Since its discovery in early 2025, CastleLoader has infected at least 469 devices across the world, including U.S. government systems, as first reported by cybersecurity firm PRODAFT. CastleLoader malware infected 469 devices, including U.S. government systems. Malware spreads via fake ClickFix updates and GitHub repos. GitHub deception tricks developers into downloading malicious files. Researchers explain that CastleLoader functions as a malware distribution platform, which spreads RedLine alongside StealC, DeerStealer, NetSupport RAT, and HijackLoader....

In their research paper, David Zollikofer (ETH Zurich) and Benjamin Zimmerman (Ohio State) warn of potential exploitation by viruses that can rewrite their own code, known as metamorphic malware. To test this, Zollikofer and Zimmerman created a file that can be delivered to the initial victim’s computer via an email attachment. Once there, the software accesses ChatGPT to rewrite its own code and evade detection. After ChatGPT rewrites the virus, the program discreetly opens Outlook in the background and scans the most recent email chains....

Contractors working on the Gemini project, who are tasked with evaluating the accuracy of AI-generated responses, can no longer skip prompts outside their domain expertise. This change, first reported by TechCrunch, could potentially impact the reliability of information provided by the AI on topics such as healthcare, where precise knowledge is crucial. Google contractors can no longer skip prompts outside their expertise for Gemini evaluation. Contractors now rate AI responses they don’t fully understand, noting lack of expertise....

The company posted a brief note on its official Twitter (now X) page, wherein it disclosed the incident and said that it was working with external cybersecurity experts to investigate the incident. ‘’MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s systems. Promptly after detecting the issue, we quickly began an investigation with assistance from leading external cybersecurity experts. We also notified law enforcement and took prompt action to protect our systems and data, including shutting down certain systems,’’ the statement read....

According to Symantec, hackers are targeting Apple users and trying to steal Apple IDs “due to their widespread use,” as it allows them to make purchases, access personal and financial information, and since Apple is known for its security and privacy measures, users are more vulnerable towards threats that impersonate Apple to get private information. The malicious campaigns reported in the United States encourage users to visit a website that mimics the iCloud page and requests login information....

The incident came to light on October 1, when a member of the dark web forum claimed to have breached the company’s network to steal millions of users’ data and source code for the D-View network monitoring product. The hacker claimed to have 1.2 Gb of employee and customer personal data, including names, email, addresses, company, phone numbers, registration date, and date of last login. The claims also included information on Taiwanese government officials and CEOs....

Try ZenMate for free Things like top-of-the-line encryption, server locations across the globe, and great customer support are just some of the benefits you stand to get. You can also install it on just about any device, including Windows, macOS, iOS, and Android. The best part is: You can try Zenmate’s premium version 100% for free! Not only does the service offer a 7-day free trial period, but there’s also a 30-day money-back guarantee as well....

The DPA stated that the Clearview’s database, which includes billions of photos, many of them of Dutch citizens, was built without individuals’ consent. The DPA has also issued a compliance order threatening additional penalties of up to 5.1 million euros if the company fails to address the violations. The DPA’s investigation notes that Clearview AI offers facial recognition services to law enforcement and intelligence agencies by matching images from its vast database, which contains over 30 billion photos scraped from the internet....

Drawing similarities with the Hulu and Disney+ one-app integration model, Iger said that subscribers to ESPN and Disney+ would be able to enjoy both services’ content without switching out of either platform. The new standalone offering is expected to be much bigger than the 2024 joint sports streaming venture of Disney-ESPN, FOX, and Warner Brothers-Discovery. According to Iger, the new sports offering is “a one‐stop sports destination unlike anything available in the marketplace today....

According to the tech giant’s announcement, the spacecraft has been launched aboard SpaceX’s Transporter-13 mission from the Vandenberg Space Force Base located in California. FireSat’s first satellite was successfully launched to enhance wildfire detection using AI technology. The FireSat project, backed by Google Research and wildfire experts, aims to provide real-time satellite monitoring of wildfires with updates every 20 minutes. This AI-driven satellite network is set to replace outdated, low-resolution wildfire detection systems....

