Articles tagged with "cybersecurity"
Solar & Storage Succeed When Cybersecurity Leads - CleanTechnica
The article from CleanTechnica highlights the rapid growth of solar and energy storage technologies, which accounted for 84% of new grid capacity additions in 2024 and 82% in the first half of 2025. These technologies are critical to meeting rising electricity demand due to their low cost and quick deployment compared to traditional energy sources like gas and nuclear. However, as solar and storage systems become more widespread and digitally connected, cybersecurity emerges as a crucial priority to protect critical energy infrastructure from increasingly sophisticated cyber threats posed by nation-states and criminal actors, particularly from China, Russia, and Iran. The Solar Energy Industries Association (SEIA) is actively leading efforts to develop and implement cybersecurity best practices across the solar and storage industry, emphasizing secure manufacturing, operation, and supply chain management. The article stresses that many components in the solar supply chain were not originally designed with security in mind, and recent concerns about undocumented communication devices in Chinese-sourced equipment underscore the need for stronger policy and technical measures.
energysolar-energyenergy-storagecybersecuritysmart-gridenergy-supply-chainrenewable-energySatellites found exposing unencrypted data, including phone calls and some military comms
Security researchers from UC San Diego and the University of Maryland have uncovered that up to half of all geostationary satellites are transmitting sensitive consumer, corporate, and military data without encryption. Using an off-the-shelf satellite receiver over a three-year period, they intercepted unencrypted information including private phone calls, text messages, in-flight Wi-Fi internet traffic, and communications from critical infrastructure systems such as energy, water suppliers, and offshore oil and gas platforms. The researchers have spent the past year notifying affected organizations, prompting some, like T-Mobile and AT&T’s Mexican network, to begin encrypting their satellite transmissions. However, many entities, including certain critical infrastructure providers, have yet to secure their data, leaving substantial amounts of satellite communications vulnerable to eavesdropping for the foreseeable future. This ongoing exposure highlights significant security risks in satellite data transmission that require urgent attention.
energysatellite-communicationdata-securitycritical-infrastructureIoT-securitytelecommunicationscybersecuritySatellites are leaking private messages and sensitive military data
A recent study by researchers at UC San Diego and the University of Maryland has uncovered a significant security vulnerability in global satellite communications. The team found that approximately half of all geostationary satellite signals transmit sensitive data—including personal calls and texts, corporate information, and military communications—without any encryption. Using a relatively inexpensive setup costing under $800, the researchers intercepted thousands of private messages and data streams that were never intended for public access. Their findings highlight a widespread assumption within the satellite industry that no one would scrutinize or attempt to intercept these transmissions, a security approach the researchers describe as dangerously complacent. The study revealed that telecom companies often use satellites to connect remote cellular towers to their core networks, a process called backhaul, which frequently lacks encryption. This exposed unprotected data from major carriers such as T-Mobile, AT&T Mexico, and Telmex. More alarmingly, the researchers intercepted unencrypted communications from U.S. and Mexican military and law enforcement agencies, including sensitive information like ship identifiers
IoTsatellite-communicationdata-securityencryptionmilitary-communicationstelecommunicationscybersecurityNew system helps drones recover fast from stealth cyber hijacks
Researchers at Florida International University have developed SHIELD, a novel real-time defense system that enables drones to detect and recover from cyberattacks while still in flight. Unlike traditional defenses that primarily monitor navigation sensors vulnerable to manipulation (such as GPS spoofing), SHIELD continuously scans a drone’s entire control system—including hardware components like battery levels and processor activity—to identify unusual behavior indicative of an attack. Using machine learning models, SHIELD can recognize different attack patterns, detect cyber intrusions within 0.21 seconds, and initiate recovery procedures within 0.36 seconds, allowing the drone to complete its mission rather than terminating it as a fail-safe. This advancement addresses the growing security risks associated with the expanding use of drones across industries such as delivery, agriculture, infrastructure inspection, and disaster response. As regulatory bodies like the Federal Aviation Administration prepare to increase drone operations, SHIELD’s comprehensive approach provides a crucial safety layer by ensuring drones remain reliable and secure even under stealth cyber hijacks. The research team lik
robotdrone-securitycybersecurityIoT-securitymachine-learningreal-time-defenseautonomous-systemsAutonomous ARGUS robot tracks hackers and guards physical spaces
