WebAuthn PRF Encryption: Passkeys and WebAuthn – the next frontier for secure file encryption.
Posted inEncryption

WebAuthn PRF Encryption: Passkeys and WebAuthn – the next frontier for secure file encryption.

The evolution of passkeys and WebAuthn is not only advancing passwordless authentication—it is also unlocking new capabilities in the realm of data security. Among the most significant recent developments is the ability to use passkeys, in conjunction with the WebAuthn PRF (Pseudo-Random Function) extension, to securely encrypt and decrypt files. This represents a powerful new use case for passkeys, offering users phishing-resistant, hardware-backed, and password-free file encryption.
Russia’s state-sponsored APT28 threat actors are employing a previously unknown software called Authentic Antics against email systems.
Posted inCybersecurity News

Russia’s state-sponsored APT28 threat actors are employing a previously unknown software called Authentic Antics against email systems.

The UK’s National Cyber Security Centre (NCSC) has identified a new cyber espionage campaign attributed to Russian military intelligence operatives. According to a recent report, threat actors associated with the GRU—specifically the well-known group APT28—have been actively utilizing a previously unknown malicious software known as “Authentic Antics” to carry out targeted cyber operations against email systems.
Critical vulnerability in NVIDIA Container Toolkit, widely used in AI environments, presents significant security risk to cloud infrastructures.
Posted inCybersecurity News

Critical vulnerability in NVIDIA Container Toolkit, widely used in AI environments, presents significant security risk to cloud infrastructures.

A recently disclosed critical vulnerability in the NVIDIA Container Toolkit, widely used in AI and high-performance computing environments, presents a significant security risk to cloud infrastructures running GPU-accelerated workloads. Tracked as CVE-2025-23266, the vulnerability enables privilege escalation from within containers, allowing attackers to gain root-level access to the host system. With a CVSS score of 9.0 (Critical), the flaw affects a substantial portion of GPU-enabled cloud environments, including those offering multi-tenant AI services.
WiFi sensing means WiFi networks are used for more than just data transmission – and that could pose risks for cybersecurity.
Posted inCybersecurity News

WiFi sensing means WiFi networks are used for more than just data transmission – and that could pose risks for cybersecurity.

As wireless technologies continue to evolve, WiFi networks are increasingly being utilized for more than mere data transmission. WiFi sensing harnesses existing WiFi signals to detect and interpret physical activities, presence, and even physiological states, all without the need for wearables or dedicated monitoring hardware. While the opportunities afforded by WiFi sensing are significant, especially in enhancing security and automation, this innovation also introduces new challenges for cybersecurity and privacy.
Israeli developed TeleMessage SGNL messaging app, widely adopted by U.S. government agencies, financial institutions, legal firms, is being exploited by malicious actors.
Posted inCybersecurity News

Israeli developed TeleMessage SGNL messaging app, widely adopted by U.S. government agencies, financial institutions, legal firms, is being exploited by malicious actors.

A critical vulnerability affecting TeleMessage SGNL, a secure enterprise messaging and compliance platform modeled after Signal, is currently being exploited by malicious actors. The flaw—tracked as CVE-2025-48927—allows unauthenticated attackers to access sensitive memory dumps containing highly confidential user data.