Security – Page 2

Never-before-seen Linux malware is “far more advanced than typical”

Biz & IT, Cloud, Linux, malware, Security / Mike M. / January 13, 2026

Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers.

The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers’ needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign.

A focus on Linux inside the cloud

VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor’s API.

Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is “far more advanced than typical Linux malware,” said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker’s focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments.

“VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments,” the researchers said in a separate post. “Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over.”

Never-before-seen Linux malware is “far more advanced than typical” Read More »

Rocket Report: A new super-heavy launch site in California; 2025 year in review

Brazil, Canada, falcon 9, isar aerospace, launch, NASA, rocket report, Security, South Korea, Space, spacex, starship, united launch alliance / Tim Belzer / January 9, 2026

SpaceX opened its 2026 launch campaign with a mission for the Italian government.

A Chinese Long March 7 rocket carrying a cargo ship for China’s Tiangong space station soars into orbit from the Wenchang Space Launch Site on July 15, 2025. Credit: Liu Guoxing/VCG via Getty Images

Welcome to Edition 8.24 of the Rocket Report! We’re back from a restorative holiday, and there’s a great deal Eric and I look forward to covering in 2026. You can get a taste of what we’re expecting this year in this feature. Other storylines are also worth watching this year that didn’t make the Top 20. Will SpaceX’s Starship begin launching Starlink satellites? Will United Launch Alliance finally get its Vulcan rocket flying at a higher cadence? Will Blue Origin’s New Glenn rocket be certified by the US Space Force? I’m looking forward to learning the answers to these questions, and more. As for what has already happened in 2026, it has been a slow start on the world’s launch pads, with only a pair of SpaceX missions completed in the first week of the year. Only? Two launches in one week by any company would have been remarkable just a few years ago.

As always, we welcome reader submissions. If you don’t want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets, as well as a quick look ahead at the next three launches on the calendar.

New launch records set in 2025. The number of orbital launch attempts worldwide last year surpassed the record 2024 flight rate by 25 percent, with SpaceX and China accounting for the bulk of the launch activity, Aviation Week & Space Technology reports. Including near-orbital flight tests of SpaceX’s Starship-Super Heavy launch system, the number of orbital launch attempts worldwide reached 329 last year, an annual analysis of global launch and satellite activity by Jonathan’s Space Report shows. Of those 329 attempts, 321 reached orbit or marginal orbits. In addition to five Starship-Super Heavy launches, SpaceX launched 165 Falcon 9 rockets in 2025, surpassing its 2024 record of 134 Falcon 9 and two Falcon Heavy flights. No Falcon Heavy rockets flew in 2025. US providers, including Rocket Lab Electron orbital flights from its New Zealand spaceport, added another 30 orbital launches to the 2025 tally, solidifying the US as the world leader in space launch.

International launches… China, which attempted 92 orbital launches in 2025, is second, followed by Russia, with 17 launches last year, and Europe with eight. Rounding out the 2025 orbital launch manifest were five orbital launch attempts from India, four from Japan, two from South Korea, and one each from Israel, Iran, and Australia, the analysis shows. The global launch tally has been on an upward trend since 2019, but the numbers may plateau this year. SpaceX expects to launch about the same number of Falcon 9 rockets this year as it did last year as the company prepares to ramp up the pace of Starship flights.

The easiest way to keep up with Eric Berger’s and Stephen Clark’s reporting on all things space is to sign up for our newsletter. We’ll collect their stories and deliver them straight to your inbox.

Sign Me Up!

South Korean startup suffers launch failure. The first commercial rocket launched at Brazil’s Alcantara Space Center crashed soon after liftoff on December 22, dealing a blow to Brazilian aerospace ambitions and the South Korean satellite launch company Innospace, Reuters reports. The rocket began its vertical trajectory as planned after liftoff but fell to the ground after something went wrong 30 seconds into its flight, according to Innospace, the South Korean startup that developed the launch vehicle. The craft crashed within a pre-designated safety zone and did not harm anyone, officials said.

An unsurprising result... This was the first flight of Innospace’s nano-launcher, named Hanbit-Nano. The rocket was loaded with eight small payloads, including five deployable satellites, heading for low-Earth orbit. But rocket debuts don’t have a good track record, and Innospace’s rocket made it a bit farther than some new launch vehicles do. The rocket is designed to place up to 200 pounds (90 kilograms) of payload mass into Sun-synchronous orbit. It has a unique design, with hybrid engines consuming a mix of paraffin as the fuel and liquid oxygen as the oxidizer. Innospace said it intends to launch a second test flight in 2026. (submitted by EllPeaTea)

Take two for Germany’s Isar Aerospace. Isar Aerospace is gearing up for a second launch attempt of its light-class Spectrum rocket after completing 30-second integrated static test firings for both stages late last year, Aviation Week & Space Technology reports. The endeavor would be the first orbital launch for Spectrum and an effort at a clean mission after a March 30 flight ended in failure because a vent valve inadvertently opened soon after liftoff, causing a loss of control. “Rapid iteration is how you win in this domain. Being back on the pad less than nine months after our first test flight is proof that we can operate at the speed the world now demands,” said Daniel Metzler, co-founder and CEO of Isar Aerospace.

No earlier than… Airspace and maritime warning notices around the Spectrum rocket’s launch site in northern Norway suggest Isar Aerospace is targeting launch no earlier than January 17. Based near Munich, Isar Aerospace is Europe’s leading launch startup. Not only has Isar beat its competitors to the launch pad, the company has raised far more money than other European rocket firms. After its most recent fundraising round in June, Isar has raised more than 550 million euros ($640 million) from venture capital investors and government-backed funds. Now, Isar just needs to reach orbit.