Romanian researchers from Ștefan cel Mare University have developed ARGUS (Autonomous Robotic Guard System), an innovative autonomous robot that integrates physical security and cybersecurity into a unified defense platform. Equipped with LiDAR, RGB/IR cameras, an intrusion detection system (IDS) module, and AI-powered computer vision, ARGUS can simultaneously patrol physical spaces and monitor network traffic to detect intruders and cyber threats in near real-time. It uses deep learning to identify suspicious activities such as unauthorized personnel, weapons, abnormal sounds, and digital anomalies, enabling it to respond to both physical and cyber breaches concurrently. ARGUS employs advanced navigation technologies like Simultaneous Localization and Mapping (SLAM) and sophisticated control algorithms to autonomously maneuver through indoor and outdoor environments without human intervention. Its modular design allows integration with existing security infrastructures, making it suitable for complex environments such as industrial plants, smart cities, airports, and research labs where cyber-physical threats often overlap. Future developments envision multiple ARGUS units operating as
roboticsautonomous-robotscybersecurityAISLAMsmart-buildingsintrusion-detectionHackers can hijack Unitree humanoid robots via Bluetooth flaw
Security researchers Andreas Markis and Kevin Finnisterre revealed a critical Bluetooth Low Energy (BLE) vulnerability affecting Unitree Robotics’ humanoid and quadruped robots, including the Go2, B2, G1, and H1 models. The flaw, dubbed UniPwn, allows attackers to gain root-level wireless access by exploiting hardcoded encryption keys used in the robots’ BLE setup for WiFi configuration. This weakness enables a single compromised robot to infect others within range, effectively creating a self-propagating botnet. Additionally, the G1 robot was found to transmit data to servers in China every five minutes without user notification, raising further privacy and security concerns. The researchers criticized Unitree Robotics for poor communication regarding these vulnerabilities, questioning whether the issues stem from negligence or intentional design flaws. In response, Unitree acknowledged the problems and stated that most fixes have been completed and will be rolled out soon. Experts recommend disabling Bluetooth connectivity and using only WiFi to connect these robots to mitigate risks
roboticscybersecurityBluetooth-Low-EnergyUnitree-robotsIoT-securityhumanoid-robotsrobot-hackingInside the Nuclear Bunkers, Mines, and Mountains Being Retrofitted as Data Centers
The article explores the growing trend of repurposing underground spaces—such as former nuclear bunkers, mines, and mountain caverns—into highly secure data centers to protect critical digital infrastructure. One example is a Cold War-era Royal Air Force nuclear bunker in southeast England, now operated by Cyberfort Group as a cloud computing facility. This site, along with others worldwide, including former bomb shelters in China, Soviet command centers in Kyiv, and abandoned U.S. Department of Defense bunkers, has been transformed to serve as “future-proof” data storage locations. These subterranean centers leverage their inherent physical security and environmental stability to safeguard valuable digital data, reflecting a modern continuation of humanity’s ancient practice of storing precious items underground. The article also highlights notable underground data centers such as Stockholm’s Pionen bunker, the Mount10 AG complex in the Swiss Alps, and Iron Mountain’s facilities in former mines in the U.S. Additionally, the National Library of Norway and the Arctic World Archive in a rep
data-centersenergy-infrastructureunderground-facilitiesdigital-storagecybersecuritycloud-computingenergy-efficiencyLQMs vs. LLMs: when AI stops talking and starts calculating
The article discusses the emerging role of Large Quantitative Models (LQMs) as a new class of AI systems that differ fundamentally from Large Language Models (LLMs). Unlike LLMs, which are trained on internet text to generate language-based outputs, LQMs are purpose-built to work with numerical, scientific, and physical data, enabling them to simulate complex real-world systems in fields like chemistry, biology, and physics. Fernando Dominguez, Head of Strategic Partnerships at SandboxAQ—a company at the forefront of AI and quantum technology integration—explains that LQMs can generate novel data not available in existing datasets, such as simulating trillions of molecular interactions. This capability allows LQMs to accelerate drug discovery, financial modeling, and navigation, offering a more quantitative and practical approach to AI-driven innovation. A key example highlighted is SandboxAQ’s collaboration with UCSF’s Institute for Neurodegenerative Diseases, where LQMs enabled the simulation of over 5 million molecular compounds in
materialsAIquantum-computingdrug-discoverysimulationpharmaceuticalscybersecurityUS warns of hidden radios in solar-powered highway infrastructure
U.S. officials, through an advisory issued by the Federal Highway Administration (FHWA) on August 20, have raised concerns about hidden electronic devices embedded in solar-powered highway infrastructure such as chargers, roadside weather stations, and traffic cameras. The advisory warns that rogue radios or undocumented cellular components found in foreign-made inverters and battery management systems (BMS)—many of which are manufactured in China—could enable remote tampering with critical transportation systems. Such interference could cause power surges, sabotage roadside equipment, or disrupt future autonomous vehicle networks, posing significant risks to U.S. infrastructure security. The FHWA’s advisory recommends that agencies create inventories of all inverters, conduct spectrum analysis to detect unauthorized communications, and disable or remove any undocumented radios. It also advises segmenting networks to limit potential damage from compromises. These warnings follow earlier discoveries of suspicious communication devices in Chinese inverters and batteries, not only in the U.S. but also in Denmark’s power supply networks. The Department of Transportation emphasized
