The Dutch Data Protection Authority (AP) announced the €290m ($324m) fine yesterday, claiming that it stems from the same concerns that have led to years-long legal wranglings between the EU and US.

Cybercriminals are sending malicious SMS messages demanding payment for non-existent charges across Illinois, Florida, North Carolina, and Washington. These scams imitate state authorities and provide links to fake payment websites to steal data.

A security researcher has published a proof-of-concept exploit for a critical zero-click vulnerability, CVE-2024-38063, in Windows TCP/IP. This flaw allows remote code execution on Windows systems with IPv6 enabled, affecting millions of devices.

Over 100 government officials recently completed a comprehensive cybersecurity training program, focusing on global cybersecurity trends, security standards, and data protection governance.

The scammers targeted both McDonald’s Instagram and a senior marketing director’s Twitter account, leveraging the association between Grimace, McDonald’s iconic purple mascot, and the brand to add credibility to their scam.

Despite law enforcement actions disrupting major ransomware operations, the long-term impact remains uncertain as groups adapt and evolve. Ransomware-as-a-Service (RaaS) collectives are facing growing competition to attract affiliates.

Inherent vulnerabilities stem from the underlying formats and processes of the technology, allowing attackers to exploit features like automatic code execution in ML models and certain dataset formats.

The plugin, which was added to Pidgin’s third-party plugins list on July 6th, was flagged by a user, 0xFFFC0000, on August 16th, who reported suspicious behavior, including the unauthorized capture and sharing of screenshots.

Researchers found a vulnerability in the Shimano Di2 system’s proprietary protocol, making it susceptible to a replay attack. They demonstrated that an attacker could intercept and replay commands using off-the-shelf software-defined radio.