A step forward for Canada’s launch ambitions. The Atlantic Spaceport Complex—a new launch facility being developed by the aerospace company NordSpace on the southern coast of Newfoundland—has won an important regulatory approval, NASASpaceflight.com reports. The provincial government of Newfoundland and Labrador “released” the spaceport from the environmental assessment process. “At this stage, the spaceport no longer requires further environmental assessment,” NordSpace said in a statement. “This release represents the single most significant regulatory milestone for NordSpace’s spaceport development to date, clearing the path for rapid execution of Canada’s first purpose-built, sovereign orbital launch complex designed and operated by an end-to-end launch services provider.”

Now, about that rocket... NordSpace began construction of the Atlantic Spaceport Complex last year and planned to launch its first suborbital rocket from the spaceport last August. But bad weather and technical problems kept NordSpace’s Taiga rocket grounded, and then the company had to wait for the Canadian government to reissue a launch license. NordSpace said it most recently delayed the suborbital launch until March in order to “continue our focus on advancing our orbital-scale technologies.” NordSpace is one of the companies likely to participate in a challenge sponsored by the Canadian government, which is committing 105 million Canadian dollars ($75 million) to develop a sovereign orbital launch capability. (submitted by EllPeaTea)

H3 rocket falters on the way to orbit. A faulty payload fairing may have doomed Japan’s latest H3 rocket mission, with the Japanese space agency now investigating if the shield separated abnormally and crippled the vehicle in flight after lifting off on December 21, the Asahi Shimbun reports. Japan Aerospace Exploration Agency officials told a science ministry panel on December 23 they suspect an abnormal separation of the rocket’s payload fairing—a protective nose cone shield—caused a critical drop in pressure in the second-stage engine’s hydrogen tank. The second-stage engine lost thrust as it climbed into space, then failed to restart for a critical burn to boost Japan’s Michibiki 5 navigation satellite into a high-altitude orbit.

Growing pains… The H3 rocket is Japan’s flagship launch vehicle, having replaced the country’s H-IIA rocket after its retirement last year. The December launch was the seventh flight of an H3 rocket, and its second failure. While engineers home in on the rocket’s suspect payload fairing, several H3 launches planned for this year now face delays. Japanese officials already announced that the next H3 flight will be delayed from February. Japan’s space agency plans to launch a robotic mission to Mars on an H3 rocket in October. While there’s still time for officials to investigate and fix the issues that caused last month’s launch failure, the incident adds a question mark to the schedule for the Mars launch. (submitted by tsunam and EllPeaTea)

SpaceX opens 2026 with launch for Italy. SpaceX rang in the new year with a Falcon 9 rocket launch on January 2 from Vandenberg Space Force Base in California, Spaceflight Now reports. The payload was Italy’s Cosmo-SkyMed Second Generation Flight Model 3 (CSG-FM3) satellite, a radar surveillance satellite for dual civilian and military use. The Cosmo-SkyMed mission was the first Falcon 9 rocket flight in 16 days, the longest stretch without a SpaceX orbital launch in four years.

Poached from Europe… The CSG-FM3 satellite is the third of four second-generation Cosmo-SkyMed radar satellites ordered by the Italian government. The second and third satellites have now launched on SpaceX Falcon 9 rockets instead of their initial ride: Europe’s Vega C launcher. Italy switched the satellites to SpaceX after delays in making the Vega C rocket operational and Europe’s loss of access to Russian Soyuz rockets in the aftermath of the invasion of Ukraine. The rocket swap became a regular occurrence for European satellites in the last few years as Europe’s indigenous launch program encountered repeated delays.

Rocket deploys heaviest satellite ever launched from India. An Indian LVM3 rocket launched AST SpaceMobile’s next-generation direct-to-device BlueBird satellite December 23, kicking off the rollout of dozens of spacecraft built around the largest commercial communications antenna ever deployed in low-Earth orbit, Space News reports. At 13,450 pounds (6.1 metric tons), the BlueBird 6 satellite was the heaviest spacecraft ever launched on an Indian rocket. The LVM3 rocket released BlueBird 6 into an orbit approximately 323 miles (520 kilometers) above the Earth.

The pressure is on… BlueBird 6 is the first of AST SpaceMobile’s Block 2 satellites designed to beam Internet signals directly to smartphones. The Texas-based company is competing with SpaceX’s Starlink network in the same direct-to-cell market. Starlink has an early lead in the direct-to-device business, but AST SpaceMobile says it plans to launch between 45 and 60 satellites by the end of this year. AST’s BlueBird satellites are significantly larger than SpaceX’s Starlink platforms, with antennas unfurling in space to cover an area of 2,400 square feet (223 square meters). The competition between SpaceX and AST SpaceMobile has led to a race for spectrum access and partnerships with cell service providers.

Ars’ annual power rankings of US rocket companies. There’s been some movement near the top of our annual power rankings. It was not difficult to select the first-place company on this list. As it has every year in our rankings, SpaceX holds the top spot. Blue Origin was the biggest mover on the list, leaping from No. 4 on the list to No. 2. It was a breakthrough year for Jeff Bezos’ space company, finally shaking the notion that it was a company full of promise that could not quite deliver. Blue Origin delivered big time in 2025. On the very first launch of the massive New Glenn rocket in January, Blue Origin successfully sent a test payload into orbit. Although a landing attempt failed after New Glenn’s engines failed to re-light, it was a remarkable success. Then, in November, New Glenn sent a pair of small spacecraft on their way to Mars. This successful launch was followed by a breathtaking and inspiring landing of the rocket’s first stage on a barge.

