North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations. Researchers analyzing the payloads discovered that the attacker relied on unusual techniques and a previously unseen signal-based persistence mechanism. The attack chain, which involves contacting victims via Telegram and luring them into running
Qantas discloses cyberattack amid Scattered Spider aviation breaches
Australian airline Qantas disclosed that it detected a cyberattack on Monday after threat actors gained access to a third-party platform containing customer data. Qantas is Australia’s largest airline, operating domestic and international flights across six continents and employing around 24,000 people. In a press release issued Monday night, the airline states that the attack has
Back to basics: Army revamps flight school after deadly crashes
In the wake of a string of deadly military aviation accidents over the past several years, the U.S. Army is launching a major overhaul of how it trains new pilots that focuses on getting back to the basics. The overhaul includes rethinking the type of aircraft used for training, along with a likely shift to
U.S. warns of Iranian cyber threats on critical infrastructure
U.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure. CISA says there are no indications of an ongoing campaign but urges critical infrastructure organizations and other potential targets to monitor their defense due to the current unrest in the Middle East and cyber
Bluetooth flaws could let hackers spy through your microphone
Vulnerabilities affecting a Bluetooth chipset present in more than two dozen audio devices from ten vendors can be exploited for eavesdropping or stealing sensitive information. Researchers confirmed that 29 devices from Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs, and Teufel are affected. The list of impacted products includes speakers, earbuds, headphones, and wireless
Two industry teams to begin bending metal for Bradley replacement
The sun rises above an M2A3 Bradley infantry fighting vehicle at a range in Qatar on Nov. 11, 2018. (Spc. Jovi Prevot/U.S. Army National Guard) The U.S. Army has signed off on the advancement of two industry teams into a technology development phase to build prototypes of a Bradley Infantry Fighting Vehicle replacement. American Rheinmetall
Let’s Encrypt ends certificate expiry emails to cut costs, boost privacy
Let’s Encrypt has announced it will no longer notify users about imminent certificate expirations via email due to high costs, privacy concerns, and unnecessary complexities. The decision to end the expiration notification email service was implemented as of June 4, 2025, but Let’s Encrypt has now communicated it via a blog post to raise awareness
Scattered Spider hackers shift focus to aviation, transportation firms
Hackers associated with “Scattered Spider” tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors These threat actors have employed a sector-by-sector approach, initially targeting retail companies, such as M&S and Co-op, in the United Kingdom and the United States and subsequently shifting their focus to insurance companies.
Army seeks $197 billion FY26 budget with transformation plan at center
U.S. Army Staff Sgt. Stetson Manuel assembles the Ghost-X drone during the human-machine integration experiment for Project Convergence in Fort Irwin, California, on March 11, 2024. (Staff Sgt. LaShic Patterson/U.S. Army) As the U.S. Army attempts one of the biggest reorganizations in recent decades, it will have to do it within the confines of a
Brother printer bug in 689 models exposes default admin passwords
A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers. The flaw, tracked under CVE-2024-51978, is part of a set