Google has released a partial patch for the Pixnapping attack and is working on an additional fix. The post Pixnapping Attack Steals Data From Google, Samsung Android Phones appeared first on SecurityWeek.
Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The attack, per ETH Zürich researchers Benedict Schlüter and Shweta Shinde, exploits AMD’s incomplete protections that make it possibleRead More »RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing
Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users’ knowledge pixel-by-pixel. The attack has been codenamed Pixnapping by a group of academics from theRead More »New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US: The administration has also adapted its methods of social media surveillance. Though agencies like the State Department have gathered millions of handles and monitored political discussions online, the Trump administrationRead More »The Trump Administration’s Increased Use of Social Media Surveillance
Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AIRead More »What AI Reveals About Web Applications— and Why It Matters
SecurityWeek talks to Microsoft Deputy CISOs Ann Johnson and Mark Russinovich. The post CISO Conversations: Are Microsoft’s Deputy CISOs a Signpost to the Future? appeared first on SecurityWeek.
A vulnerability in RMP initialization allows the AMD processor’s x86 cores to maliciously control parts of the initial RMP state. The post RMPocalypse: New Attack Breaks AMD Confidential Computing appeared first on SecurityWeek.
What do hacktivist campaigns look like in 2025? To answer this question, we analyzed more than 11,000 posts produced by over 120 hacktivist groups circulating across both the surface web and the dark web, with a particular focus on groups targeting MENA countries. The primary goal of our research isRead More »Signal in the noise: what hashtags reveal about hacktivism in 2025
Users can continue receiving important security updates for Windows 10 by enrolling in the ESU program. The post Windows 10 Still on Over 40% of Devices as It Reaches End of Support appeared first on SecurityWeek.
Introduction Windows 11 was released a few years ago, yet it has seen relatively weak enterprise adoption. According to statistics from our Global Emergency Response Team (GERT) investigations, as recently as early 2025, we found that Windows 7, which reached end of support in 2020, was encountered only slightly lessRead More »The king is dead, long live the king! Windows 10 EOL and Windows 11 forensic artifacts