Where’s ULA?… Rocket Lab came in at No. 3. The company had an excellent year, garnering its highest total of Electron launches and having complete mission success. Rocket Lab has now gone more than three dozen launches without a failure. Rocket Lab also continued to make progress on its medium-lift Neutron vehicle, although its debut was ultimately delayed to mid-2026, at least. United Launch Alliance slipped from No. 2 to No. 4 after launching its new Vulcan rocket just once last year, well short of the company’s goal of flying up to 10 Vulcan missions.

Rocketdyne changes hands again. If you are a student of space history or tracked the space industry before billionaires and venture capital changed it forever, you probably know the name Rocketdyne. A half-century ago, Rocketdyne manufactured almost all of the large liquid-fueled rocket engines in the United States. The Saturn V rocket that boosted astronauts toward the Moon relied on powerful engines developed by Rocketdyne, as did the Space Shuttle, the Atlas, Thor, and Delta rockets, and the US military’s earliest ballistic missiles. But Rocketdyne has lost its luster in the 21st century as it struggled to stay relevant in the emerging commercial launch industry. Now, the engine-builder is undergoing its fourth ownership change in 20 years. AE Industrial Partners, a private equity firm, announced it will purchase a controlling stake in Rocketdyne from L3Harris after less than three years of ownership, Ars reports.

Splitting up… Rocketdyne’s RS-25 engine, used on NASA’s Space Launch System rocket, is not part of the deal with AE Industrial. It will remain under the exclusive ownership of L3Harris. Rocketdyne’s work on solid-fueled propulsion, ballistic missile interceptors, tactical missiles, and other military munitions will also remain under L3Harris control. The split of the company’s space and defense segments will allow L3Harris to concentrate on Pentagon programs, the company said. So, what is AE Industrial getting in its deal with L3Harris? Aside from the Rocketdyne name, the private equity firm will have a majority stake in the production of the liquid-fueled RL10 upper-stage engine used on United Launch Alliance’s Vulcan rocket. AE Industrial’s Rocketdyne will also continue the legacy company’s work in nuclear propulsion, electric propulsion, and smaller in-space maneuvering thrusters used on satellites.

Tory Bruno has a new employer. Jeff Bezos-founded Blue Origin said on December 26 that it has hired Tory Bruno, the longtime CEO of United Launch Alliance, as president of its newly formed national security-focused unit, Reuters reports. Bruno will head the National Security Group and report to Blue Origin CEO Dave Limp, the company said in a social media post, underscoring its push to expand in US defense and intelligence launch markets. The hire brings one of the US launch industry’s most experienced executives to Blue Origin as the company works to challenge the dominance of SpaceX and win a larger share of lucrative US military and intelligence launch contracts.

11 years at ULA… The move comes days after Bruno stepped down as CEO of ULA, the Boeing-Lockheed Martin joint venture that has long dominated US national security space launches alongside Elon Musk’s SpaceX. In 11 years at ULA, Bruno oversaw the development of the Vulcan rocket, the company’s next-generation launch vehicle designed to replace its Atlas V and Delta IV rockets and secure future Pentagon contracts. (submitted by r0twhylr)

A California spaceport has room to grow. A new orbital launch site is up for grabs at Vandenberg Space Force Base in California, Spaceflight Now reports. The Department of the Air Force published a request for information from launch providers to determine the level of interest in what would become the southernmost launch complex on the Western Range. The location, which will be designated as Space Launch Complex-14 or SLC-14, is being set aside for orbital rockets in a heavy or super-heavy vertical launch class. One of the requirements listed in the RFI includes what the government calls the “highest technical maturity.” It states that for the bid from a launch provider to be taken seriously, it needs to prove that it can begin operations within approximately five years of receiving a lease for the property.

Who’s in contention?… Multiple US launch providers have rockets in the heavy to super-heavy classification either currently launching or in development. Given all the requirements and the state of play on the orbital launch front, one of the contenders would likely be SpaceX’s Starship-Super Heavy rocket. The company is slated to launch the latest iteration of the rocket, dubbed Version 3, sometime in early 2026. Blue Origin is another likely contender for the prospective launch site. Blue Origin currently has an undeveloped space at Vandenberg’s SLC-9 for its New Glenn rocket. But the company unveiled plans in November for a new super-heavy lift version called New Glenn 9×4. (submitted by EllPeaTea)

Next three launches

Jan. 9: Falcon 9 | Starlink 6-96 | Cape Canaveral Space Force Station, Florida | 18: 05 UTC

Jan. 11: Falcon 9 | Twilight Mission | Vandenberg Space Force Base, California | 13: 19 UTC

Jan. 11: Falcon 9 | Starlink 6-97 | Cape Canaveral Space Force Station, Florida | 18: 08 UTC

Stephen Clark is a space reporter at Ars Technica, covering private space companies and the world’s space agencies. Stephen writes about the nexus of technology, science, policy, and business on and off the planet.

Rocket Report: A new super-heavy launch site in California; 2025 year in review Read More »

Michigan man learns the hard way that “catch a cheater” spyware apps aren’t legal

legal, pctattletale, Security, spyware, stalkwerware / Kris Guyer / January 8, 2026

Despite being repeatedly told that people were using his product to spy on others without their consent, Fleming helped them with tech support.

A government investigator even opened up an affiliate marketing account for pcTattletale, and Fleming reached out to offer ready-made banner ads with text like “pcTattletale Cheating Husband? #1 catch a cheater spy tracker” and “pcTattletale Husband Cheating? Best Catch a Cheater Spy App.”

Fleming noted in an email that pcTattletale was more successful when marketed at women, because “There are a lot more women wanting to catch their man then [sic] the other way around.” Financial records showed that Fleming was selling around 1,200 pcTattletale subscriptions a year at anywhere from $99 to $300.

Based on all this, the government obtained a search warrant in late 2022 and raided the Bruce Township home where Fleming lived.

