Jul 10, 2025Ravie LakshmananCybercrime / Ransomware The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in … Read More
As Texas reels from devastating floods, conspiracy theorists are hard at work. Not by helping victims, or donating aid, but by posting videos claiming the rain is fake, or blaming space lasers or “geoengineering” plots. I wish I was joking. But once again the likes of Twitter, TikTok, and Telegram are spreading dangerous nonsense claiming … Read More
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But a new report finds the accused continues to operate a slew of established accounts at American tech companies — including Facebook, Github, PayPal and Twitter/X. … Read More
AMD has identified two distinct attack variants that enterprises must understand. TSA-L1 attacks target errors in how the L1 cache handles microtag lookups, potentially causing incorrect data loading that attackers can detect. TSA-SQ attacks occur when load instructions erroneously retrieve data from the store queue when required data isn’t available, potentially allowing inference of sensitive … Read More
New week, different end of the world! After a fleeting stop at home, we're in Japan for a proper holiday (yet somehow I'm still here writing this…) with the first stop in Tokyo. It's like nowhere else here, and this is now probably my 10th trip to Japan over a period of more than three … Read More
Some schemes might sound unbelievable, but they’re easier to fall for than you think. Here’s how to avoid getting played by gamified job scams. 04 Jul 2025 • , 4 min. read Many of us have been experiencing a cost-of-living crisis for years, and the news headlines remain filled with doom-laden predictions of what the … Read More
Cyber threats continue to evolve, and organizations must stay ahead by fortifying their defenses. While external attack surface management (EASM) identifies vulnerabilities that could be exploited from outside the network, many organizations face an internal blind spot: hidden vulnerabilities within their environments. 40% of organizations hit by ransomware in the last year said that they … Read More
Generative AI is not arriving with a bang, it’s slowly creeping into the software that companies already use on a daily basis. Whether it is video conferencing or CRM, vendors are scrambling to integrate AI copilots and assistants into their SaaS applications. Slack can now provide AI summaries of chat threads, Zoom can provide meeting … Read More
In episode 425 of “Smashing Security”, Graham reveals how “Call of Duty: WWII” has been weaponised – allowing hackers to hijack your entire PC during online matches, thanks to ancient code and Microsoft’s Game Pass. Meanwhile, Carole digs into a con targeting the recently incarcerated, with scammers impersonating bail bond agents to fleece desperate families. … Read More
Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize control over vulnerable Windows PCs with … Read More