Memory crunch sends PC prices into double-digit climb
Notebooks up 11%, desktops 10% as chipmakers ditch consumer kit for AI server bling
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create m…
LLMs are closer to religion than they appear. Watch out for those who like it that way
Papal's 40k-word encyclical drops and lawyers already asking if Catholics can refuse workplace AI on religious grounds
Techie expensed a bag of oranges and then juiced up a stupid security incident
He knew this was amazingly dumb but couldn’t stop laughing as the fruit went splat
If cores are what agents crave, Intel's new Clearwater Xeon 6+ might just quench their thirst
Chipzilla’s first 2nm-class Xeon is finally here bristling with 288 cores
Intel Diamond Rapids to boost core counts to 192, but RIP Hyperthreading
Threads on a half shell, Intel power!
Intel focuses on power efficiency and cost with new chip designs
Intel hopes its latest chips will resolve AI-related power efficiency and cost concerns even as rivals AMD and Nvidia turn up their power consumption to deliver higher performance.…
Exploding rockets and exploding hardware prices make for a lousy new normal
This week on The Kettle, we mull over whether the Steam Deck is a canary in the coal mine for the future of hardware prices, and the effect of Blue Origin's blowout on NASA's Moon …
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. [...]
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malic…
Netflix wiz creates app to slash AI bills, then open sources it
Project Headroom could save you big money, too
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate…
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say
Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who gather information that could be used to attack key infrastructure. The …
Exploit Code Published for Critical Flowise RCE Vulnerability
The one-click vulnerability allows attackers to execute arbitrary code on self-hosted Flowise servers by tricking users into importing a malicious chatflow. The post Exploit Code P…
New CIFSwitch Linux flaw gives root on multiple distributions
A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers to forge CIFS authentication key descriptions, abuse the ke…
Wikipedia editors plot strike and banner sabotage after Wikimedia layoffs
Foundation sparks revolt after disbanding team responsible for many community-requested fixes and moderation tools
Rocket exhibit at National Space Centre pulls off unintentional NASA SLS impression
5, 4, 3, 2, 1... pfft
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulner…
AWS reportedly to tuck Elon Musk's Grok into Bedrock, despite zero enterprise demand
The energy drink of frontier models
Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
And then Microsoft busted them all
Okta writes its own license to kill rogue AI agents
CEO Todd McKinnon says customers including ServiceNow want an off switch
Friday Squid Blogging: Another Squid
Someone named “Squid” seems to be a “West Country legend.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog mo…
Name That Toon: Mark of (Cybersecurity) Progress
As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about the industry's last two decades.
ICE to keep an eye on your eyes under $25M biometric scanner deal
And you thought a face recognition app was intrusive?
No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
Researcher reported the vuln in March. Maintainers haven't responded to his messages since
ChatGPT share links abused to host fake outage pages to deliver malware
Threat actors are abusing ChatGPT's content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application. …
California AG sues 23andMe over 2023 breach exposing health data
California Attorney General Rob Bonta filed a lawsuit against 23andMe, now Chrome Holding Co., over the company's failure to protect sensitive customer genetic and personal informa…
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markdown links a…
QEMU mulls relaxing AI contribution ban
Red Hat engineer reckons the balance of risk has shifted, but core code stays off limits
HN829: EVPN/VXLAN Vs. TradCore
Drew and Ethan sit down with Tony Bourke to determine whether TradCore or EVPN VXLAN is right for your network. Tony is a seasoned instructor in automation, network design, and mor…