In 2024, TechCrunch reported that pcTattletale was hacked and much of its data was leaked. Apparently, hackers had gained access to the company’s private keys for the Amazon Web Services account where most of the video data created by the app was stored. Fleming claimed at the time that his company was “out of business and completely done” after the breach.

The feds eventually charged Fleming with selling a product while “knowing or having reason to know” that the software was “primarily useful for the purpose of the surreptitious interception of wire, oral, or electronic communications.” This week in California, Fleming pled guilty to a single count and was released on his own recognizance while awaiting sentencing.

One piece of stalkerware is off the market; unfortunately, many others remain, and their owners and operators are often harder to find.

Michigan man learns the hard way that “catch a cheater” spyware apps aren’t legal Read More »

The nation’s strictest privacy law just took effect, to data brokers’ chagrin

Biz & IT, California, data brokers, personal information, Policy, privacy, Security / Rejus Almole / January 5, 2026

Californians are getting a new, supercharged way to stop data brokers from hoarding and selling their personal information, as a recently enacted law that’s among the strictest in the nation took effect at the beginning of the year.

According to the California Privacy Protection Agency, more than 500 companies actively scour all sorts of sources for scraps of information about individuals, then package and store it to sell to marketers, private investigators, and others.

The nonprofit Consumer Watchdog said in 2024 that brokers trawl automakers, tech companies, junk-food restaurants, device makers, and others for financial info, purchases, family situations, eating, exercising, travel, entertainment habits, and just about any other imaginable information belonging to millions of people.

Scrubbing your data made easy

Two years ago, California’s Delete Act took effect. It required data brokers to provide residents with a means to obtain a copy of all data pertaining to them and to demand that such information be deleted. Unfortunately, Consumer Watchdog found that only 1 percent of Californians exercised these rights in the first 12 months after the law went into effect. A chief reason: Residents were required to file a separate demand with each broker. With hundreds of companies selling data, the burden was too onerous for most residents to take on.

On January 1, a new law known as DROP (Delete Request and Opt-out Platform) took effect. DROP allows California residents to register a single demand for their data to be deleted and no longer collected in the future. CalPrivacy then forwards it to all brokers.

The nation’s strictest privacy law just took effect, to data brokers’ chagrin Read More »

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025

2025 year end, AI, Apple, Biz & IT, Cloud, Security, signal messenger, supply chain attacks / Rejus Almole / December 31, 2025

The past year has seen plenty of hacks and outages. Here are the ones topping the list.

Credit: Aurich Lawson | Getty Images

In a roundup of the top stories of 2024, Ars included a supply-chain attack that came dangerously close to inflicting a catastrophe for thousands—possibly millions—of organizations, which included a large assortment of Fortune 500 companies and government agencies. Supply-chain attacks played prominently again this year, as a seemingly unending rash of them hit organizations large and small.

For threat actors, supply-chain attacks are the gift that keeps on giving—or, if you will, the hack that keeps on hacking. By compromising a single target with a large number of downstream users—say a cloud service or maintainers or developers of widely used open source or proprietary software—attackers can infect potentially millions of the target’s downstream users. That’s exactly what threat actors did in 2025.

Poisoning the well

One such event occurred in December 2024, making it worthy of a ranking for 2025. The hackers behind the campaign pocketed as much as $155,000 from thousands of smart-contract parties on the Solana blockchain.

Hackers cashed in by sneaking a backdoor into a code library used by developers of Solana-related software. Security firm Socket said it suspects the attackers compromised accounts belonging to the developers of Web3.js, an open source library. They then used the access to add a backdoor to a package update. After the developers of decentralized Solana apps installed the malicious update, the backdoor spread further, giving the attackers access to individual wallets connected to smart contracts. The backdoor could then extract private keys.

There were too many supply-chain attacks this year to list them all. Some of the other most notable examples included:

The seeding of a package on a mirror proxy that Google runs on behalf of developers of the Go programming language. More than 8,000 other packages depend on the targeted package to work. The malicious package used a name that was similar to the legitimate one. Such “typosquatted” packages get installed when typos or inattention lead developers to inadvertently select them rather than the one they actually want.
The flooding of the NPM repository with 126 malicious packages downloaded more than 86,000 times. The packages were automatically installed via a feature known as Remote Dynamic Dependencies.
The backdooring of more than 500 e-commerce companies, including a $40 billion multinational company. The source of the supply-chain attack was the compromise of three software developers—Tigren, Magesolution (MGS), and Meetanshi—that provide software that’s based on Magento, an open source e-commerce platform used by thousands of online stores.
The compromising of dozens of open source packages that collectively receive 2 billion weekly downloads. The compromised packages were updated with code for transferring cryptocurrency payments to attacker-controlled wallets.
The compromising of tj-actions/changed-files, a component of tj-actions, used by more than 23,000 organizations.
The breaching of multiple developer accounts using the npm repository and the subsequent backdooring of 10 packages that work with talent agency Toptal. The malicious packages were downloaded roughly 5,000 times.

Memory corruption, AI chatbot style

Another class of attack that played out more times in 2025 than anyone can count was the hacking of AI chatbots. The hacks with the farthest-reaching effects were those that poisoned the long-term memories of LLMs. In much the way supply-chain attacks allow a single compromise to trigger a cascade of follow-on attacks, hacks on long-term memory can cause the chatbot to perform malicious actions over and over.

One such attack used a simple user prompt to instruct a cryptocurrency-focused LLM to update its memory databases with an event that never actually happened. The chatbot, programmed to follow orders and take user input at face value, was unable to distinguish a fictional event from a real one.

The AI service in this case was ElizaOS, a fledgling open source framework for creating agents that perform various blockchain-based transactions on behalf of a user based on a set of predefined rules. Academic researchers were able to corrupt the ElizaOS memory by feeding it sentences claiming certain events—which never actually happened—occurred in the past. These false events then influence the agent’s future behavior.