energysolar-powerhighway-infrastructurecybersecurityinvertersbattery-management-systemsremote-tamperingSmart ring maker Oura’s CEO addresses recent backlash, says future is a ‘cloud of wearables’
Oura CEO Tom Hale addressed recent backlash stemming from misinformation that the company shares user data with the U.S. government. Hale firmly denied these claims, clarifying that Oura’s health data—collected through its smart rings, including metrics like heart rate, sleep, and body temperature—is never shared or sold without explicit user consent. He explained that while Oura participates in a Department of Defense (DoD) program, the enterprise solution operates in a separate, secure environment inaccessible to the government. Hale also dispelled rumors about a significant partnership with Palantir, stating that Oura’s relationship is limited to a small commercial contract related to a DoD certification standard (Impact Level 5) and does not involve data sharing or system integration. Hale emphasized the company’s commitment to user privacy and security, noting that Oura’s terms of service explicitly oppose using user data for surveillance or prosecution. Access to user data is tightly controlled and only permitted with user authorization for specific purposes, such as
IoTwearable-technologysmart-ringdata-privacyhealth-trackingcloud-computingcybersecurityReOrbit lands record funding to take on Musk’s Starlink from Europe
ReOrbit, a Helsinki-based European space tech startup founded in 2019, has secured a record-breaking Series A funding round of approximately US $53 million. The company aims to provide nations with sovereign control over their satellite communications as an affordable alternative to Elon Musk’s Starlink. Unlike Starlink, which serves private users and enterprises, ReOrbit emphasizes full ownership and sovereignty for its clients by sourcing hardware from trusted suppliers and controlling it through its proprietary software platform. This platform, comparable to an operating system like iOS, supports both geostationary and low earth orbit satellites, addressing the growing need for secure space infrastructure critical to national defense and security. ReOrbit has already signed a major contract worth hundreds of millions of euros with one country and multiple memoranda of understanding with others, demonstrating strong market traction. Although the startup did not require external funding due to these contracts, it pursued the Series A round to accelerate growth, targeting €1 billion in order books within four years. The funding round was
IoTsatellite-technologyspace-techtelecommunicationscybersecuritydefense-technologysoftware-platformsVenezuela’s president thinks American spies can’t hack Huawei phones
Venezuelan President Nicolás Maduro recently showcased a Huawei foldable smartphone gifted by China’s President Xi Jinping, claiming it to be “the best phone in the world” and asserting that American intelligence agencies cannot hack it. However, cybersecurity experts and evidence suggest otherwise. A U.S.-based vulnerability researcher noted that Huawei’s devices, running on its proprietary HarmonyOS and hardware, may actually be easier to hack due to the relative newness and immaturity of its code compared to established platforms like iOS and Android. Huawei devices, including the Mate X6 model, require regular security updates, and the company has acknowledged vulnerabilities and malware infections on its products. Historically, U.S. government agencies have targeted Huawei for espionage. In 2014, the NSA reportedly hacked Huawei’s servers and implanted backdoors, gaining access to the company’s internal communications and product information. Documents revealed that the NSA aimed to exploit Huawei products to infiltrate networks worldwide. Given this history, it is highly likely that
IoTcybersecurityHuaweismartphonesmobile-operating-systemshackingespionageFBI says China’s Salt Typhoon hacked at least 200 US companies
The FBI has confirmed that a Chinese-backed hacking campaign known as Salt Typhoon has compromised at least 200 American companies, marking a significant escalation in Chinese cyber espionage efforts. FBI Assistant Director Brett Leatherman revealed that the campaign not only targeted U.S. businesses but also involved spying on senior American politicians and officials by accessing call records. This allowed hackers to map communication networks and identify who was under U.S. surveillance through legal orders. The severity of the threat led some officials to take extraordinary measures to protect their communications. Salt Typhoon primarily targets company routers to siphon sensitive network traffic, posing an ongoing threat according to the FBI. The agency, in coordination with nearly two dozen international partners, has provided technical guidance to help organizations detect and mitigate these intrusions. Although specific victim companies were not named by Leatherman, some have since been publicly identified. This campaign underscores the persistent and global nature of Chinese cyber espionage activities against U.S. interests.