Google’s Cloud Run service allows developers to build and deploy web applications and websites without the need to manage or scale an infrastructure. Security researchers at Cisco Talos observed a surge in this malware campaign since September 2023, when trojan loaded emails sent from Brazil were using malicious Microsoft Installers (MSIs) to distribute the malware. The report believes that Google Cloud Run gained prominence as a distribution tool among hackers as it’s inexpensive and has the ability to bypass various security systems....

TIME had access to the internal document, dated May 16th, and confirmed that multiple talents in the AI labs are “concerned by recent reports of Google’s contracts with military organizations.” The document also clarifies that it is not addressed to any particular conflict or current geopolitical situation. In April, TIME revealed that Google has a contract with the Israeli Ministry of Defense for a program called Project Nimbus to supply AI and cloud computing services....

Introduced last year by the App Defense Alliance (ADA), MASA allows developers to have their apps independently reviewed against a global security standard. The requirements to meet minimum security and privacy standards include data storage and privacy, authentication and session management, cryptography, network communication, platform interaction, and code quality. When displayed, the badge not only declares the developers’ commitment to user security, but also promotes transparency, thus, enabling users to make more informed choices....

According to the official announcement, Google is launching multiple new features this month to help users stay informed and learn more about LGBTQ+ projects and communities. Google launched new features to celebrate the LGBTQ+ community during Pride month. Google Maps and Waze will include real-time traffic updates considering parades and events in the U.S. Users will be able to access new content and updates on Google Arts & Culture, Google Play, and YouTube Music....

Reuters reported on Thursday that victims of the crypto scam have lost tens of thousands of dollars. Google alleged that accused scammers — Yunfeng Sun, based in Shenzhen, China, and Hongnam Cheung, based in Hong Kong — uploaded 87 different fake crypto investment apps. The lawsuit alleged that the two developers and their associates have been using these fraudulent apps to drive their schemes since 2019, garnering more than 100,000 downloads worldwide....

The attackers used a method called web skimming, where malicious code is inserted into a website to steal sensitive information from users. In this case, the skimmer created a fake donation form that mimicked the real one and silently captured personal and payment data including names, addresses, card numbers, CVV, and more. Attackers used fake donation forms to steal donor card data. The sites used WooCommerce, a popular WordPress plugin....

A new vulnerability in Google’s Gemini was discovered by cybersecurity researchers at 0DIN. The AI tool for Workspace presents a new security flaw which allows attackers to push phishing attacks on users. Hidden text tricks Gemini into adding fake security alerts to email summaries. Attack needs no links, just invisible HTML and CSS in emails. Google acknowledges the issue, and says fixes are being rolled out. The attack works through a technique known as indirect prompt injection....

Last Updated: Aug 6, 2025 Hide My IP VPN offers reasonable local connection speeds and enables access to popular streaming platforms. In addition, it has several security features and advanced configuration options that provide users with complete control over their online privacy. However, it does collect identifiable data and has limited server availability. Furthermore, it is headquartered in the United States, which may not be ideal for users who prioritize data privacy....

Editor’s Note: We value our relationship with our readers, and we strive to earn your trust through transparency and integrity. We are in the same ownership group as some of the industry-leading products reviewed on this site: ExpressVPN, CyberGhost, Private Internet Access, and Intego. That said, our detailed reviews follow a strict methodology that examines all relevant performance factors to help you arrive at your own informed conclusion. PureVPN does not want to lose you as a customer, so despite their “no questions asked, risk-free, stress-free” policy, canceling your account and getting your money back will require persistence....

I prefer to test a VPN out using a money-back guarantee and PIA guarantees a full refund within 30 days of purchase. This allows you to download PIA onto all your devices and gain unlimited access to every feature, no limitations. I’ve tested the whole process from sign-up to refund, and you can find the step-by-step guide below. It’s easy and hassle-free. I just sent a message via live chat, and the support agent processed it the same day....