Free Republic

Hashtag-do-whatever-I-tell-youCato Networks says it has discovered a new attack, dubbed "HashJack," that hides malicious prompts after the "#" in legitimate URLs, tricking AI browser assistants into executing them while dodging traditional network and server-side defenses. Prompt injection occurs when something causes text that the user didn't write to become commands for an AI bot. Direct prompt injection happens when unwanted text gets entered at the point of prompt input, while indirect injection happens when content, such as a web page or PDF that the bot has been asked to summarize, contains hidden commands that AI then follows as if...

Gmail users have been urged to check their accounts after it was revealed that more than 183 million passwords were stolen in a data breach. Australian cyber expert Troy Hunt, who revealed the incident, called it a 'vast corpus' of breached data, which totals 3.5 terrabytes. To put that into perspective, that's the equivalent to 875 full-length HD movies. According to Mr Hunt, 'all the major providers have email addresses in there' – so not just Gmail, but Outlook, Yahoo and others too. 'They're from everywhere you could imagine, but Gmail always features heavily,' Hunt told the Daily Mail. So...

Two former employees of cybersecurity firms that sold services helping companies combat hackers have been indicted and accused of participating in a conspiracy, outside of their day jobs, to hack multiple US firms and extort them for millions of dollars. The two men are accused of deploying ransomware used by a prolific cybercriminal gang in attacks in 2023 against a medical device firm in Florida, a pharmaceutical firm in Maryland and a drone maker in Virginia, among other alleged victims. Kevin Tyler Martin of Roanoke, Texas, and Ryan Clifford Goldberg of Watkinsville, Georgia, face matching federal charges including interfering in...

A city had a rude awakening when it tested its electric buses for security flaws. Some cities have gone all-in on their dedication to renewable energy and electric public transportation, but discovering that a jurisdiction does not actually control its own public property likely was not part of the idea. This turned out to be exactly the case when Ruter — the public transportation authority for Oslo, Norway — decided to run tests on its new Chinese electric buses. Approximately 300 e-buses from Chinese company Yutong made their way to Norway earlier this year, with outlet China Buses calling it...

Air travel has, in recent years, already gotten far less pleasant than it used to be just a decade or two ago: you’ve got the hassle of TSA lines, tiny seats (unless you want to pay for one of the endless upgrades offered), airport food that costs more than a car payment, and other inconveniences. Still, we do it because it’s the fastest way to travel and we want to see our families and/or go on vacation. But imagine if you were strolling about the concourse and suddenly you heard pro-Hamas messages being blasted over the PA system? That’s exactly...

Unless Bitcoin upgrades its core cryptography in the next five years, the trust it has built over 16 years could be wiped out by a single quantum attack. Urgent upgrades are needed to protect the world’s leading cryptocurrency. Satoshi Nakamoto changed how we define money. In response to the 2008 collapse of the financial institutions in which millions put their trust, Satoshi created a decentralized monetary system built on elliptic curve cryptography. This combination of cold math and decentralization was a powerful one, attracting not only diehard skeptics but also the world’s largest financial institutions, such as BlackRock. In the...

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive asking federal agencies to take immediate action to identify and mitigate system vulnerabilities to protect their devices from a major hacking campaign, the agency said in a Sept. 25 statement.“This widespread campaign poses a significant risk to victims’ networks by exploiting zero-day vulnerabilities that persist through reboots and system upgrades,” CISA said.Zero-day vulnerabilities refer to unknown or unaddressed security flaws in computer hardware, firmware, or software. Such vulnerabilities are called “zero-day” since the software or device with such flaws has zero days to fix the issue, thus enabling...

Chinese government-backed hackers have reportedly stolen information from critical infrastructure and government computer systems as part of a years-long campaign that includes the well-known Salt Typhoon activity. More than 80 countries were targeted and the Chinese hackers are learnt to have "stolen information from nearly every American", officials said, according to The New York Times. .. During the sweeping yearlong attack, China-backed Salt Typhoon group infiltrated major telecommunications companies and others, and stole data could allow Chinese intelligence services to exploit global communication networks to track targets including politicians, spies and activists, investigators said in a highly unusual joint statement...

Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States, with BleepingComputer learning the data was stolen from it's Salesforce account. TransUnion is one of the three major credit bureaus in the United States, alongside Equifax and Experian. It operates in 30 countries, employs 13,000 staff, and has an annual revenue of $3 billion. It collects and maintains credit information on over 1 billion consumers worldwide, with approximately 200 million of those based in the U.S. This information is shared with 65,000 businesses, including lenders, insurers,...

"Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel — leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found.The arrangement, which was critical to Microsoft winning the federal government’s cloud computing business a decade ago, relies on U.S. citizens with security clearances to oversee the work and serve as a barrier against espionage and sabotage. (snip) “If I were an operative, I would look at that as an avenue for extremely valuable access. We need to...

