Raspberry Pi's profits are up. So is its DRAM bill
Forecasts earnings well ahead of expectations, even as it taps credit facilities to lock in memory supply
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Hackers Leak DentaQuest Information Impacting 2.6 Million
The ShinyHunters extortion group leaked roughly 234 GB of data allegedly stolen from the dental benefits administrator. The post Hackers Leak DentaQuest Information Impacting 2.6 M…
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing i…
Chrome 149 Patches 429 Vulnerabilities
Over 100 bugs are critical or high-severity, mainly use-after-free and insufficient validation of untrusted input flaws. The post Chrome 149 Patches 429 Vulnerabilities appeared fi…
Capita £370M bid 40% under UK.gov estimate for Oracle HR and finance system project, court case reveals
Cost model designed to protect against low-cost bid bias, claims rival
Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday
Experts commented on the EO’s voluntary nature, the balance between innovation and security, and potential implementation gaps. The post Industry Reactions to New Trump AI Cybersec…
Council in UK's City of York outs hundreds of disabled residents with a single email blunder
Blue Badge holders exposed to each other after BCC function proves too complex
UK's top crime agency hamstrung by legacy IT, watchdog warns
Regulator says NCA's aging tech drags down productivity, forces officers to juggle hardware and do manual workarounds
Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities
Posing as recruiters on online platforms, Chinese intelligence officers target personnel with access to classified or privileged information. The post Five Eyes: Chinese Spies Targ…
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to…
Brit regulator finds mobile network service on trains is far from first class
Comms watchdog says up to 83% of tests fail the 'good performance' threshold
Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals
The company detected a network intrusion in March and an investigation showed that some files were stolen during the attack. The post Nightclub Giant RCI Says Data Breach Affects 4…
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thou…
Tech support chap hauled out to help SWAT team saw his life flash before his eyes
Bulletproof vests and armored vehicles were not in the job description
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privil…
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026…
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay networ…
'It would be good for the world' to slow down AI sprints, Anthropic says
The plea for caution comes the same week it beat AI archrival OpenAI to filing for an IPO
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator,…
Pink is the latest goon squad to use fake helpdesk calls to steal creds
A familiar tactic popularized by chaotic crime crew Lapsus$
Canada wants to make its own AI, break free from US bots
Another ally questions reliance on American AI
Rust-Written IronWorm Hits NPM Supply Chain
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
Brave Software releases Origin for a paid, bloat-free browsing experience
Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetization-focused feature…
Hola Browser for Windows compromised to deliver cryptominer
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. […
China's TA4922 Expands Cybercrime Attacks Globally
One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia.
4 Critical Threats Where Attackers Have the Advantage
Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.
Credit card theft campaign abuses Stripe to host stolen payment info
A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [...]
Microsoft makes Linux developers feel more at home in Windows with Coreutils release
Microsoft has announced Coreutils, a new Windows 11 feature that allows developers to run many popular Linux command line utilities natively on Windows from a single binary. Rev…
Anthropic's open-source framework for AI-powered vulnerability discovery
Article URL: https://github.com/anthropics/defending-code-reference-harness Comments URL: https://news.ycombinator.com/item?id=48403980 Points: 539 # Comments: 142
AMD ships second-gen Versal Prime accelerators
AMD has added three new chips to its Versal Prime series lineup, which is designed for space-constrained applications. AMD began shipping the first production units of the Versa…