malware
Microsoft found malware that destroys PCs. Here's who's actually at risk
Microsoft discovered GigaWiper malware that overwrites hard drives multiple times and renders entire systems unusable by deleting partition entries and storage contents. PCWorld reports this sophisticated threat primarily targets organizations rather than home users, combining surveillance capabilities with irreversible data destruction. The malware integrates components from older threats like Crucio ransomware and includes a Go-based backdoor for remote system control and stealth operations. Microsoft has discovered a new piece of malware that not only spies on data but also renders entire systems unusable. The malware, known as GigaWiper, combines several destructive functions with a powerful backdoor for attackers. Security researchers at Microsoft Threat Intelligence first detected the activity back in October 2025. The recently published analysis reveals the full extent of the malware's capabilities.
Cheap streaming box could hijack your home internet
This material may not be published, broadcast, rewritten, or redistributed. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset . Powered and implemented by FactSet Digital Solutions . Mutual Fund and ETF data provided by LSEG . A missing kitten rode under a car hood. Midjourney's wild body scanner scans you in water Debt collection letter for debt you don't owe?
What is Windows Secure Boot? Here's what to know
PCWorld explains Windows Secure Boot as a critical security feature that acts like a checkpoint, verifying software before Windows loads to prevent bootkit malware infections. The 2011 Secure Boot certificates are expiring by 2026, requiring updates to 2023 certificates for continued protection against startup attacks and future Windows compatibility. Users should check the Windows Security app's Device Security section for warning indicators and update UEFI/BIOS if needed to maintain robust system security. Most people don't spend time thinking about Secure Boot.
Your Windows PC is at risk if you're missing these security certificates
PCWorld reports that Windows PCs need updated 2023 Secure Boot certificates as older 2011 certificates expire in 2026, leaving systems vulnerable to malware. Hardware vendors, not Microsoft, control these critical security updates through UEFI/BIOS firmware, meaning unsupported older PCs may require hardware upgrades. Users can check their protection status in Windows Security app for a green Secure Boot checkmark and update firmware accordingly. You've probably seen countless warnings lately about Windows and expiring Secure Boot certificates . Why? Some PCs haven't gotten the updates yet--and won't unless you take action.
AI Tools Are Helping Mediocre North Korean Hackers Steal Millions
One group of hackers used AI for everything from vibe coding their malware to creating fake company websites--and stole as much as $12 million in three months. The advent of AI hacking tools has raised fears of a near future in which anyone can use automated tools to dig up exploitable vulnerabilities in any piece of software, like a kind of digital intrusion superpower. Here in the present, however, AI seems to be playing a more mundane, if still concerning, role in hackers' toolkit: It's helping mediocre hackers level up and carry out broad, effective malware campaigns. That includes one group of relatively unskilled North Korean cybercriminals who've been discovered using AI to carry out virtually every part of an operation that hacked thousands of victims to steal their cryptocurrency. On Wednesday, cybersecurity firm Expel revealed what it describes as a North Korean state-sponsored cybercrime operation that installed credential-stealing malware on more than 2,000 computers, specifically targeting the machines of developers working on small cryptocurrency launches, NFT creation, and Web3 projects.
A Proof of Proposition 2.2: additive expansion proposition
We first define the restricted Cheeger constant in the link prediction task. Then, according to Proposition 2.1, we have: Then, we can draw the same conclusion with Eq.12, and the Thus, Eq.16 can be simplified to: "sites" Based on the Eq.15 and Eq.17, we can rewrite L The inequality holds due to the assumption. Knowledge discovery: In the 5 random experiments, we add 500 pseudo links in each iteration. The metadata information of the nodes are all strongly relevant to "Linux" Both papers focus on the "malware"/"phishing" under the topic "Computer security". The detailed result of the case study is shown in Table 6.
AI is already making online swindles easier. It could get much worse.
AI is already making online swindles easier. It could get much worse. Some cybersecurity researchers say it's too early to worry about AI-orchestrated cyberattacks. Others say it could already be happening. Anton Cherepanov is always on the lookout for something interesting. And in late August last year, he spotted just that.
149 Million Usernames and Passwords Exposed by Unsecured Database
This "dream wish list for criminals" includes millions of Gmail, Facebook, banking logins, and more. The researcher who discovered it suspects they were collected using infostealing malware. A database containing 149 million account usernames and passwords--including 48 million for Gmail, 17 million for Facebook, and 420,000 for the cryptocurrency platform Binance --has been removed after a researcher reported the exposure to the hosting provider. The longtime security analyst who discovered the database, Jeremiah Fowler, could not find indications of who owned or operated it, so he worked to notify the host, which took down the trove because it violated a terms of service agreement. In addition to email and social media logins for a number of platforms, Fowler also observed credentials for government systems from multiple countries as well as consumer banking and credit card logins and media streaming platforms.
Comparative Analysis of Hash-based Malware Clustering via K-Means
Thein, Aink Acrie Soe, Pitropakis, Nikolaos, Papadopoulos, Pavlos, Grierson, Sam, Jan, Sana Ullah
With the adoption of multiple digital devices in everyday life, the cyber-attack surface has increased. Adversaries are continuously exploring new avenues to exploit them and deploy malware. On the other hand, detection approaches typically employ hashing-based algorithms such as SSDeep, TLSH, and IMPHash to capture structural and behavioural similarities among binaries. This work focuses on the analysis and evaluation of these techniques for clustering malware samples using the K-means algorithm. More specifically, we experimented with established malware families and traits and found that TLSH and IMPHash produce more distinct, semantically meaningful clusters, whereas SSDeep is more efficient for broader classification tasks. The findings of this work can guide the development of more robust threat-detection mechanisms and adaptive security mechanisms.