U.S. officials were acutely aware that Beijing was trying to obtain America's premiere nuclear reactor technology, including through illicit hacking, months before Hunter Biden and his business partners sought to arrange a quiet sale of an iconic U.S. reactor company to a Chinese firm, according to court records and national security experts. Hunter Biden's unsuccessful efforts to help CEFC China Energy acquire Westinghouse, one of America's most famous electricity and appliance brands, and its state-the-art AP1000 nuclear reactor began in early 2016 while Joe Biden was still a sitting vice president, memos published Wednesday by Just the News show. Just...

Charles McGonigal may be the most corrupt FBI official in modern history—and yet somehow, his name has barely made a blip on the radar. This wasn’t some mid-level pencil-pusher. McGonigal was one of the top counterintelligence agents at the FBI’s New York field office. He was directly involved in the bureau’s most sensitive operations, including the infamous “Crossfire Hurricane” probe into (phony) Trump–Russia “collusion.” And after that whole fraudulent mess, it turns out that he was secretly taking money from a Kremlin-linked oligarch and helping shake down Albanian oligarchs on the side. You can’t make this up, right? Now here...

A dating safety app that allows women to do background checks on men and anonymously share "red flag" behaviour has been hacked, exposing thousands of members' images, posts and comments. Tea Dating Advice, a US-based women-only app with 1.6 million users, said there had been "unauthorised access" to 72,000 images submitted by women. Some included images of women holding photo identification for verification purposes, which Tea's own privacy policy promises are "deleted immediately" after authentication. Tea said the breach affected members who signed up before February 2024. Tea lets women check whether potential partners are married or registered sex offenders...

He walks with a cane and is a bit hard of hearing. Yet Boris Chertok, 95, a former deputy chief designer in the Soviet bureau that put the first Sputnik satellite into orbit 50 years ago, still has strong opinions on the evolution of the country's space program. Chertok says the free-market changes instituted by President Boris Yeltsin after the Soviet Union fell apart were disastrous for Russian science. "We need to restore what we have lost over 15 years of destructive reforms," said Chertok, whose very name was once a state secret. "The market economy is incapable of fulfilling...

[H/T bitt]In what experts are calling the largest data breach ever recorded, researchers have confirmed the exposure of a staggering 16 billion password leaks, affecting platforms including Apple, Facebook, Google, Telegram, GitHub, VPN services, and even government portals. This unprecedented breach is believed to be the result of multiple infostealer malware campaigns operating at a massive scale throughout 2025. If the recently reported 184 million credential leak was alarming, this latest development represents a full-scale cybersecurity disaster that demands immediate action.What Happened? Understanding the 16 Billion Credential LeakAccording to an ongoing investigation by cybersecurity researchers at Cybernews, led by analyst...

Everything that connects to the internet can be hacked by malware. This includes your phones (both Android and iPhones) and laptops (whether Windows, Mac or even lesser-known systems like Linux). Devices like your Wi-Fi router and security cameras aren’t safe either. But who would have thought hackers are now targeting your smart TVs, streaming boxes, projectors and tablets, too? That’s right, the FBI warns that bad actors have hijacked over a million of these devices with malware, turning them into unwitting participants in a global cybercrime network. The FBI is warning that more than a million smart TVs, streaming boxes,...

President Jiang Zemin gets an update on China´s Terfenol-D project. The U.S. Navy spent millions of dollars to develop Terfenol-D in the early 1980s, and intelligence experts estimate that the People's Republic of China (PRC) has devoted extensive resources to try to steal it. Insight has learned that these PRC efforts have paid off. The spy target is an exotic material made up of two types of rare-earth metals called lanthanides, terbium and dysprosium, plus iron (FE). The NOL stands for Naval Ordnance Laboratory. Hence the name Terfenol-D. Those who have worked with this exotic material call it almost magical....

Hackers have leaked what they claim is AT&T’s database which was reportedly stolen by the ShinyHunters group in April 2024 after they exploited major security flaws in the Snowflake cloud data platform. But is this really the Snowflake-linked data? We took a closer look. As seen by the Hackread.com research team, the data was first posted on a well-known Russian cybercrime forum on May 15, 2025. It was re-uploaded on the same forum on June 3, 2025, after which it began circulating among other hackers and forums. After analyzing the leaked data, we found it contains a detailed set of...

Security researcher Jeremiah Fowler stumbled upon a large database of login information and passwords containing over 184 million records recently. He mentioned the discovery in an article on Website Planet. The data was not encrypted in any form and stored publicly, which meant that anyone with knowledge of its existence could download the data. The sheer size of the database, more than 47 gigabytes of data, makes it one of the largest leaks in recent history. In early 2024, a 70 million records password dump was discovered. A preliminary sampling of the data unveiled emails, usernames, passwords, and also links...

For more than a decade, the United States has nurtured a secret intelligence partnership with Ukraine that is now critical for both countries in countering Russia... Nestled in a dense forest, the Ukrainian military base appears abandoned and destroyed, its command center a burned-out husk, a casualty of a Russian missile barrage early in the war. But that is above ground. Not far away, a discreet passageway descends to a subterranean bunker where teams of Ukrainian soldiers track Russian spy satellites and eavesdrop on conversations between Russian commanders. On one screen, a red line followed the route of an explosive...