Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...

In early 2025, Forbes reports, investigators at the FBI served Microsoft with a warrant seeking the BitLocker encryption recovery keys for several laptops it believed held evidence of fraud in Guam’s ...

Privacy advocates are worried about the precedent this sets and the potential for abuse. Privacy advocates are worried about the precedent this sets and the potential ...

Russia announced Thursday it had blocked WhatsApp over its alleged failure to comply with Russian legislation, days after ...

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Russia has blocked the popular messaging service WhatsApp over its failure to comply with local legislation, the Kremlin said ...

France plans to replace all US video-conferencing services, marking the EU's latest push for digital sovereignty - with more ...

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.