IoTcybersecurityhackingnetwork-securityrouterscyber-espionagedata-breachSecurity researcher maps hundreds of TeslaMate servers spilling Tesla vehicle data
Security researcher Seyfullah Kiliç from SwordSec discovered over 1,300 publicly exposed TeslaMate servers, hobbyist dashboards used by Tesla owners to log detailed vehicle data such as location history, battery health, charging sessions, and speed. These servers, likely made public unintentionally and lacking password protection, allowed anyone on the internet to access sensitive Tesla vehicle information. Kiliç scanned and mapped these exposed dashboards, highlighting the significant privacy risks, including revealing owners’ movements, charging habits, and even vacation times. This issue is not new but appears to have worsened since 2022, when a similar exposure was reported. TeslaMate’s founder previously implemented a bug fix to prevent unauthorized access, but users remain responsible for securing their servers. Kiliç emphasized the importance of enabling authentication and firewall protections to prevent data leaks and urged TeslaMate users to secure their publicly accessible dashboards. The research aims to raise awareness within the Tesla owner and open-source communities about the risks of inadvertently exposing sensitive vehicle
IoTTeslavehicle-datacybersecuritydata-privacyopen-sourcesmart-vehiclesAMPECO & Autel Europe Strengthen EV Charging Infrastructure With Successful OCPP 2.0.1 Integration - CleanTechnica
AMPECO, a global EV charging management software leader, and Autel Europe, a prominent EV charging solutions provider, have successfully completed comprehensive testing of the OCPP 2.0.1 protocol integration between Autel’s MaxiCharger DH480 and AMPECO’s management platform. This achievement enables Charge Point Operators (CPOs) across Europe to deploy scalable, secure, and future-ready charging infrastructure. Key benefits include enhanced operational control, advanced cybersecurity with Level 2 TLS encryption and certificate-based authentication, sophisticated load balancing, dynamic charging profiles, and remote management capabilities that reduce maintenance needs and improve uptime. The MaxiCharger DH480 is a modular, high-power (480 kW) DC charger designed for high-demand environments such as highway corridors and commercial depots. It supports up to four simultaneous charging outputs, facilitating efficient energy distribution and reduced wait times during peak periods. The successful OCPP 2.0.1 integration validates critical functionalities like secure communication, remote session management, and
energyEV-chargingOCPP-2.0.1smart-gridenergy-managementelectric-vehiclescybersecurityHow your solar rooftop became a national security issue
The article discusses emerging national security concerns related to residential solar rooftop systems, focusing on vulnerabilities in solar inverters—devices that convert solar energy into usable electricity and connect homes to the power grid. James Showalter, CEO of EG4, highlights a hypothetical but technically possible scenario where an attacker physically accesses a homeowner’s Wi-Fi network and compromises the solar inverter, potentially taking control of the home’s energy system. Although Showalter considers such an attack unlikely, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently disclosed significant security flaws in EG4’s solar inverters. These vulnerabilities include unencrypted communications, lack of firmware integrity checks, and weak authentication, which could allow attackers on the same network to intercept data, install malicious software, or seize control of the inverter. The article underscores that modern solar inverters have evolved from simple power converters into complex, interconnected devices integral to home energy management and grid interaction. With the rapid growth of residential solar installations in the U.S. driven by
energysolar-energycybersecurityIoT-securitysmart-gridsolar-inverterhome-energy-managementU.S. government seized $1 million from Russian ransomware gang
The U.S. Department of Justice, in coordination with global law enforcement agencies from countries including Canada, Germany, Ireland, France, and the U.K., seized four servers, nine domains, and approximately $1 million in cryptocurrency linked to a Russian ransomware gang on July 24. This group is believed to be behind two ransomware strains, BlackSuit and Royal, which have targeted critical infrastructure sectors in the U.S. and internationally. The BlackSuit gang alone has demanded over $500 million in ransom, with individual demands reaching as high as $60 million, posing a significant threat to U.S. public safety. Since 2022, the cybercriminal gang has compromised more than 450 victims across various sectors such as healthcare, education, public safety, energy, and government, accumulating over $370 million in ransom payments. The seized cryptocurrency was recovered from a digital currency exchange account that had been frozen since January of the previous year. The investigation highlights ongoing international efforts to disrupt ransomware operations that threaten critical infrastructure
energycybersecurityransomwarecritical-infrastructurecryptocurrencycybercrimepublic-safetySecurity flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere
