Security

Data Broker Giant LexisNexis Says Breach Exposed Personal Information of Over 364,000 People (techcrunch.com) 42

An anonymous reader quotes a report from TechCrunch: LexisNexis Risk Solutions, a data broker that collects and uses consumers' personal data to help its paying corporate customers detect possible risk and fraud, has disclosed a data breach affecting more than 364,000 people. The company said in a filing with Maine's attorney general that the breach, dating back to December 25, 2024, allowed a hacker to obtain consumers' sensitive personal data from a third-party platform used by the company for software development.

Jennifer Richman, a spokesperson for LexisNexis, told TechCrunch that an unknown hacker accessed the company's GitHub account. The stolen data varies, but includes names, dates of birth, phone numbers, postal and email addresses, Social Security numbers, and driver license numbers. It's not immediately clear what circumstances led to the breach. Richman said LexisNexis received a report on April 1, 2025 "from an unknown third party claiming to have accessed certain information." The company would not say if it had received a ransom demand from the hacker.

Security

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials (wired.com) 11

A security researcher has discovered an exposed database containing 184 million login credentials for major services including Apple, Facebook, and Google accounts, along with credentials linked to government agencies across 29 countries. Jeremiah Fowler found the 47-gigabyte trove in early May, but the database contained no identifying information about its owner or origins.

The records included plaintext passwords and usernames for accounts spanning Netflix, PayPal, Discord, and other major platforms. A sample analysis revealed 220 email addresses with government domains from countries including the United States, China, and Israel. Fowler told Wired he suspects the data was compiled by cybercriminals using infostealer malware. World Host Group, which hosted the database, shut down access after Fowler's report and described it as content uploaded by a "fraudulent user." The company said it would cooperate with law enforcement authorities.
IT

The Hobby Computer Culture (technicshistory.com) 55

A fairly comprehensive look at the early personal computer culture reveals that from 1975 through early 1977, personal computers remained "almost exclusively the province of hobbyists who loved to play with computers and found them inherently fascinating," according to newly surfaced historical research. When BYTE magazine launched in 1975, its cover called computers "the world's greatest toy," reflecting the recreational rather than practical focus of early adopters.

A BYTE magazine survey from late 1976 showed these pioneers were remarkably homogeneous: 72% held at least a bachelor's degree, had a median annual income of $20,000 ($123,000 in 2025 dollars), and were overwhelmingly male at 99%. Rather than developing practical software applications, early users gravitated toward games, particularly Star Trek simulations that appeared frequently in magazine advertisements and user group demonstrations.

The hobbyist community organized around local clubs like the famous Homebrew Computer Club, retail stores, and specialized magazines that helped establish what one researcher calls "a mythology of the microcomputer." This narrative positioned hobbyists as democratizing heroes who "ripped the computer and the knowledge of how to use it from the hands of the priests, sharing freedom and power with the masses," challenging what they termed the "computer priesthood" of institutional gatekeepers. This self-contained hobbyist culture would soon be "subsumed by a larger phenomenon" as businessmen began targeting mass markets in 1977.
Security

Cyberattack Surge Creates Opportunity for Insurers, Prompts Rethink on Premiums (bloomberg.com) 22

The recent surge in cyberattacks is pushing cyber insurers toward a fundamental reassessment of premium pricing, Bloomberg reports, with industry analysts warning of an impending "inflection point" that could reshape the market. Marks & Spencer's impending $404 million hit to its operating profit from a recent hack underscores claims that will "attract intense scrutiny from insurers," according to cybersecurity expert Adam Casey.

