Computer hacker holding a large remote control
Posted inCybersecurity News

Critical mcp-remote vulnerability puts thousands of systems at risk of remote code execution (RCE).

A critical security vulnerability (CVE-2025-6514) has been identified in the widely used open-source package mcp-remote, exposing hundreds of thousands of systems to the risk of remote code execution (RCE). The flaw affects versions 0.0.5 through 0.1.15 and has been downloaded more than 437,000 times, making its potential impact significant across the AI and developer communities.
Computer hacker holding a silicon computer chip
Posted inCybersecurity News

Former semiconductor engineer gets 3 years in prison for stealing sensitive chip technology for Russia.

A Dutch court has sentenced German Aksenov, a former engineer at leading semiconductor firms ASML and NXP, to three years in prison for stealing sensitive chip technology and illegally transferring it to a contact in Russia. The high-profile case underscores the growing risks of industrial espionage in the global semiconductor industry and the strict enforcement of European Union sanctions on technology exports to Russia.
Microsoft says, ‘Goodbye, JScript. Hello JScript9Legacy,’ replacing the long-standing legacy JavaScript engine.
Posted inCybersecurity News

Microsoft says, ‘Goodbye, JScript. Hello JScript9Legacy,’ replacing the long-standing legacy JavaScript engine.

Microsoft has taken a significant step toward strengthening the security architecture of Windows 11 with the adoption of the JScript9Legacy engine, replacing the long-standing legacy JScript engine. This update, introduced with Windows 11 version 24H2, is part of Microsoft’s ongoing initiative to modernize the Windows platform and mitigate vulnerabilities associated with outdated components.
Computer hacker with McDonalds French Fries on his desk
Posted inCybersecurity News

Applicants seeking McDonald’s jobs through their AI-powered McHire platform are not very McHappy about Olivia’s security vulnerabilities.

In a significant cybersecurity incident, McDonald’s AI-powered hiring platform, McHire, has been found to have exposed the personal information of millions of job applicants due to critical security vulnerabilities. The breach, uncovered by security researchers Ian Carroll and Sam Curry, highlights the growing risks associated with automated recruitment technologies and inadequate cybersecurity measures.
Computer hacker in front of a Chinese flag
Posted inCybersecurity News

The Irish are the next in line to investigate TikTok’s handling of European user data.

The Irish Data Protection Commission (DPC), the principal privacy regulator for TikTok in the European Union, has initiated a new investigation into the social media giant’s handling of European users’ data. The inquiry centers on revelations that TikTok stored a portion of European user data on servers located in China—an issue that has reignited concerns over cross-border data transfers and user privacy.
Russia’s aim to legalize ethical hacking is… thwarted?
Posted inCybersecurity News

Russia’s aim to legalize ethical hacking is… thwarted?

Russia’s reputation as a global hub for cybercrime continues to grow, even as the country’s lawmakers recently rejected a bill aimed at legalizing ethical hacking. The decision underscores the complex relationship between Russia’s state security apparatus, its burgeoning cybercriminal underground, and the challenges of regulating cybersecurity in an era of escalating digital threats.
Fake gaming and AI firms are using Telegram and Discord to spread malware to cryptocurrency users.
Posted inCybersecurity News

Fake gaming and AI firms are using Telegram and Discord to spread malware to cryptocurrency users.

A sophisticated cybercrime campaign is targeting cryptocurrency users by impersonating legitimate gaming, artificial intelligence (AI), and Web3 startup companies. According to recent research from cybersecurity firm Darktrace, these threat actors are leveraging popular communication platforms such as Telegram and Discord to distribute malware.
Russian professional basketball player Daniil Kasatkin arrested in France over alleged ransomware involvement.
Posted inCybersecurity News

Russian professional basketball player Daniil Kasatkin arrested in France over alleged ransomware involvement.

Daniil Kasatkin, a 26-year-old Russian professional basketball player, was arrested by French authorities at Charles de Gaulle Airport on June 21, 2025, at the request of the United States. The arrest stems from allegations that Kasatkin played a key role as a negotiator for a notorious ransomware group accused of targeting hundreds of organizations, including U.S. government agencies.