A security researcher, Eaton Zveare from Harness, discovered critical security flaws in a major carmaker’s online dealership portal that exposed private customer information and vehicle data. The vulnerabilities allowed the creation of an unauthorized “national admin” account, granting full access to the centralized portal used by over 1,000 dealers across the U.S. This access enabled a hacker to view sensitive personal and financial data, track vehicles, and enroll customers in features that remotely control car functions, such as unlocking doors via a mobile app. The flaws stemmed from buggy code loaded in users’ browsers on the login page, which Zveare exploited to bypass authentication entirely. Zveare demonstrated how the portal’s national consumer lookup tool could identify vehicle owners using minimal information, such as a vehicle identification number seen in public or just a customer’s name. He also showed that transferring vehicle control to a different mobile account required only a simple attestation, making unauthorized takeovers feasible. Although he did not test driving the vehicles,
IoTcybersecurityconnected-carsremote-vehicle-accessautomotive-securityhackingvehicle-telematicsSex toy maker Lovense threatens legal action after fixing security flaws that exposed users’ data
Lovense, a manufacturer of internet-connected sex toys, recently addressed security vulnerabilities that exposed users’ private email addresses and allowed remote account takeovers. The company confirmed that these bugs have been fully resolved and now requires users to update their apps to regain full functionality. However, Lovense CEO Dan Liu is reportedly considering legal action in response to what he described as erroneous reports about the security flaws, though it remains unclear whether this refers to media coverage or the security researcher’s disclosure. The security issues were initially revealed by a researcher known as BobDaHacker, who disclosed the vulnerabilities after Lovense indicated it would take 14 months to fully fix them instead of implementing a quicker, one-month fix that would have required notifying users. Despite Lovense’s claim that there is no evidence of data compromise or misuse, TechCrunch independently verified the email exposure bug, raising questions about the company’s assessment. Lovense has not clarified what technical evidence it has to support its claim of no data compromise. The situation highlights
IoTcybersecurityconnected-devicesdata-privacysoftware-vulnerabilitiesuser-securitylegal-issuesChina cites ‘backdoor safety risk’ in Nvidia’s H20 AI chip; company denies allegation
Chinese authorities have summoned Nvidia over alleged security vulnerabilities in its H20 AI chip, citing “serious security risks” and concerns about potential backdoors that could allow remote access or tracking. The Cyberspace Administration of China (CAC) questioned Nvidia representatives and requested documentation to clarify these issues. Nvidia has denied the allegations, affirming that their chips contain no such backdoors. This investigation comes amid stalled trade talks between Washington and Beijing and could delay Nvidia’s efforts to resume sales of the H20 chip in China, complicating the company’s market position. The scrutiny of Nvidia’s H20 chip aligns with China’s broader strategy to reduce reliance on U.S. semiconductor technology and promote domestic alternatives, such as Huawei’s Ascend 910C chip, which is gaining traction for AI workloads. The H20 was designed to comply with U.S. export restrictions, and its sales resumption was seen as a potential breakthrough in easing trade tensions. However, the current probe and regulatory uncertainty highlight ongoing geopolitical and
semiconductorsAI-chipscybersecurityNvidiaChina-tech-markettrade-restrictionssemiconductor-alternativesCorsha gets investment from Cybernetix Ventures for robot cybersecurity - The Robot Report
Corsha Inc., a Vienna, Virginia-based company specializing in machine cybersecurity, has secured investment from Cybernetix Ventures as part of its $18 million Series A-1 funding round. Corsha’s platform focuses on securing machine-to-machine (M2M) connections within robotics and industrial automation, addressing a gap where traditional cybersecurity has largely centered on human protection while neglecting operational technology. Founded in 2017, Corsha offers a patented Machine Identity Provider (m-IdP) that provides dynamic, cryptographic machine identities, continuous verification, and automated lifecycle management to ensure secure, authorized connections across cloud, edge, hybrid, and air-gapped environments. The m-IdP platform is designed to support the growing autonomy and interconnectivity of industrial systems by embedding zero-trust principles and enabling secure data movement and automation at machine speed and scale. Cybernetix Ventures highlighted Corsha’s solution as a foundational trust layer critical for the future of connected, autonomous systems, emphasizing the increasing need for
robotcybersecuritymachine-identityindustrial-automationoperational-technologyautonomous-systemsIoT-securitySex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers
