Last week, Microsoft announced that it would no longer use China-based engineering teams to support the Defense Department’s cloud computing systems, following ProPublica’s investigation of the practice, which cybersecurity experts said could expose the government to hacking and espionage.

But it turns out the Pentagon was not the only part of the government facing such a threat. For years, Microsoft has also used its global workforce, including China-based personnel, to maintain the cloud systems of other federal departments, including parts of Justice, Treasury and Commerce, ProPublica has found.

This work has taken place in what’s known as the Government Community Cloud, which is intended for information that is not classified but is nonetheless sensitive. The Federal Risk and Authorization Management Program, the US government’s cloud accreditation organization, has approved GCC to handle “moderate” impact information “where the loss of confidentiality, integrity, and availability would result in serious adverse effect on an agency’s operations, assets, or individuals.”

Read full article

Comments

© Getty Images | Wong Yu Liang

Hot on the heels of a major ransomware group being taken down through an international law enforcement operation comes a new development that highlights the whack-a-mole nature of such actions: A new group, likely comprised of some of the same members, has already taken its place.

The new group calls itself Chaos, in recognition of the .chaos name extension its ransomware stamps on files it has encrypted and the “readme.chaos[.]txt” name given to ransom notes sent to victims. Researchers at Cisco’s Talos Security Group said Thursday that since Chaos emerged in February, it has engaged in “big-game hunting”—meaning attacks designed to extract hefty payments—that have mainly targeted organizations in the US and, to a lesser extent, the UK, New Zealand, and India. Talos said it recently observed the group demanding a ransom of about $300,000.

Walking in your footsteps

In exchange for paying the demanded ransom, victims get a pinky swear that they’ll receive a decryptor and a detailed report of the vulnerabilities the group members found in the victim’s network and that the group will delete all the data in its possession. Victims who refuse to pay face the threat of never getting their data unlocked, having data publicly disclosed, and being subjected to distributed denial-of-service attacks.

Read full article

Comments

© Getty Images

Christina Chapman, a 50-year-old Arizona woman, has just been sentenced to 102 months in prison for helping North Korean hackers steal US identities in order to get "remote" IT jobs with more than 300 American companies, including Nike. The scheme funneled millions of dollars to the North Korean state.

Why did Chapman do it? In a letter sent this week to the judge, Chapman said that she was "looking for a job that was Monday through Friday that would allow me to be present for my mom" who was battling cancer. (Her mother died in 2023.) But "the area where we lived didn't provide for a lot of job opportunities that fit what I needed. I also thought that the job was allowing me to help others."

She offered her "deepest and sincerest apologies to any person who was harmed by my actions," thanked the FBI for busting her, and said that when she gets out of prison, she hopes to "pursue the books that I have been working on writing and starting my own underwear company."

Read full article

Comments

© Getty Images | the-lightwriter

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious packages being pushed to unsuspecting users.

The latest target, according to security firm Socket, is JavaScript code available on repository npm. A total of 10 packages available from the npm page belonging to global talent agency Toptal contained malware and were downloaded by roughly 5,000 users before the supply-chain attack was detected. The packages have since been removed. This was the third supply-chain attack Socket has observed on npm in the past week.

Poisoning the well

The hackers behind the attack pulled it off by first compromising Toptal’s GitHub Organization and from there using that access to publish the malicious packages on npm.

Read full article

Comments

© CHUYN / Getty Images

---

Researchers at the University of Pennsylvania and the Allen Institute for Artificial Intelligence have developed a groundbreaking tool that allows open-source AI systems to match or surpass the visual understanding capabilities of proprietary models like GPT-4V and Gemini 1.5 Flash, potentially reshaping the competitive landscape between open and c…Read More

Bitdefender launches security suite for creators offering device protection, phishing detection, and social media monitoring amid rising threats and credential leaks.

Starting today, UK adults will have to prove their age to access porn online. Experts warn that a global wave of age-check laws threatens to chill speech and ultimately harm children and adults alike.

Security flaws in Airportr, a door-to-door luggage checking service used by 10 airlines, let hackers access user data and even gain privileges that would have let them redirect or steal luggage.

Google has suspended the Firebase account of Catwatchful following a TechCrunch investigation. The spyware operation was caught using Google's own servers to host and run its surveillance app, which was stealthily monitoring thousands of people's phones.

Explore SSL certificate reselling: market growth, common challenges, auto-validation methods, and centralized lifecycle management.

Continue reading Cost Effective Reseller Platforms for Buying SSL Certificates on SitePoint.

To the casual observer, cybercriminals can look like swashbuckling geniuses.

They possess technical skills formidable enough to penetrate the networks of the biggest companies on the planet.

They cover their tracks using technology that is arcane to most people—VPNs, encrypted chat apps, onion routing, aliases in dark web forums.

Read full article

Comments

© JuSun/Getty Images

Donald Trump vowed to save TikTok before taking office, claiming only he could make a deal to keep the app operational in the US despite national security concerns.

But then, he put Vice President JD Vance in charge of the deal, and after months of negotiations, the US still doesn't seem to have found terms for a sale that the Chinese government is willing to approve. Now, Trump Commerce Secretary Howard Lutnick has confirmed that if China won't approve the latest version of the deal—which could result in a buggy version of TikTok made just for the US—the administration is willing to shut down TikTok. And soon.

On Thursday, Lutnick told CNBC that TikTok would stop operating in the US if China and TikTok owner ByteDance won't sell the app to buyers that Trump lined up, along with control over TikTok's algorithm.

Read full article

Comments

© NurPhoto / Contributor | NurPhoto

On Wednesday, the White House released "Winning the Race: America's AI Action Plan," a 25-page document that outlines the Trump administration's strategy to "maintain unquestioned and unchallenged global technological dominance" in AI through deregulation, infrastructure investment, and international partnerships. But critics are already taking aim at the plan, saying it's doing Big Tech a big favor.

Assistant to the President for Science and Technology Michael Kratsios and Special Advisor for AI and Crypto David Sacks crafted the plan, which frames AI development as a race the US must win against global competitors, particularly China.

The document describes AI as the catalyst for "an industrial revolution, an information revolution, and a renaissance—all at once." It calls for removing regulatory barriers that the administration says hamper private sector innovation. The plan explicitly reverses several Biden-era policies, including Executive Order 14110 on AI model safety measures, which President Trump rescinded on his first day in office during his second term.

Read full article

Comments

© Joe Daniel Price | Getty Images

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by Microsoft, is under mass exploitation. Since that revelation, the fallout and the ever-increasing scope of the attacks have been hard to keep track of.

What follows are answers to some of the most common questions about the vulnerability and the ongoing exploitation of it, which collectively is being called ToolShell by people tracking the activity.

What’s known so far

Question: What’s SharePoint?

Read full article

Comments

© Getty Images

Hacking is hard. Well, sometimes.

Other times, you just call up a company's IT service desk and pretend to be an employee who needs a password reset, an Okta multifactor authentication reset, and a Microsoft multifactor authentication reset... and it's done. Without even verifying your identity.

So you use that information to log in to the target network and discover a more trusted user who works in IT security. You call the IT service desk back, acting like you are now this second person, and you request the same thing: a password reset, an Okta multifactor authentication reset, and a Microsoft multifactor authentication reset. Again, the desk provides it, no identity verification needed.

Read full article

Comments

---

The Kathmandu center of excellence gives SecurityPal a cost base low enough to keep humans in the loop while staying price-competitive.Read More

---

AIUC will insure AI agents, helping enterprises deploy artificial intelligence securely with risk coverage and safety standards.Read More

---

Anthropic research reveals AI models perform worse with extended reasoning time, challenging industry assumptions about test-time compute scaling in enterprise deployments.Read More

---

The incident's legacy extends far beyond CrowdStrike. Organizations now implement staged rollouts and maintain manual override capabilities.Read More

---

Google DeepMind's Gemini AI won a gold medal at the International Mathematical Olympiad by solving complex math problems using natural language, marking a breakthrough in AI reasoning and human-level performance.Read More