An example attack prompt claimed that the developers who designed ElizaOS wanted it to substitute the receiving wallet for all future transfers to one controlled by the attacker. Even when a user specified a different wallet, the long-term memory created by the prompt caused the framework to replace it with the malicious one. The attack was only a proof-of-concept demonstration, but the academic researchers who devised it said that parties to a contract who are already authorized to transact with the agent could use the same techniques to defraud other parties.

Independent researcher Johan Rehberger demonstrated a similar attack against Google Gemini. The false memories he planted caused the chatbot to lower defenses that normally restrict the invocation of Google Workspace and other sensitive tools when processing untrusted data. The false memories remained in perpetuity, allowing an attacker to repeatedly profit from the compromise. Rehberger presented a similar attack in 2024.

A third AI-related proof-of-concept attack that garnered attention used a prompt injection to cause GitLab’s Duo chatbot to add malicious lines to an otherwise legitimate code package. A variation of the attack successfully exfiltrated sensitive user data.

Yet another notable attack targeted the Gemini CLI coding tool. It allowed attackers to execute malicious commands—such as wiping a hard drive—on the computers of developers using the AI tool.

Using AI as bait and hacking assistants

Other LLM-involved hacks used chatbots to make attacks more effective or stealthier. Earlier this month, two men were indicted for allegedly stealing and wiping sensitive government data. One of the men, prosecutors said, tried to cover his tracks by asking an AI tool “how do i clear system logs from SQL servers after deleting databases.” Shortly afterward, he allegedly asked the tool, “how do you clear all event and application logs from Microsoft windows server 2012.” Investigators were able to track the defendants’ actions anyway.

In May, a man pleaded guilty to hacking an employee of The Walt Disney Company by tricking the person into running a malicious version of a widely used open source AI image-generation tool.

And in August, Google researchers warned users of the Salesloft Drift AI chat agent to consider all security tokens connected to the platform compromised following the discovery that unknown attackers used some of the credentials to access email from Google Workspace accounts. The attackers used the tokens to gain access to individual Salesforce accounts and, from there, to steal data, including credentials that could be used in other breaches.

There were also multiple instances of LLM vulnerabilities that came back to bite the people using them. In one case, CoPilot was caught exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent, and, ironically, Microsoft. The repositories had originally been available through Bing as well. Microsoft eventually removed the repositories from searches, but CoPilot continued to expose them anyway.

Meta and Yandex caught red-handed

Another significant security story cast both Meta and Yandex as the villains. Both companies were caught exploiting an Android weakness that allowed them to de-anonymize visitors so years of their browsing histories could be tracked.

The covert tracking—implemented in the Meta Pixel and Yandex Metrica trackers—allowed Meta and Yandex to bypass core security and privacy protections provided by both the Android operating system and browsers that run on it. Android sandboxing, for instance, isolates processes to prevent them from interacting with the OS and any other app installed on the device, cutting off access to sensitive data or privileged system resources. Defenses such as state partitioning and storage partitioning, which are built into all major browsers, store site cookies and other data associated with a website in containers that are unique to every top-level website domain to ensure they’re off-limits for every other site.

A clever hack allowed both companies to bypass those defenses.

2025: The year of cloud failures

The Internet was designed to provide a decentralized platform that could withstand a nuclear war. As became painfully obvious over the past 12 months, our growing reliance on a handful of companies has largely undermined that objective.

The outage with the biggest impact came in October, when a single point of failure inside Amazon’s sprawling network took out vital services worldwide. It lasted 15 hours and 32 minutes.

The root cause that kicked off a chain of events was a software bug in the software that monitors the stability of load balances by, among other things, periodically creating new DNS configurations for endpoints within the Amazon Web Services network. A race condition—a type of bug that makes a process dependent on the timing or sequence of events that are variable and outside the developers’ control—caused a key component inside the network to experience “unusually high delays needing to retry its update on several of the DNS endpoint,” Amazon said in a post-mortem. While the component was playing catch-up, a second key component—a cascade of DNS errors—piled up. Eventually, the entire network collapsed.

AWS wasn’t the only cloud service that experienced Internet-paralyzing outages. A mysterious traffic spike last month slowed much of Cloudflare—and by extension, the Internet—to a crawl. Cloudflare experienced a second major outage earlier this month. Not to be outdone, Azure—and by extension, its customers—experienced an outage in October.

Honorable mentions

Honorable mentions for 2025 security stories include:

Code in the Deepseek iOS app that caused Apple devices to send unencrypted traffic, without first being encrypted, to Bytedance, the Chinese company that owns TikTok. The lack of encryption made the data readable to anyone who could monitor the traffic and opened it to tampering by more sophisticated attackers. Researchers who uncovered the failure found other weaknesses in the app, giving people yet another reason to steer clear of it.
The discovery of bugs in Apple chips that could have been exploited to leak secrets from Gmail, iCloud, and other services. The most severe of the bugs is a side channel in a performance enhancement known as speculative execution. Exploitation could allow an attacker to read memory contents that would otherwise be off-limits. An attack of this side channel could be leveraged to steal a target’s location history from Google Maps, inbox content from Proton Mail, and events stored in iCloud Calendar.

Proving that not all major security stories involve bad news, the Signal private messaging app got a major overhaul that will allow it to withstand attacks from quantum computers. As I wrote, the elegance and adeptness that went into overhauling an instrument as complex as the app was nothing short of a triumph. If you plan to click on only one of the articles listed in this article, this is the one.

Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82.

