All articles tagged with #security
Android Authority argues that Samsung and Google’s seven-year update promises are mostly marketing; despite the long-supply appeal, battery life declines, flagship features get withheld on older hardware, and update cadence quality varies, so most users won’t experience seven years of parity—faster, more consistent updates matter more.
CNN notes that despite doctors calling him in excellent health, 79-year-old Trump’s aging, frequent security threats, and moments of fatigue keep mortality concerns in the foreground as he campaigns, with incidents near the White House and past assassination attempts underscoring ongoing security risks.
The FBI is reportedly concerned about a surge in death threats against Bruce Springsteen during his politically charged Land of Hope and Dreams tour, prompting increased security as his performances draw anger from MAGA crowds; guitarist Steven Van Zandt says threats have risen and the tour has added safety measures to protect fans.
Mexico says Iran can base in the country during the 2026 World Cup after the United States reportedly declined to host them; Iran’s three group-stage games are scheduled in the US, but Mexico has agreed to accommodate overnight stays and training there due to security concerns surrounding the Middle East conflict as the US, Canada and Mexico co-host the tournament.
A coordinated TrapDoor campaign targets npm, PyPI, and Crates.io, distributing 34 malicious packages across hundreds of versions to steal developer secrets, crypto wallets, SSH keys, cloud credentials, and environment data. npm payloads run trap-core.js to harvest credentials and establish persistence via cron, systemd, Git hooks, and SSH lateral movement; Rust crates search keystores and exfiltrate data to GitHub Gists; Python packages auto-execute on import and fetch a remote JavaScript payload executed via node -e. The attack also hides instructions in .cursorrules and CLAUDE.md to trick AI tools through PRs, signaling an evolution of developer-workflow attacks across multiple ecosystems.
AI agents are increasingly autonomously finding software flaws and crafting exploits, upending bug-bounty economics as researchers log far more discoveries and attackers speed up development. Major programs are trimming or shifting payouts (Curl’s bounty ended; Google adjusted Chrome/Android rewards) and experts warn that faster zero-days and compressed disclosure windows could pressure quicker patches. The trend, including industry calls for structural defenses and architecture changes, suggests a future where human-led bug hunting remains essential but must be complemented by better-infrastructure that makes many bugs irrelevant.
Trump’s tentative Iran agreement faces pushback from GOP lawmakers who argue the deal is insufficient or unclear, while a shooting at the White House reignites security concerns and prompts renewed scrutiny of protective measures and risk assessments surrounding the administration.
Anthropic plans to release Mythos-class AI models to the public with expanded access including governments, while guardrails are being established and certain safety tools remain restricted for now.
A widespread campaign abused a critical Ghost CMS SQL injection (CVE-2026-26980) affecting versions 3.24.0–6.19.0 to read database data and steal admin API keys, then injects malicious JavaScript into articles. The loader fetches a second-stage payload that triggers a fake Cloudflare prompt and a ClickFix lure, leading victims to a Windows command prompt instruction and subsequent malware downloads. High-profile targets (Harvard, Oxford, Auburn, DuckDuckGo) were affected. Ghost released fix 6.19.1 on Feb 19, but many sites have not updated. Action items: upgrade to 6.19.1+, rotate all exposed keys, and review up to 30 days of admin API call logs to identify IoCs and remove injected scripts.
Attackers rewrote GitHub release tags across four Laravel Lang repositories to point to malicious commits, introducing a dropper in src/helpers.php that downloads a cross-platform credential stealer from flipboxstudio.info. The malware harvests cloud credentials, tokens, SSH keys, and more, with a Windows payload that drops a base64-encoded executable (DebugElevator) to steal browser data and encryption keys. Packagist removed the malicious versions; developers should audit installed versions, rotate credentials, scan for indicators of compromise, and watch for outbound connections to flipboxstudio.info.
OpenAI's Codex can now run on a Mac while the screen is locked via a new Locked use feature and an Apple authorization plug-in. Codex can be controlled from a phone to operate Mac apps even when the display is off, but it isn’t a general unlock path; safeguards include a short‑lived authorization window, Codex-only access, and coverage across all connected displays, plus it won’t work if the MacBook lid is closed.
A 21-year-old man was fatally shot by Secret Service after opening fire at a White House security checkpoint, injuring a bystander; motive is under investigation. The incident follows a series of politically charged violence linked to Trump’s circle, including an earlier shooting near the White House and past assassination attempts, underscoring growing safety concerns for public officials.
Trump Mobile confirmed a data exposure via a third‑party platform that left customer names, emails, mailing addresses, phone numbers, and order IDs exposed; the vulnerability was patched after reports by Coffeezilla and TechCrunch, and rumors of lower pre-orders followed as the T1 launch remains delayed amid controversy.
This week highlights AI’s role in security reporting amid a flood of Linux flaws: Google’s Project Zero exposed a zero-click Pixel 10 exploit chained from a Dolby decoder memory flaw to kernel memory (patched in Feb 2026, 71 days after disclosure); Linus Torvalds praises AI tools but urges verification and fixes for AI-generated bug reports; GitHub discusses AI-generated reports in bug bounties and reports a breach via a compromised VSCode extension; Linux moves to remove zero-copy AF_ALG to curb CopyFail risks; new bugs raise root/DoS/RCE concerns (pid-fd/ssh-keysign-pwn, RDS-pintheft, nginx-rift/nginx-poolslip); Google discloses a Chromium botnet risk tied to JavaScript service workers with patch timing unclear; and a CISA credential leak in a public GitHub repo underscores ongoing access-risk from exposed tokens.
Armed attackers burned down a clinic in the Congo, causing 18 people suspected of Ebola to flee, underscoring how ongoing violence and insecurity are hindering Ebola outbreak response and containment in the region.