While incidents like this might not trigger immediate premium hikes across the board, they might likely contribute to an upward pricing trend. Panmure Liberum analyst Abid Hussain said that premiums have recently been falling as policy coverage has tightened, but the industry now faces a critical decision point. "There's going to be another step change, either in the policy wording or in the premiums, or both," Hussain said.
Communications

Qualcomm-Funded Study Finds Qualcomm's Modems Outperform Apple's C1 Chip in Real-World Tests (yahoo.com) 42

A Qualcomm-commissioned study found that Apple's inaugural C1 modem, debuting in the iPhone 16e, significantly underperformed compared to Qualcomm-powered Android devices in challenging network conditions. The research by Cellular Insights tested devices on T-Mobile's 5G network in New York City, where Android phones achieved download speeds up to 35% faster and upload speeds up to 91% quicker than the iPhone 16e.

The performance gap widened when networks were congested or devices operated farther from cell towers -- precisely the scenarios where next-generation modems should excel, according to the report. The iPhone 16e became "noticeably hot to touch and exhibited aggressive screen dimming within just two-minute test intervals" during testing. This study arrives as Apple attempts to reduce its dependence on Qualcomm, which has historically provided modems for the entire iPhone lineup and represents roughly 20% of Qualcomm's revenue.
IT

Panasonic's New Laptops Could Be the Final Death Knell For the Humble VGA Port (tomshardware.com) 80

An anonymous reader shares a report: Earlier today, Panasonic announced refreshed models of its long-established Let's Note laptop series. However, for the first time in its history, we have a Let's Note portable that doesn't have a VGA port. According to a report by Nikkei Japan, this is probably the beginning of the end for laptops sporting VGA output, with "other companies to follow suit."

A number of factors have precipitated Panasonic's removal of the venerable VGA port. The Nikkei report highlights the strong competition from HDMI, which can simultaneously transmit audio. We also see that the new Panasonic Let's Note CF-SC6 models feature a pair of Thunderbolt 4 ports, which can also be used for video out. That's three separate ports remaining on the Let's Note to drive external displays.

United States

CISA Loses Nearly All Top Officials (cybersecuritydive.com) 56

Multiple readers shared the following report about the executive departures at CISA: Virtually all of the top officials at the Cybersecurity and Infrastructure Security Agency (CISA) have departed the agency or will do so this month, according to an email obtained by Cybersecurity Dive, further widening a growing void in expertise and leadership at the government's lead cyber defense force at a time when tensions with foreign adversaries are escalating.

Five of CISA's six operational divisions and six of its 10 regional offices will have lost top leaders by the end of the month, the agency's new deputy director, Madhu Gottumukkala, informed employees in an email on Thursday. [...] The exits of these leaders could undermine the efficiency and strategic clarity of CISA's partnerships with critical infrastructure operators, private security firms, foreign allies, state governments and local emergency managers, experts say.

Privacy

Adidas Warns of Data Breach After Customer Service Provider Hack (bleepingcomputer.com) 10

German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data. From a report: "adidas recently became aware that an unauthorized external party obtained certain consumer data through a third-party customer service provider," the company said. "We immediately took steps to contain the incident and launched a comprehensive investigation, collaborating with leading information security experts."

Adidas added that the stolen information did not include the affected customers' payment-related information or passwords, as the threat actors behind the breach only gained access to contact. The company has also notified the relevant authorities regarding this security incident and will alert those affected by the data breach.

AI

Browser Company Abandons Arc for AI-Powered Successor (substack.com) 25

The Browser Company has ceased the active development of its Arc browser to focus on Dia, a new AI-powered browser currently in alpha testing, the company said Tuesday. In a lengthy letter to users, CEO Josh Miller said the startup should have stopped working on Arc "a year earlier," noting data showing the browser suffered from a "novelty tax" problem where users found it too different to adopt widely.

Arc struggled with low feature adoption -- only 5.52% of daily active users regularly used multiple Spaces, while 4.17% used Live Folders. The company will continue maintenance updates for Arc but won't add new features. Arc also won't open-source the browser because it relies on proprietary infrastructure called ADK (Arc Development Kit) that remains core to the company's value.
Iphone

Why the iPhone's Messages App Refuses Audio Messages That Mention 'Dave & Buster's' (rambo.codes) 95

Earlier this month app developer Guilherme Rambo had a warning for iPhone users: If you try to send an audio message using the Messages app to someone who's also using the Messages app, and that message happens to include the name "Dave and Buster's", the message will never be received.