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025 Read More »

Browser extensions with 8 million users collect extended AI conversations

AI, ai bot, Biz & IT, browser extensions, chrome, EDGE, privacy, Security / Kris Guyer / December 17, 2025

Besides ChatGPT, Claude, and Gemini, the extensions harvest all conversations from Copilot, Perplexity, DeepSeek, Grok, and Meta AI. Koi said the full description of the data captured includes:

Every prompt a user sends to the AI
Every response received
Conversation identifiers and timestamps
Session metadata
The specific AI platform and model used

The executor script runs independently from the VPN networking, ad blocking, or other core functionality. That means that even when a user toggles off VPN networking, AI protection, ad blocking, or other functions, the conversation collection continues. The only way to stop the harvesting is to disable the extension in the browser settings or to uninstall it.

Koi said it first discovered the conversation harvesting in Urban VPN Proxy, a VPN routing extension that lists “AI protection” as one of its benefits. The data collection began in early July with the release of version 5.5.0.

“Anyone who used ChatGPT, Claude, Gemini, or the other targeted platforms while Urban VPN was installed after July 9, 2025 should assume those conversations are now on Urban VPN’s servers and have been shared with third parties,” the company said. “Medical questions, financial details, proprietary code, personal dilemmas—all of it, sold for ‘marketing analytics purposes.’”

Following that discovery, the security firm uncovered seven additional extensions with identical AI harvesting functionality. Four of the extensions are available in the Chrome Web Store. The other four are on the Edge add-ons page. Collectively, they have been installed more than 8 million times.

They are:

Chrome Store

Urban VPN Proxy: 6 million users
1ClickVPN Proxy: 600,000 users
Urban Browser Guard: 40,000 users
Urban Ad Blocker: 10,000 users

Edge Add-ons:

Urban VPN Proxy: 1,32 million users
1ClickVPN Proxy: 36,459 users
Urban Browser Guard – 12,624 users
Urban Ad Blocker – 6,476 users

Read the fine print

The extensions come with conflicting messages about how they handle bot conversations, which often contain deeply personal information about users’ physical and mental health, finances, personal relationships, and other sensitive information that could be a gold mine for marketers and data brokers. The Urban VPN Proxy in the Chrome Web Store, for instance, lists “AI protection” as a benefit. It goes on to say:

Browser extensions with 8 million users collect extended AI conversations Read More »

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

Biz & IT, Encryption, rc4, Security, Windows Server / Mike M. / December 15, 2025

Microsoft said it has steadily worked over the past decade to deprecate RC4, but that the task wasn’t easy.

No salt, no iteration? Really?

“The problem though is that it’s hard to kill off a cryptographic algorithm that is present in every OS that’s shipped for the last 25 years and was the default algorithm for so long, Steve Syfuhs, who runs Microsoft’s Windows Authentication team, wrote on Bluesky. “See,” he continued, “the problem is not that the algorithm exists. The problem is how the algorithm is chosen, and the rules governing that spanned 20 years of code changes.”

Over those two decades, developers discovered a raft of critical RC4 vulnerabilities that required “surgical” fixes. Microsoft considered deprecating RC4 by this year, but ultimately “punted” after discovering vulnerabilities that required still more fixes. During that time Microsoft introduced some “minor improvements” that favored the use of AES, and as a result, usage dropped by “orders of magnitude.”

“Within a year we had observed RC4 usage drop to basically nil. This is not a bad thing and in fact gave us a lot more flexibility to kill it outright because we knew it genuinely wasn’t going to break folks, because folks weren’t using it.”

Syfuhs went on to document additional challenges Microsoft encountered and the approach it took to solving them.

While RC4 has known cipher weaknesses that make it insecure, Kerberoasting exploits a separate weakness. As implemented in Active Directory authentication, it uses no cryptographic salt and a single round of the MD4 hashing function. Salt is a technique that adds random input to each password before it is hashed. That requires hackers to invest considerable time and resources into cracking the hash. MD4, meanwhile, is a fast algorithm that requires modest resources. Microsoft’s implementation of AES-SHA1 is much slower and iterates the hash to further slow down cracking efforts. Taken together, AES-Sha1-hashed passwords require about 1,000 times the time and resources to be cracked.

Windows admins would do well to audit their networks for any usage of RC4. Given its wide adoption and continued use industry-wide, it may still be active, much to the surprise and chagrin of those charged with defending against hackers.

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc Read More »

Google will end dark web reports that alerted users to leaked data

dark web, data leaks, Google, privacy, Security, Tech / Mike M. / December 15, 2025

As Google admits in the email alert, its dark web scans didn’t offer much help. “Feedback showed that it did not provide helpful next steps,” Google said of the service. Here’s the full text of the email.

With other types of personal data alerts provided by the company, it has the power to do something. For example, you can have Google remove pages from search that list your personal data. Google doesn’t run anything on the dark web, though, so all it can do is remind you that your data is being passed around in one of the shadier corners of the Internet.

The shutdown begins on January 15, when Google will stop conducting new scans for user data on the dark web. Past data will no longer be available as of February 16, 2026. Google says it will delete all past reports at that time. However, users can remove their monitoring profile earlier in the account settings. This change does not impact any of Google’s other privacy reports.

The good news is that the best ways to protect your personal data from being shuffled around the dark web are the same ones that keep you safe on the open web. Google suggests always using two-step verification, and tools like Passkeys and Google’s password checkup can ensure you don’t accidentally reuse a compromised password. Stay safe out there.

Google will end dark web reports that alerted users to leaked data Read More »

Maximum-severity vulnerability threatens 6% of all websites

Biz & IT, exploits, react server components, Security, vulnerabilities / Rejus Almole / December 3, 2025

“I usually don’t say this, but patch right freakin’ now,” one researcher wrote. “The React CVE listing (CVE-2025-55182) is a perfect 10.”

