OpenAI updates GPT-5 to close emotional-support gap with GPT-4o At a glance According to reporting from BleepingComputer, OpenAI has rolled out an update intended to improve GPT-5’s ability to provide emotional support. The outlet observed that GPT-5 had previously underperformed relative to GPT-4o on supportive, empathetic interactions, and that the change released today aims to…
Detour Dog Linked to DNS-Enabled Distribution of Strela Stealer via StarFish Backdoor Summary of findings Security researchers at DNS threat intelligence firm Infoblox have attributed a series of information-stealer campaigns to a threat actor tracked as “Detour Dog.” According to Infoblox, Detour Dog maintained operational control over domains that hosted the first-stage component of the…
Signal introduces SPQR to harden messaging against future quantum attacks What Signal announced Signal has unveiled a new cryptographic component called Sparse Post-Quantum Ratchet (SPQR). The company presents SPQR as an addition to its existing end-to-end encryption design intended to provide stronger resilience against the kinds of attacks that could be enabled by large-scale quantum…
Confucius Campaign in Pakistan Deploys WooperStealer and Anondoor in Spear‑Phishing Attacks Campaign summary Security researchers have attributed a recent phishing campaign against targets in Pakistan to the threat actor known as Confucius, which used the information‑stealer WooperStealer alongside a secondary payload referred to as Anondoor. According to reporting, the campaign employed spear‑phishing and malicious documents…
DrayTek Issues Advisory: Remote, Unauthenticated RCE Vulnerability in Vigor Routers What DrayTek reported Networking vendor DrayTek has published an advisory warning of a security vulnerability that affects several Vigor router models. According to the advisory, the flaw could allow remote, unauthenticated actors to execute arbitrary code on impacted devices. DrayTek’s notice alerts administrators and operators…
Ransomware at Motility Software Exposes Data of 766,000 Dealership Customers Summary of the incident A ransomware attack targeting Motility Software Solutions, a provider of dealer management software (DMS), has exposed sensitive information belonging to approximately 766,000 customers. The incident underscores the systemic risk created when technology vendors that serve many organizations are compromised — a…
F‑Droid at risk as Google enforces identity verification for all Android developers Summary of the change and immediate concern F‑Droid, the volunteer‑run catalog and installer for free and open‑source Android applications, has warned that Google’s new requirement for all Android developers to verify their identity could threaten the project’s continued operation. The change obligates developer…
“Battering RAM” Hardware Interposer Can Bypass Intel and AMD Cloud Defenses, Researchers Show Summary of the disclosure Researchers from KU Leuven and the University of Birmingham have demonstrated a practical hardware attack they call “Battering RAM,” using a low-cost interposer that sits in the DRAM channel and can bypass recent security protections on Intel and…
Phantom Taurus: China‑Linked Group Deploys Stealth Malware Against Governments and Telecoms Overview Security researchers at Palo Alto Networks Unit 42 have identified a previously undocumented, China‑aligned nation‑state actor they call “Phantom Taurus.” According to Unit 42, Phantom Taurus has operated for roughly two and a half years, targeting government and telecommunications organizations across Africa, the…
EvilAI Campaign: Malware Masquerading as AI Tools to Seed Global Intrusions Summary of the discovery Security researchers have identified a campaign in which threat actors use seemingly legitimate artificial intelligence (AI) and productivity tools as the delivery mechanism for malware. According to Trend Micro, attackers are deploying these AI-enhanced or productivity applications to slip malicious…