Security researcher BobDaHacker revealed that sex toy maker Lovense has not fully resolved two critical security vulnerabilities that expose users’ private email addresses and allow account takeovers. Lovense, which has over 20 million users and is known for integrating ChatGPT into its products, was found leaking users’ email addresses through its app’s network traffic. By intercepting and modifying network requests, an attacker could link any Lovense username to its registered email address, posing significant privacy risks—especially for cam models who publicly share usernames but want to keep their emails private. TechCrunch verified this vulnerability, and BobDaHacker demonstrated that automating the process could reveal emails in under a second. The second flaw is even more severe, enabling attackers to take over any Lovense account using just the exposed email address. This vulnerability allows creation of authentication tokens without passwords, granting full remote control of the account. Given that many users rely on Lovense devices for work, such as cam models, this flaw represents a
IoTcybersecurityinternet-connected-devicesdata-privacyvulnerabilityaccount-takeoverbug-bountyChinese hackers hit US nuclear agency using Microsoft software flaw
Microsoft has issued a critical warning that Chinese state-backed hacking groups have exploited security vulnerabilities in its SharePoint software, primarily affecting organizations using on-premises servers rather than cloud-based services. The identified groups—Linen Typhoon, Violet Typhoon, and Storm-2603—have compromised a wide range of government agencies and private organizations globally since early July. Microsoft emphasized the increasing sophistication and scale of these cyber threats and expects these vulnerabilities to be further integrated into future attacks. Among the most significant breaches is the infiltration of the US National Nuclear Security Administration (NNSA), responsible for the nation’s nuclear weapons design and maintenance, although no classified information was reportedly taken. Other affected entities include various branches of the US Department of Energy, the Department of Education, Florida’s Department of Revenue, and the Rhode Island General Assembly. Cybersecurity experts have detected breaches on over 100 servers spanning 60 organizations, including energy firms, consulting companies, and universities, with investigations ongoing. The campaign’s reach also extends internationally
energycybersecuritynuclear-securityhackingMicrosoft-SharePointcyber-threatsgovernment-agenciesHackers exploiting SharePoint zero-day seen targeting government agencies, say researchers
Researchers have identified hackers exploiting a previously unknown zero-day vulnerability in Microsoft SharePoint, primarily targeting government organizations. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the active exploitation of this flaw, which affects on-premises SharePoint servers but not the cloud versions. Initial attacks have focused on a limited set of targets, including U.S. federal and state agencies, universities, and energy companies, suggesting the involvement of a government-affiliated threat actor. Experts note that while the initial exploitation has been relatively contained, the vulnerability remains unpatched across many organizations, with estimates of 9,000 to 10,000 vulnerable SharePoint instances accessible online. This exposure raises concerns that other malicious actors, beyond the original government-linked hackers, may begin exploiting the flaw more broadly. Microsoft advises organizations to either apply the patch promptly or disconnect their SharePoint servers from the internet to mitigate the risk. Security researchers continue to monitor the situation as the campaign evolves.
energycybersecuritySharePointgovernment-agencieszero-day-vulnerabilityhackingMicrosoftUkrainian hackers claim to have destroyed servers of Russian drone maker
Ukrainian hacktivist group BO Team, in collaboration with the Ukrainian Cyber Alliance and Ukraine’s military intelligence, claimed to have successfully hacked into and disrupted the network of the Russian drone manufacturer Gaskar Group. According to their announcement, the cyberattack involved seizing the entire network and server infrastructure, collecting sensitive information on current and future unmanned aerial vehicles (UAVs), and subsequently destroying data and disabling the company’s systems. The group reported destroying over 250 systems, including 46 virtual servers and more than 200 workstations, while wiping 47 terabytes of company data and 10 terabytes of backups. Additionally, the hackers stated they stole personal data of Gaskar Group employees, such as home addresses and family information. This attack is significant given the extensive use of drones by both Ukrainian and Russian forces since the full-scale invasion of Ukraine in 2022, highlighting the strategic importance of drone technology in the conflict. Gaskar Group had not responded to requests for comment
robotdronescybersecurityunmanned-aerial-vehiclesmilitary-technologycyberattackhackingNew ultra-secure SSD can self-destruct to protect sensitive data
Taiwanese company TeamGroup has introduced the P250Q-M80, a new internal SSD designed for ultra-secure data protection by featuring a self-destruction mechanism. Targeted at sectors such as defense, industrial automation, AI development, and cryptocurrency storage, this drive can erase sensitive data either through a software-level wipe or a hardware-level kill switch. The software wipe can be interrupted and resumed automatically, while the hardware kill switch, activated by holding an external red button for 5 to 10 seconds, sends a high-voltage surge to physically destroy the NAND flash chips, rendering the drive permanently unusable and data irrecoverable. This irreversible destruction can also be triggered remotely via a wired external button, making it suitable for high-risk environments requiring immediate data elimination. Beyond its security features, the P250Q-M80 offers robust performance and durability. It uses a PCIe Gen4x4 interface with NVMe 1.4 protocol, delivering read speeds up to 7,000
