tools make work

Group-IB experts presented a detailed analysis of the long-running UNC2891 campaign, which demonstrated the continuing sophistication of ATM attack schemes. Attention focused on the Raspberry Pi, which the attackers used to access the infrastructure of two Indonesian banks. However, it emerged that the physical intrusion into the ATM was only part of a larger criminal operation, designed to control the entire process, from host compromise to cash withdrawal, through a network of proxies. According to Group-IB , UNC2891 conducted three separate intrusions: against one bank in February 2022, against another in November 2023, and then back to the first in July 2024.

Google has expanded the capabilities of its Gemini artificial intelligence service by adding a tool to the app and web version to check images for signs of automatic generation . This feature seems like a logical step: visual content is increasingly being created using AI models, and the demand for methods to distinguish real images from synthetic ones is growing. The new detector is based on the SynthID system, digital markers invisible to the human eye, introduced in 2023. They are embedded in images created by Google generators and persist even after resizing or partial processing . For this reason, the check

Israeli company NSO Group has appealed a California federal court ruling that bars it from using WhatsApp’s infrastructure to distribute its Pegasus surveillance software. The case, which has been ongoing for several years, stems from a complaint filed by WhatsApp after the discovery of a large-scale attack on its users. The operation exploited zero-day vulnerabilities and zero-click techniques, allowing the spyware to be installed without any action on the part of the victims. Last October, Judge Phyllis Hamilton ruled that WhatsApp servers had been misused, allowing the infection of approximately 1,500 devices. According to the ruling, NSO had circumvented the platform’s security

In recent months, the insider problem has become increasingly important for large companies , and one recent episode involved CrowdStrike. The cybersecurity firm has in fact removed an employee believed to have shared confidential information on the company’s internal systems with a group of hackers. Reviewed by TechCrunch , the screenshots revealed internal dashboards, including an Okta Single Sign-On (SSO) panel that employees used to access company applications. Although the hackers claimed to have received authentication cookies , CrowdStrike maintains that its security operations center detected the activity before any malicious access could be fully established. It further reported that the leaked

Microsoft has announced that it will integrate the popular Sysmon tool directly into Windows 11 and Windows Server 2025 in 2026. The announcement was made by Sysinternals creator Mark Russinovich. Sysmon (System Monitor) is a free tool from Microsoft Sysinternals for monitoring and blocking suspicious activity in Windows. Events are logged in the Windows Event Log, making the tool indispensable for detecting threats and diagnosing problems. By default, Sysmon tracks basic events like process creation and termination, but you can use custom configuration files to monitor process tampering, DNS queries, executable file creation, clipboard changes, automatic backups of deleted files, and more.

Push Security specialists have noticed that the Sneaky2FA phishing platform now supports browser-in-the-browser attacks, which allow the creation of fake login windows and the theft of credentials and sessions. Sneaky2FA and other PhaaS (phishing-as-a-service) Sneaky2FA is one of the most popular Phishing-as-a-Service (PhaseaS) services among cybercriminals. Along with Tycoon2FA and Mamba2FA , Sneaky2FA primarily targets Microsoft 365 account theft. This phishing kit is known for attacks using SVG and the “attacker-in-the-middle” tactic: the authentication process is forwarded via a phishing page to the real service, allowing attackers to intercept session tokens. As a result, even with two-factor authentication (2FA) enabled, attackers gain