React versions 19.0.1, 19.1.2, or 19.2.1 contain the vulnerable code. Third-party components known to be affected include:

Vite RSC plugin
Parcel RSC plugin
React Router RSC preview
RedwoodSDK
Waku
Next.js

According to Wiz and fellow security firm Aikido, the vulnerability, tracked as CVE-2025-55182, resides in Flight, a protocol found in the React Server Components. Next.js has assigned the designation CVE-2025-66478 to track the vulnerability in its package.

The vulnerability stems from unsafe deserialization, the coding process of converting strings, byte streams, and other “serialized” formats into objects or data structures in code. Hackers can exploit the insecure deserialization using payloads that execute malicious code on the server. Patched React versions include stricter validation and hardened deserialization behavior.

“When a server receives a specially crafted, malformed payload, it fails to validate the structure correctly,” Wiz explained. “This allows attacker-controlled data to influence server-side execution logic, resulting in the execution of privileged JavaScript code.”

The company added:

In our experimentation, exploitation of this vulnerability had high fidelity, with a near 100% success rate and can be leveraged to a full remote code execution. The attack vector is unauthenticated and remote, requiring only a specially crafted HTTP request to the target server. It affects the default configuration of popular frameworks.

Both companies are advising admins and developers to upgrade React and any dependencies that rely on it. Users of any of the Remote-enabled frameworks and plugins mentioned above should check with the maintainers for guidance. Aikido also suggests admins and developers scan their codebases and repositories for any use of React with this link.

Maximum-severity vulnerability threatens 6% of all websites Read More »

This hacker conference installed a literal antivirus monitoring system

Science, Security, syndication / Tim Belzer / November 22, 2025

Organizers had a way for attendees to track CO₂ levels throughout the venue—even before they arrived.

Hacker conferences—like all conventions—are notorious for giving attendees a parting gift of mystery illness. To combat “con crud,” New Zealand’s premier hacker conference, Kawaiicon, quietly launched a real-time, room-by-room carbon dioxide monitoring system for attendees.

To get the system up and running, event organizers installed DIY CO₂ monitors throughout the Michael Fowler Centre venue before conference doors opened on November 6. Attendees were able to check a public online dashboard for clean air readings for session rooms, kids’ areas, the front desk, and more, all before even showing up. “It’s ALMOST like we are all nerds in a risk-based industry,” the organizers wrote on the convention’s website.

“What they did is fantastic,” Jeff Moss, founder of the Defcon and Black Hat security conferences, told WIRED. “CO₂ is being used as an approximation for so many things, but there are no easy, inexpensive network monitoring solutions available. Kawaiicon building something to do this is the true spirit of hacking.”

Elevated levels of CO₂ lead to reduced cognitive ability and facilitate transmission of airborne viruses, which can linger in poorly ventilated spaces for hours. The more CO₂ in the air, the more virus-friendly the air becomes, making CO₂ data a handy proxy for tracing pathogens. In fact, the Australian Academy of Science described the pollution in indoor air as “someone else’s breath backwash.” Kawaiicon organizers faced running a large infosec event during a measles outbreak, as well as constantly rolling waves of COVID-19, influenza, and RSV. It’s a familiar pain point for conference organizers frustrated by massive gaps in public health—and lack of control over their venue’s clean air standards.

“In general, the Michael Fowler venue has a single HVAC system, and uses Farr 30/30 filters with a rating of MERV-8,” Kawaiicon organizers explained, referencing the filtration choices in the space where the convention was held. MERV-8 is a budget-friendly choice–standard practice for homes. “The hardest part of the whole process is being limited by what the venue offers,” they explained. “The venue is older, which means less tech to control air flow, and an older HVAC system.”

Kawaiicon’s work began one month before the conference. In early October, organizers deployed a small fleet of 13 RGB Matrix Portal Room CO₂ Monitors, an ambient carbon dioxide monitor DIY project adapted from US electronics and kit company Adafruit Industries. The monitors were connected to an Internet-accessible dashboard with live readings, daily highs and lows, and data history that showed attendees in-room CO₂ trends. Kawaiicon tested its CO₂ monitors in collaboration with researchers from the University of Otago’s public health department.

“That’s awesome,” says Adafruit founder and engineer Limor “Ladyada” Fried about the conference’s adaptation of the Matrix Portal project. “The best part is seeing folks pick up new skills and really understand how we measure and monitor air quality in the real world (like at a con during a measles flare-up)! Hackers and makers are able to be self-reliant when it comes to their public-health information needs.” (For the full specs of the Kawaiicon build, you can check out the GitHub repository here.)

The Michael Fowler Centre is a spectacular blend of Scandinavian brutalism and interior woodwork designed to enhance sound and air, including two grand pou—carved Māori totems—next to the main entrance that rise through to the upper foyers. Its cathedral-like acoustics posed a challenge to Kawaiicon’s air-hacking crew, which they solved by placing the RGB monitors in stereo. There were two on each level of the Main Auditorium (four total), two in the Renouf session space on level 1, plus monitors in the daycare and Kuracon (kids’ hacker conference) areas. To top it off, monitors were placed in the Quiet Room, at the Registration Desk, and in the Green Room.

“The things we had to consider were typical health and safety, and effective placement (breathing height, multiple monitors for multiple spaces, not near windows/doors),” a Kawaiicon spokesperson who goes by Sput online told WIRED over email.

“To be honest, it is no different than having to consider other accessibility options (e.g., access to venue, access to talks, access to private space for personal needs),” Sput wrote. “Being a tech-leaning community it is easier for us to get this set up ourselves, or with volunteer help, but definitely not out of reach given how accessible the CO₂ monitor tech is.”

Kawaiicon’s attendees could quickly check the conditions before they arrived and decide how to protect themselves accordingly. At the event, WIRED observed attendees checking CO₂ levels on their phones, masking and unmasking in different conference areas, and watching a display of all room readings on a dashboard at the registration desk.

