The best hacker and cyber security news. Contact us on
Jul 15, 2026
An industry-wide standard Microsoft invented to protect Windows, and later Linux, devices from firmware infections has been trivial to bypass for 13 of its 14 years of existence. The discovery was made by researchers at security firm ESET after identifying 11 firmware images, at least one from 2013, that were known to be defective but remained signed by the software company anyway. The images are known as shims, which were invented to extend Secure Boot to Linux devices and utility software. Using a technique simple enough to be performed by novice hackers, these old, forgotten shims can be used to completely circumvent the protection, which is embedded into the UEFI (Unified Extensible Firmware Interface) of the device’s motherboard. The gaffe is the result of the failure by Microsoft, which oversees the signing of shims, to revoke the publicly available images once vulnerabilities were found in them.
Jul 15, 2026
Microsoft has confirmed the existence of a persistent Windows device identifier called GDID, first publicly detailed in an FBI federal complaint against an alleged hacker. Microsoft has publicly acknowledged the existence of the Global Device Identifier (GDID), a device-specific ID assigned to Windows installations, in a federal complaint filed by US prosecutors against an alleged member of the Scattered Spider hacking group. The ID is generated when Windows is set up with a Microsoft Account, persists through Windows updates, and cannot be disabled without affecting Windows activation and Microsoft Store apps.
Jun 30, 2026
Cannabis Club Systems, also known as Nefos Solutions, left passports and photo IDs potentially exposed on the public web.Nearly a million passports and photo IDs were left unprotected on the public internetThis should be a wakeup call for data security.
Source: theverge.com
Jun 29, 2026
Federal authorities are offering a reward of up to $10 million for information leading to the identification or location of a Russian state cyber group that has compromised thousands of Signal and WhatsApp accounts belonging to investigative reporters and US government employees.
Source: arstechnica.com
Jun 26, 2026
Photo by Lianhao Qu on Unsplash
In December 2014, Der Spiegel published one of the most significant articles in the Snowden archive, exposing the scale of NSA and GCHQ efforts to break encryption and compromise encrypted communications. The article was accompanied by 44 supporting documents. One of those documents contains a previously unreported redaction failure that we believe is the most significant in any Snowden publication to date.
Source: libroot.org
Dec 10, 2020
U.S. drugmaker Pfizer and its German partner BioNTech said on Wednesday that documents related to development of their COVID-19 vaccine had been ‘unlawfully accessed’ in a cyberattack on Europe’s medicines regulator. The European Medicines Agency (EMA), which assesses medicines and vaccines for the European Union, said hours earlier it had been targeted in a cyberattack. It gave no further details.
Dec 2, 2020
Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable—meaning radio-proximity exploits could spread from one nearby device to another, once again, with no user interaction needed. This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research arm.
Nov 11, 2020
Operation Disruptor has led to a wave of arrests and seizures, but the dark web drug market has bounced back before. It’s one of the largest global dark web takedowns to date: 179 arrests spread across six countries; 500 kilograms of drugs seized; $6.5 million in cash and cryptocurrency confiscated. And while it was announced this morning, Operation Disruptor traces its roots back to May 3, 2019.
Nov 8, 2020
The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. Intrusions have taken place since at least April 2020, the FBI said inan alertsent out last month and made public this week on its website.
Nov 7, 2020
Companies House has forced a company to change its name after it belatedly realised it could pose a security risk. The company now legally known as “THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD” was set up by a British software engineer, who says he did it purely because he thought it would be “a fun playful name” for his consulting business.