Security
• Riot’s Vanguard anti-cheat will block a subset of Valorant players until their motherboard BIOS includes a security patch. • The change targets a UEFI IOMMU bug (CVE-2025-11901, CVE-2025-14302–14304) that can allow pre-boot DMA access. • Patches are available for many newer Intel and AMD chipsets from ASRock, Asus, Gigabyte and
Security
* Key Takeaways: * Apple released iOS 26.2 with critical security fixes and also published iOS 18.7.3 for devices remaining on iOS 18. * Some iPhone owners who opted to stay on iOS 18 report being offered iOS 26.2 only, not the iOS 18.7.3 security update. * The
Security
* Key Takeaways: * Several ASRock, ASUS, GIGABYTE and MSI motherboards contain a UEFI implementation bug that reports DMA protection as enabled but fails to initialize the IOMMU during early boot. * Researchers from Riot Games and a CERT/CC advisory warn the mismatch allows physical attackers with a DMA-capable PCIe device to
Security
* A false earthquake alert for a magnitude 5.9 tremor in Nevada was issued by the United States Geological Survey (USGS). * The erroneous warning was sent to residents as far as 200 miles away, including California's San Francisco Bay Area. * USGS quickly retracted the alert, confirming it was
Security
* A credit card skimmer was discovered at the Family Dollar on 32nd Street Northeast in Cedar Rapids. * The Cedar Rapids Police Department confirmed the finding and has launched an active investigation. * Details are limited as the investigation is ongoing, but the incident highlights a growing national security threat. * The FBI
Security
* An Aransas Pass veteran, Mike Williams, lost thousands of dollars in a sophisticated Bitcoin ATM scam that started with a fake computer virus warning. * Scammers created a false sense of urgency, tricking him into believing his bank accounts were compromised and directing him to deposit cash into a specific Bitcoin
Security
* Analytics provider Mixpanel, used by OpenAI, suffered a significant security breach. * The breach exposed a limited amount of user data exclusively from OpenAI's API platform (platform.openai.com). * OpenAI has immediately terminated its use of Mixpanel and is in the process of notifying all affected users. * Crucially, OpenAI&
Security
* Historic Breach: Conduent exposed the personal and health data of over 10.5 million people, marking the 8th largest healthcare data breach in U.S. history. * Sensitive Data Stolen: The compromised information includes names, Social Security numbers, dates of birth, and detailed medical and insurance data. * Legal Firestorm: The company
Security
* SentinelOne's stock has plummeted, falling 6.4% in the last week and a staggering 28.4% so far this year, sparking investor concern. * A detailed Discounted Cash Flow (DCF) analysis suggests the company could be significantly undervalued, with a potential upside of over 31%. * However, a different metric,
Security
Key Highlights: * Urgent Alert: MI5 has issued a critical espionage warning to UK Members of Parliament (MPs) and peers. * Spies Named: The security agency identified two individuals, Amanda Qiu and Shirly Shen, as being linked to China's intelligence services. * LinkedIn as a Weapon: The pair are allegedly using
Security
* Massive Payout: AT&T has agreed to a $177 million settlement for two major data breaches that occurred in 2024, exposing sensitive customer information. * Potential Compensation: Affected customers are eligible to claim a portion of the settlement, with potential payouts reaching up to $7,500 depending on the extent
Security
* A malicious Visual Studio Code extension named "susvsex" was discovered with built-in ransomware capabilities, likely created with AI assistance. * Separately, security researchers unearthed 17 trojanized npm packages that deploy the Vidar information-stealing malware, downloaded over 2,240 times. * Both threats have been removed from their respective platforms, but