In case you're wondering, "Dave and Buster's" is the name of a sports bar and restaurant in the United States... [T]he recipient will only see the "dot dot dot" animation for several seconds, and it will then eventually disappear. They will never get the audio message.

"The issue was first spotted on the podcast Search Engine..." according to an article in Fortune: Rambo's explanation of the curiosity goes like this.

"When you send an audio message using the Messages app, the message includes a transcription of the audio. If you happen to pronounce the name 'Dave and Buster's' as someone would normally pronounce it, almost like it's a single word, the transcription engine on iOS will recognize the brand name and correctly write it as 'Dave & Buster's' (with an ampersand)," he begins. So far, so good." [But ampersands have special meaning in HTML/XHTML...] And, as MacRumors puts it: "The parsing error triggers Apple's BlastDoor Messages feature that protects users from malicious messages that might rely on problematic parsing, so ultimately, the audio message fails to send."

To solve the mystery, Rambo "plugged the recipient device into my Mac and captured the logs right after the device received the problematic message." Their final thoughts... Since BlastDoor was designed to thwart hacking attempts, which frequently rely on faulty data parsing, it immediately stops what it's doing and just fails. That's what causes the message to get stuck in the "dot dot dot" state, which eventually times out, and the message just disappears. On the surface, this does sound like it could be used to "hack" someone's iPhone via a bad audio message transcription, but in reality what this bug demonstrates is that Apple's BlastDoor mechanism is working as designed.

Many bad parsers would probably accept the incorrectly-formatted XHTML, but that sort of leniency when parsing data formats is often what ends up causing security issues. By being pedantic about the formatting, BlastDoor is protecting the recipient from an exploit that would abuse that type of issue.

Encryption

How Many Qubits Will It Take to Break Secure Public Key Cryptography Algorithms? (googleblog.com) 53

Wednesday Google security researchers published a preprint demonstrating that 2048-bit RSA encryption "could theoretically be broken by a quantum computer with 1 million noisy qubits running for one week," writes Google's security blog.

"This is a 20-fold decrease in the number of qubits from our previous estimate, published in 2019... " The reduction in physical qubit count comes from two sources: better algorithms and better error correction — whereby qubits used by the algorithm ("logical qubits") are redundantly encoded across many physical qubits, so that errors can be detected and corrected... [Google's researchers found a way to reduce the operations in a 2024 algorithm from 1000x more than previous work to just 2x. And "On the error correction side, the key change is tripling the storage density of idle logical qubits by adding a second layer of error correction."]

Notably, quantum computers with relevant error rates currently have on the order of only 100 to 1000 qubits, and the National Institute of Standards and Technology (NIST) recently released standard PQC algorithms that are expected to be resistant to future large-scale quantum computers. However, this new result does underscore the importance of migrating to these standards in line with NIST recommended timelines.

The article notes that Google started using the standardized version of ML-KEM once it became available, both internally and for encrypting traffic in Chrome...

"The initial public draft of the NIST internal report on the transition to post-quantum cryptography standards states that vulnerable systems should be deprecated after 2030 and disallowed after 2035. Our work highlights the importance of adhering to this recommended timeline."
IT

Glitch is Basically Shutting Down (theverge.com) 7

Glitch, the coding platform where developers can share and remix projects, will soon no longer offer its core feature: hosting apps on the web. From a report: In an update on Thursday, Glitch CEO Anil Dash said it will stop hosting projects and close user profiles on July 8th, 2025 -- but stopped short of saying that it's shutting down completely.

Users will be able to access their dashboard and download code for their projects through the end of 2025, and Glitch is working on a new feature that allows users to redirect their project subdomains. The platform has also stopped taking new Pro subscriptions, but it will continue to honor existing subscriptions until July 8th.