In each conference session room, small wall-mounted monitors displayed stoplight colors showing immediate conditions: green for safe, orange for risky, and red to show the room had high CO₂ levels, the top level for risk.

“Everyone who occupies the con space we operate have a different risk and threat model, and we want everyone to feel they can experience the con in a way that fits their model,” the organizers wrote on their website. “Considering Covid-19 is still in the community, we wanted to make sure that everyone had all the information they needed to make their own risk assessment on ‘if’ and ‘how’ they attended the con. So this is our threat model and all the controls and zones we have in place.”

Colorful custom-made Kawaiicon posters by New Zealand artist Pepper Raccoon placed throughout the Michael Fowler Centre displayed a QR code, making the CO₂ dashboard a tap away, no matter where they were at the conference.

“We think this is important so folks don’t put themselves at risk having to go directly up to a monitor to see a reading,” Kawaiicon spokesperson Sput told WIRED, “It also helps folks find a space that they can move to if the reading in their space gets too high.”

It’s a DIY solution any conference can put in place: resources, parts lists, and assembly guides are here.

Kawaiicon’s organizers aren’t keen to pretend there were no risks to gathering in groups during ongoing outbreaks. “Masks are encouraged, but not required,” Kawaiicon’s Health and Safety page stated. “Free masks will be available at the con if you need one.” They encouraged attendees to test before coming in, and for complete accessibility for all hackers who wanted to attend, of any ability, they offered a full virtual con stream with no ticket required.

Trying to find out if a venue will have clean or gross recycled air before attending a hacker conference has been a pain point for researchers who can’t afford to get sick at, or after, the next B-Sides, Defcon, or Black Hat. Kawaiicon addresses this headache. But they’re not here for debates about beliefs or anti-science trolling. “We each have our different risk tolerance,” the organizers wrote. “Just leave others to make the call that is best for them. No one needs your snarky commentary.”

This story originally appeared at WIRED.com.

Wired.com is your essential daily guide to what’s next, delivering the most original and complete take you’ll find anywhere on innovation’s impact on technology, science, business and culture.

This hacker conference installed a literal antivirus monitoring system Read More »

Oops. Cryptographers cancel election results after losing decryption key.

Biz & IT, election systems, encryption keys, iacr, international associate for cryptological research, Security / Tim Belzer / November 22, 2025

One of the world’s premier security organizations has canceled the results of its annual leadership election after an official lost an encryption key needed to unlock results stored in a verifiable and privacy-preserving voting system.

The International Association of Cryptologic Research (IACR) said Friday that the votes were submitted and tallied using Helios, an open source voting system that uses peer-reviewed cryptography to cast and count votes in a verifiable, confidential, and privacy-preserving way. Helios encrypts each vote in a way that assures each ballot is secret. Other cryptography used by Helios allows each voter to confirm their ballot was counted fairly.

An “honest but unfortunate human mistake”

Per the association’s bylaws, three members of the election committee act as independent trustees. To prevent two of them from colluding to cook the results, each trustee holds a third of the cryptographic key material needed to decrypt results.

“Unfortunately, one of the three trustees has irretrievably lost their private key, an honest but unfortunate human mistake, and therefore cannot compute their decryption share,” the IACR said. “As a result, Helios is unable to complete the decryption process, and it is technically impossible for us to obtain or verify the final outcome of this election.”

To prevent a similar incident, the IACR will adopt a new mechanism for managing private keys. Instead of requiring all three chunks of private key material, elections will now require only two. Moti Yung, the trustee who was unable to provide his third of the key material, has resigned. He’s being replaced by Michel Abdalla.

The IACR is a nonprofit scientific organization providing research in cryptology and related fields. Cryptology is the science and practice of designing computation and communication systems that remain secure in the presence of adversaries. The associate is holding a new election that started Friday and runs through December 20.

Oops. Cryptographers cancel election results after losing decryption key. Read More »

How to know if your Asus router is one of thousands hacked by China-state hackers

ASUS, Biz & IT, consumer routers, hacking, Security, state sponsored hacking / Mike M. / November 21, 2025

Thousands of Asus routers have been hacked and are under the control of a suspected China-state group that has yet to reveal its intentions for the mass compromise, researchers said.

The hacking spree is either primarily or exclusively targeting seven models of Asus routers, all of which are no longer supported by the manufacturer, meaning they no longer receive security patches, researchers from SecurityScorecard said. So far, it’s unclear what the attackers do after gaining control of the devices. SecurityScorecard has named the operation WrtHug.

Staying off the radar

SecurityScorecard said it suspects the compromised devices are being used similarly to those found in ORB (operational relay box) networks, which hackers primarily use to conduct espionage to conceal their identity.

“Having this level of access may enable the threat actor to use any compromised router as they see fit,” SecurityScorecard said. “Our experience with ORB networks suggests compromised devices will commonly be used for covert operations and espionage, unlike DDoS attacks and other types of overt malicious activity typically observed from botnets.”

Compromised routers are concentrated in Taiwan, with smaller clusters in South Korea, Japan, Hong Kong, Russia, central Europe, and the United States.

The Chinese government has been caught building massive ORB networks for years. In 2021, the French government warned national businesses and organizations that the APT31—one of China’s most active threat groups—was behind a massive attack campaign that used hacked routers to conduct reconnaissance. Last year, at least three similar China-operated campaigns came to light.

Russian-state hackers have been caught doing the same thing, although not as frequently. In 2018, Kremlin actors infected more than 500,000 small office and home routers with sophisticated malware tracked as VPNFilter. A Russian government group was also independently involved in an operation reported in one of the 2024 router hacks linked above.

How to know if your Asus router is one of thousands hacked by China-state hackers Read More »