Mar 28, 2025Ravie LakshmananOperational Technology / Vulnerability Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities have been … [Read more...] about Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
News
Protecting Android, Windows, and Linux devices against being tracked via the Find My network
AirTags are a popular tracking device used by anyone from forgetful key owners to those with malicious intent, such as jealous spouses and car thieves. Using AirTags for spying is simple: a tag is discreetly placed on the target to allow their movements to be conveniently monitored using Apple Find My. We’ve even added protection from AirTag-based tracking to our products for … [Read more...] about Protecting Android, Windows, and Linux devices against being tracked via the Find My network
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
Mar 27, 2025Ravie LakshmananEmail Security / Malware Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the … [Read more...] about New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
How the mind-splitting world of Severance comes together on Mac
March 26, 2025 UPDATE How the :br(s):mind-splitting world of Severance :br(s):comes together on Mac Geoffrey Richman, supervising editor on the global hit Apple Original workplace thriller, shares his creative process, why Mac is an indispensable tool, and his thoughts on who’s behind the video editing at Lumon In the fictional world of Lumon Industries, the biotech titan … [Read more...] about How the mind-splitting world of Severance comes together on Mac
Generative AI for Elastic’s workforce: Inside the hood of ElasticGPT
ElasticGPT — Powered by Elastic, for ElasticElasticGPT is our internal generative AI (GenAI) assistant built on a retrieval augmented generation (RAG) framework. It is meticulously crafted using Elastic’s own technology stack to deliver secure, scalable, and context-aware knowledge discovery for Elasticians. At its heart lies SmartSource, a private, internally built, and … [Read more...] about Generative AI for Elastic’s workforce: Inside the hood of ElasticGPT
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
Mar 26, 2025Ravie LakshmananMalware / Vulnerability The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor SparrowDoor and ShadowPad. The activity, observed in July 2024, marks the first time the hacking crew has deployed ShadowPad, a … [Read more...] about New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
How to hack an Eight Sleep smart mattress “Pod”
For a while after we wrote about hacking a bicycle, it seemed it couldn’t be beat as the most unlikely hack target ever. However, developers’ imagination seems to know no bounds — and hackers aren’t far behind in their ingenuity… And so, here’s introducing the internet-connected mattress system — or “Pod” as it’s called — made by the company Eight Sleep, along with several ways … [Read more...] about How to hack an Eight Sleep smart mattress “Pod”
Apple’s Worldwide Developers Conference returns the week of June 9
March 25, 2025 PRESS RELEASE Apple’s Worldwide Developers Conference returns the week of June 9 WWDC25 will be available entirely online and is free for all developers CUPERTINO, CALIFORNIA Apple today announced it will host its annual Worldwide Developers Conference (WWDC) online from June 9 to 13, 2025. Developers and students will also have the opportunity to celebrate … [Read more...] about Apple’s Worldwide Developers Conference returns the week of June 9
CVE-2025-2783 in Operation ForumTroll APT
Our exploit detection and prevention technologies have detected a new wave of cyberattacks with previously unknown malware. While analyzing it, our Global Research and Analysis Team (GReAT) experts realized that we’re dealing with a technically sophisticated targeted attack, which suggests that a state-sponsored APT group is behind it. The attack exploited a zero-day … [Read more...] about CVE-2025-2783 in Operation ForumTroll APT
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
Mar 25, 2025Ravie LakshmananThreat Intelligence / Malware A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin. "Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of … [Read more...] about Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker