Toggle light / dark theme

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers.

The malicious activity has been codenamed RedisRaider by Datadog Security Labs.

“RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,” security researchers Matt Muir and Frederic Baguelin said.

SK Telecom says malware breach lasted 3 years, impacted 27 million numbers

SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers.

SK Telecom is the largest mobile network operator in South Korea, holding roughly half of the national market.

On April 19, 2025, the company detected malware on its networks and responded by isolating the equipment suspected of being hacked.

19-year-old accused of largest child data breach in U.S. agrees to plead guilty

While the documents refer to the education company only as “Victim-2” and the U.S. attorney’s office declined to name the victim, a person familiar with the matter told NBC News that it is PowerSchool. The hack of PowerSchool last year is believed to be the largest breach of American children’s sensitive data to date.

According to his plea agreement, Lane admitted obtaining information from a protected computer and aggravated identity theft and agreed not to challenge a prison sentence shorter than nine years and four months. He got access simply by trying an employee’s stolen username and password combination, the complaint says, echoing a private third-party assessment of the incident previously reported by NBC News.

Billion-Dollar Bank Warns 7,537 Customers After Data Breach Triggers Unauthorized Account Access

A top 100 US bank just disclosed a data breach affecting the personal and confidential information of thousands of customers.

In a filing with the Office of the Maine Attorney General, Arkansas-based Arvest Bank says it’s warning 7,537 people after a technical glitch enabled unauthorized account access.

Quantum Speed Hack: Extra Qubits Slash Measurement Time Without Losing Precision

Quantum scientists have cracked a longstanding problem by devising a method to speed up measurements without losing accuracy, a key hurdle for quantum technology. By cleverly adding extra qubits, they traded “space” for time, gathering more information faster without destabilizing the fragile qua

Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations

Japan on Friday enacted a new law that would permit the country’s authorities to preemptively engage with adversaries through offensive cyber operations to ensure threats are suppressed before they cause significant damage.

The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach to cyber defense, which had tracked closely to its Article 9 constitutional commitment to pacifism.

The new Active Cyberdefense Law mirrors recent reinterpretations of Article 9, providing Japan’s Self-Defence Forces with the right to provide material support to allies under the justification that failing to do so could endanger the whole of the country.

Solar storms and cyberattacks can both cause blackouts. Knowing the difference could save billions of dollars

“Space weather can impact systems that use IT for critical functions and everyday processes,” James Spann, a senior scientist at the Office of Space Weather Observations at the U.S. National Oceanic and Atmospheric Administration’s (NOAA) National Environmental Satellite, Data, and Information Service (NESDIS) department, told Space.com in an email. “These space weather impacts can have the same symptoms as a cyberattack, where systems will be brought down, or lockup, or transmit erroneous information.”

NESDIS oversaw a tabletop space weather exercise conducted in May 2024, the first such drill testing the U.S. preparedness for a major solar storm. Results of the exercise, which brought together 35 US government agencies, were published in a report in April.

In one of the simulations during the exercise, NOAA and the U.S. Air Force reported a severe solar flare and radio burst, but another federal department or agency “reported contradictory information, suggesting that the radio and communications disruptions were possibly the result of a cyberattack,” according to the report. Above all, it showed the need for effective communication following such events.