The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
Ceasefires Have Little Effect on Slowing Nation-State Cyber Operations
Historical patterns show that diplomatic ceasefires and peace agreements between nations do not meaningfully reduce cyber operations. State-sponsored hacking ca
Chrome 146 Introduces Device-Bound Session Credentials to Combat Cookie Theft
Google is shipping Device Bound Session Credentials (DBSC) in Chrome 146 for Windows, a feature designed to neutralize session hijacking attacks that rely on st
Chrome 146 ships hardware-bound session cookies to neuter infostealer theft
Chrome 146 on Windows now enforces Device Bound Session Credentials (DBSC), tying authenticated browser sessions to a private key that lives inside the device's
CPUID supply chain breach pushed trojanized CPU-Z and HWMonitor for six hours
Attackers compromised a secondary API at CPUID between April 9 and 10, swapping download links on the official site to point at Cloudflare R2-hosted trojanized
Discord's broken support left a hacker extorting kids for 8 days
A 12-year-old who lied about her age to create a Discord account had it hijacked after clicking a phishing link disguised as Discord support. Without two-factor
EngageLab SDK Bug Put 50M Android Users at Risk, Crypto Wallets Hit Hard
A security flaw in the EngageLab SDK - a third-party library integrated into Android applications - reportedly exposed roughly 50 million users, with an estimat
Fancy Bear Maintains Aggressive Global Cyber Campaign
Russia's APT28, widely known as Fancy Bear, continues to run persistent cyber-espionage operations targeting governments, defense contractors, and critical infr
FedRAMP Greenlit Microsoft's GCC High Despite Reviewers Calling Security Docs 'A Pile of Shit'
Federal cybersecurity evaluators flagged Microsoft's Government Community Cloud High in late 2024 as essentially unassessable, citing missing detailed security
Gmail E2EE lands on Android and iOS for enterprise client-side encryption users
Google has extended Gmail's end-to-end encryption to the Android and iOS apps, letting enterprise users compose and read encrypted messages natively without ext
Industrial Controllers Remain Exposed as Cyberwarfare Escalates
Industrial control systems and operational technology environments continue to face significant security gaps even as nation-state actors and hacktivist groups
Lua-Based LucidRook Malware Hits Taiwanese NGOs via Fake Antivirus Lures
Cisco Talos has uncovered a threat cluster tracked as UAT-10362 running spear-phishing operations against Taiwanese NGOs and academic institutions. The campaign
LucidRook malware hits Taiwan NGOs and universities via Lua-powered loader
Cisco Talos has documented LucidRook, a modular malware family deployed by UAT-10362 against non-governmental organizations and universities in Taiwan. October