materialsdata-storageSSDcybersecurityindustrial-automationNAND-flashPCIe-Gen4Jack Dorsey says his ‘secure’ new Bitchat app has not been tested for security
Block CEO and Twitter co-founder Jack Dorsey recently launched Bitchat, a decentralized messaging app that uses Bluetooth and end-to-end encryption, aiming to provide secure communication in environments where internet access is restricted or monitored. Dorsey emphasized that Bitchat’s design prioritizes security, but he has openly admitted that the app has not undergone any external security reviews or testing. A disclaimer was added to Bitchat’s GitHub page warning users not to rely on the app’s security or use it for production until it has been properly vetted. Security researchers quickly identified significant vulnerabilities in Bitchat. Notably, Alex Rodocea discovered a critical flaw in the app’s identity authentication system, allowing attackers to impersonate contacts by intercepting digital identity keys, undermining the app’s core security feature of verifying trusted contacts (“Favorites”). Additionally, another potential buffer overflow vulnerability was reported, which could lead to data compromises. Rodocea cautioned that users should not trust Bitchat’s security
IoTBluetoothsecure-messagingdecentralized-append-to-end-encryptioncybersecuritydigital-identityThe EU Proposes New Rules to Govern the European Space Race
The European Commission has proposed new legislation, dubbed the EU Space Act, to address the fragmented and nationally varied space regulations within the eurozone. With an estimated 11,000 satellites currently orbiting Earth and projections of at least 50,000 more launches in the next decade, the Commission aims to streamline regulatory procedures, protect assets in orbit, and foster a level playing field for European companies. The regulation focuses on three pillars: safety—by improving tracking of space debris and ensuring satellite disposal; resilience—by mandating risk assessments and cybersecurity standards for space operators; and sustainability—by establishing standards to manage resources, emissions, and waste from space activities. Recognizing the significant costs compliance may impose on the industry, the Commission plans support measures to assist particularly startups and SMEs, including enhanced technical capabilities, access to testing facilities, and help with authorization processes. The broader strategy to boost Europe’s space economy includes over 40 actions to strengthen the bloc’s global market participation, autonomy, and technological edge.
IoTsatellite-technologyspace-regulationcybersecurityspace-debris-managementsustainabilityEuropean-space-economyAI can see whatever you want with US engineers' new attack technique
US engineers have developed a novel attack technique called RisingAttacK that can manipulate AI computer vision systems to control what the AI "sees." This method targets widely used vision models in applications such as autonomous vehicles, healthcare, and security, where AI accuracy is critical for safety. RisingAttacK works by identifying key visual features in an image and making minimal, targeted changes to those features, causing the AI to misinterpret or fail to detect objects that remain clearly visible to humans. For example, an AI might recognize a car in one image but fail to do so in a nearly identical altered image. The researchers tested RisingAttacK against four popular vision AI models—ResNet-50, DenseNet-121, ViTB, and DEiT-B—and found it effective in manipulating all of them. The technique highlights vulnerabilities in deep neural networks, particularly in the context of adversarial attacks where input data is subtly altered to deceive AI systems. The team is now exploring the applicability of this
robotAI-securityautonomous-vehiclescomputer-visionadversarial-attacksartificial-intelligencecybersecurityPro-Israel hacktivist group claims responsibility for alleged Iranian bank hack
The pro-Israel hacktivist group Predatory Sparrow (also known as Gonjeshke Darande) claimed responsibility for a cyberattack that allegedly targeted and disrupted Iran’s Bank Sepah. The group stated on social media platform X that they destroyed data belonging to Bank Sepah, which they accuse of helping the Islamic Revolutionary Guard Corps (IRGC) circumvent international sanctions and finance Iran’s ballistic missile, nuclear, and proxy activities. Reports from Iran International indicated widespread banking disruptions, including branch closures and customers being unable to access accounts, with images circulating of ATMs displaying error messages. However, TechCrunch was unable to independently verify the attack, and Bank Sepah and its affiliates did not respond to requests for comment. This alleged cyberattack occurs amid escalating hostilities between Israel and Iran, following Israeli strikes on Iranian nuclear and military sites. Predatory Sparrow is believed to be a pro-Israel or anti-Iran hacktivist group with a history of targeting Iranian infrastructure, including steel plants
energycybersecuritycyberattackhacktivistIrannuclear-energyindustrial-disruptionPro-Israel hacktivist group claims reponsibility for alleged Iranian bank hack
