NHS to close-source hundreds of GitHub repos over AI, security concerns
Healthcare giant's maintainers handed May deadline to enact the change
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Unexpected item in Windows' bagging area
Activating Windows will cost more than a couple of cheap carrier bags Bork!Bork!Bork! Things must be tough for UK grocery retailer Sainsbury's, judging by the state of Windows Acti…
MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs
The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests. The post MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Cro…
NHS to close-source hundreds of GitHub repos over AI, security concerns
Healthcare giant's maintainers handed May deadline to enact the change The UK's National Health Service (NHS) is ordering all of its technology leaders to temporarily wall off the …
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a…
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. [...]
WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities
The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year. The post WhatsApp Discloses File Spoofing, Arbitr…
Microsoft's bad obsession is showing up in shabby services and slipshod software. Here's proof
If you can't bother to keep GitHub running, why should we bother with you? Opinion It's been another shabby week for Microsoft, and a shabbier one for its users. We learnt that Win…
Microsoft's bad obsession is showing up in shabby services and slipshod software. Here's proof
If you can't bother to keep GitHub running, why should we bother with you?
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the wild. The …
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct …
Classic ASCII game NetHack debuts version 5.0 just 11 years after last major release
New monsters! New magic items! An Arm port! And compliance with a dead C standard
Classic ASCII game NetHack debuts version 5.0 just 11 years after last major release
New monsters! New magic items! An Arm port! And compliance with a dead C standard Antiques Code Show Admirers of Roguelike games have a new distraction: Version 5.0 of NetHack drop…
Microsoft to stop taking reservations for 17 Azure VM flavours, kill 13 in 2028
Haswell’s had its day and Skylake and Cascade Lake are draining away Microsoft will stop offering long-term rentals for 17 Azure instance types – most of them powered by CPUs Intel…
Microsoft to stop taking reservations for 17 Azure VM flavours, kill 13 in 2028
Haswell’s had its day and Skylake and Cascade Lake are draining away
IBM unveils its blueprint to help enterprises run AI at the core of their business
At its Think conference on Monday night, IBM announced what it calls a new operating model for the agentic enterprise. It encompasses coordinated AI agents that execute across t…
CVE-2026-31431: Copy Fail vs. rootless containers
Article URL: https://www.dragonsreach.it/2026/05/04/cve-2026-31431-copy-fail-rootless-containers/ Comments URL: https://news.ycombinator.com/item?id=48017813 Points: 205 # Comments…
Ruckus Networks on the move again, this time acquired by Belden for $1.85 billion
Belden (NYSE: BDC) has agreed to acquire Ruckus Networks from Vistance Networks (NASDAQ: VISN) for $1.846 billion in cash. It is the latest ownership change for a Wi-Fi and enterpr…
Singapore boffins get diverse SIEMs singing in harmony with agentic rule translation
Vendors all use different formats. This tech translates them all so you can smooth your SOC Academics from Singapore and China have found a way to make AI useful for cyber-defender…
Singapore boffins get diverse SIEMs singing in harmony with agentic rule translation
Vendors all use different formats. This tech translates them all so you can smooth your SOC
Palantir CEO: 10 percent of the world 'professionally hates us'
The Iran war has been great for business The Iran War has been great for business at Palantir, as the Department of Defense has doubled usage of the company’s Maven targeting syste…
Weaver E-cology critical bug exploited in attacks since March
Hackers have been exploiting a critical vulnerability (CVE-2026-22679) in the Weaver E-cology office automation since mid-March to run discovery commands. [...]
Bad news for OpenClaw stans: Apple’s Mac Mini now starts at $799
The tiny desktop is no longer Apple's most affordable computer The Mac Mini is the latest victim of the AI-fueled RAM-pocalypse. Last week, Apple discontinued the 256 GB version of…
Bad news for OpenClaw stans: Apple’s Mac Mini now starts at $799
The tiny desktop is no longer Apple's most affordable computer
Physical Cargo Theft Gets a Boost From Cybercriminals
Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain systems to reroute goods.
Microsoft fixes VS Code after app gives Copilot credit for human's work
Devs not thrilled that Git extension added the bot as co-author by default
Microsoft fixes VS Code after app gives Copilot credit for human's work
Devs not thrilled that Git extension added the bot as co-author by default Imagine working your butt off on a project, only to have VS Code put an attribution into your commit that…
AMD and Intel partner to deliver AI performance advancement
The first major fruits of the x86 Ecosystem Advisory Group (EAG) have come in the form of ACE, a new set of matrix instructions from Intel and AMD that the two claim deliver a mass…
RMM Tools Fuel Stealthy Phishing Campaign
Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.
Kids say they can beat age checks by drawing on a fake mustache
46% say age checks are easy to bypass, and nearly a third admit getting around them