Security

DanaBot Malware Devs Infected Their Own PCs (krebsonsecurity.com) 10

The U.S. unsealed charges against 16 individuals behind DanaBot, a malware-as-a-service platform responsible for over $50 million in global losses. "The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware," reports KrebsOnSecurity. From the report: Initially spotted in May 2018 by researchers at the email security firm Proofpoint, DanaBot is a malware-as-a-service platform that specializes in credential theft and banking fraud. Today, the U.S. Department of Justice unsealed a criminal complaint and indictment from 2022, which said the FBI identified at least 40 affiliates who were paying between $3,000 and $4,000 a month for access to the information stealer platform. The government says the malware infected more than 300,000 systems globally, causing estimated losses of more than $50 million. The ringleaders of the DanaBot conspiracy are named as Aleksandr Stepanov, 39, a.k.a. "JimmBee," and Artem Aleksandrovich Kalinkin, 34, a.k.a. "Onix," both of Novosibirsk, Russia. Kalinkin is an IT engineer for the Russian state-owned energy giant Gazprom. His Facebook profile name is "Maffiozi."

According to the FBI, there were at least two major versions of DanaBot; the first was sold between 2018 and June 2020, when the malware stopped being offered on Russian cybercrime forums. The government alleges that the second version of DanaBot -- emerging in January 2021 -- was provided to co-conspirators for use in targeting military, diplomatic and non-governmental organization computers in several countries, including the United States, Belarus, the United Kingdom, Germany, and Russia. The indictment says the FBI in 2022 seized servers used by the DanaBot authors to control their malware, as well as the servers that stored stolen victim data. The government said the server data also show numerous instances in which the DanaBot defendants infected their own PCs, resulting in their credential data being uploaded to stolen data repositories that were seized by the feds.

"In some cases, such self-infections appeared to be deliberately done in order to test, analyze, or improve the malware," the criminal complaint reads. "In other cases, the infections seemed to be inadvertent -- one of the hazards of committing cybercrime is that criminals will sometimes infect themselves with their own malware by mistake." A statement from the DOJ says that as part of today's operation, agents with the Defense Criminal Investigative Service (DCIS) seized the DanaBot control servers, including dozens of virtual servers hosted in the United States. The government says it is now working with industry partners to notify DanaBot victims and help remediate infections. The statement credits a number of security firms with providing assistance to the government, including ESET, Flashpoint, Google, Intel 471, Lumen, PayPal, Proofpoint, Team CYRMU, and ZScaler.

Privacy

Destructive Malware Available In NPM Repo Went Unnoticed For 2 Years (arstechnica.com) 6

An anonymous reader quotes a report from Ars Technica: Researchers have found malicious software that received more than 6,000 downloads from the NPM repository over a two-year span, in yet another discovery showing the hidden threats users of such open source archives face. Eight packages using names that closely mimicked those of widely used legitimate packages contained destructive payloads designed to corrupt or delete important data and crash systems, Kush Pandya, a researcher at security firm Socket, reported Thursday. The packages have been available for download for more than two years and accrued roughly 6,200 downloads over that time.

"What makes this campaign particularly concerning is the diversity of attack vectors -- from subtle data corruption to aggressive system shutdowns and file deletion," Pandya wrote. "The packages were designed to target different parts of the JavaScript ecosystem with varied tactics." [...] Some of the payloads were limited to detonate only on specific dates in 2023, but in some cases a phase that was scheduled to begin in July of that year was given no termination date. Pandya said that means the threat remains persistent, although in an email he also wrote: "Since all activation dates have passed (June 2023-August 2024), any developer following normal package usage today would immediately trigger destructive payloads including system shutdowns, file deletion, and JavaScript prototype corruption."
The list of malicious packages included js-bomb, js-hood, vite-plugin-bomb-extend, vite-plugin-bomb, vite-plugin-react-extend, vite-plugin-vue-extend, vue-plugin-bomb, and quill-image-downloader.

Slashdot Top Deals