The pro-Israel hacktivist group Predatory Sparrow, also known by its Persian name Gonjeshke Darande, claimed responsibility for a cyberattack that allegedly targeted and disrupted Iran’s Bank Sepah. The group stated that their attack destroyed data belonging to Bank Sepah, which they accused of helping the Islamic Revolutionary Guard Corps (IRGC) circumvent international sanctions and finance Iran’s terrorist proxies, ballistic missile program, and military nuclear efforts. Following the claim, reports emerged of widespread banking disruptions in Iran, including closed Bank Sepah branches and customers being unable to access their accounts, with ATMs reportedly displaying error messages. However, independent verification of the cyberattack remains unavailable, and attempts to contact Bank Sepah and Predatory Sparrow for confirmation were unsuccessful. This alleged cyberattack occurs amid escalating hostilities between Israel and Iran, with both countries reportedly conducting strikes against each other’s military and nuclear infrastructure. While the exact identity of Predatory Sparrow remains unclear, cybersecurity experts consider the group credible based
energycybersecuritycyberattacknuclear-energyindustrial-disruptionhacktivismIranRadio trick turns laptop into a spy speaker that talks through walls
Security researchers from the University of Florida and the University of Electro-Communications in Japan have uncovered a novel vulnerability in modern digital microphones used in laptops and speakers. These MEMS microphones convert audio into digital pulses that inadvertently emit weak electromagnetic signals, which can be intercepted remotely using inexpensive FM radio receivers and antennas. This allows attackers to eavesdrop on private conversations without needing malware, hacking, or physical access, even through concrete walls up to 10 inches thick. Laptops are particularly vulnerable due to their internal microphone wiring acting as antennas that amplify these leaked signals. Alarmingly, the microphone does not need to be actively recording; simply running certain applications like Spotify or Google Drive can enable this leakage. The researchers demonstrated the attack by capturing distorted voice transmissions and then enhancing them using AI speech-to-text tools from OpenAI and Microsoft. The AI models achieved 94.2% accuracy in recognizing spoken digits from up to 2 meters away through walls, with a 14% transcription error rate, making most
IoTcybersecurityelectromagnetic-signalsMEMS-microphoneswireless-eavesdroppingAI-speech-to-textdigital-privacyTrump administration takes aim at Biden and Obama cybersecurity rules
The Trump administration has issued an executive order that significantly revises and rolls back several cybersecurity policies established by former Presidents Barack Obama and Joe Biden. The administration criticized Biden’s recent cybersecurity order, particularly opposing its encouragement for agencies to accept digital identity documents for public benefit programs, citing concerns about potential abuse by illegal immigrants. Experts like Mark Montgomery argue that revoking digital ID mandates prioritizes immigration concerns over cybersecurity benefits. The new order also shifts the federal AI cybersecurity strategy to focus on identifying and managing vulnerabilities rather than censorship, promotes AI use in defending energy infrastructure and Pentagon cybersecurity, and supports federal AI security research. Additionally, the order removes previous requirements for agencies to adopt quantum-resistant encryption promptly and eliminates mandates for federal contractors to attest to software security, labeling these as burdensome and ineffective compliance measures. It also repeals Obama-era policies that allowed sanctions for cybersecurity attacks, restricting sanctions only to foreign malicious actors to avoid misuse against domestic political opponents and clarify that election-related activities are exempt. Overall, the Trump administration’s changes reflect a move away from some compliance-heavy and expansive cybersecurity measures toward a narrower, security-focused approach with an emphasis on AI and foreign threats.
energycybersecurityAI-securityquantum-resistant-encryptionfederal-researchenergy-infrastructurecybersecurity-policyUS shows world-first quantum communication in live nuclear reactor
energyquantum-communicationnuclear-reactorcybersecuritydigital-transformationquantum-encryptionclean-energyBrain-like thinking AI chip with 100x less energy use developed
energyAI-chipneuromorphic-computingenergy-efficiencycybersecurityon-device-processingpattern-recognitionApple notifies new victims of spyware attacks across the world
Applespywarecybersecuritygovernment-surveillanceprivacytech-newsnotificationsUK retail giant Co-op warns of disruption as it battles cyberattack
Co-opcyberattackUK-retaildisruptioncybersecurityfood-retailCo-operative-GroupGovernment hackers are leading the use of attributed zero-days, Google says
government-hackerszero-day-exploitscyberattackscybersecurityGoogle-researchattributed-exploitsthreat-intelligenceCitizen Lab say exiled Uyghur leaders targeted with Windows spyware
UyghursspywarecybersecurityChinahuman-rightsdigital-surveillanceexiled-leadersMeet the companies racing to build quantum chips
quantum-computingquantum-chipstech-startupstechnology-innovationqubitscybersecuritymaterials-science