#private-key-recovery
#private-key-recovery

10 hours ago

The Retroactive Decryption Trap: Why Post-Quantum Upgrades Can't Save Your Past Privacy

Google's whitepaper on quantum threats urges immediate post-quantum preparations, shifting the migration deadline to 2029 and highlighting vulnerabilities in blockchain security.

fromNature

'It's a real shock': quantum-computing breakthroughs pose imminent risks to cybersecurity

Quantum hackers could pose a serious threat to digital security by the end of this decade, much sooner than previously anticipated.

New quantum-computing advances heighten threat to elliptic curve cryptosystems

Utility-scale quantum computers can break elliptic curve cryptography much more efficiently than previously thought.

Google's Quantum Advances Bring Bitcoin Security Debate Into Focus

Breaking elliptic curve cryptography may require fewer quantum resources than previously thought, raising urgency in the crypto industry.

Google Warns Quantum Computers Could Crack Crypto Sooner Than Expected

Quantum computing poses an imminent threat to cryptocurrency security, with fewer resources needed to break current cryptographic protections than previously estimated.

Shrinking PQC timeline highlights immediate risk to data security | Computer Weekly

Google's accelerated timeline for post-quantum cryptography highlights urgent data security risks posed by quantum computers that need immediate attention.

10 hours ago

The Retroactive Decryption Trap: Why Post-Quantum Upgrades Can't Save Your Past Privacy

Google's whitepaper on quantum threats urges immediate post-quantum preparations, shifting the migration deadline to 2029 and highlighting vulnerabilities in blockchain security.

fromNature

'It's a real shock': quantum-computing breakthroughs pose imminent risks to cybersecurity

Quantum hackers could pose a serious threat to digital security by the end of this decade, much sooner than previously anticipated.

New quantum-computing advances heighten threat to elliptic curve cryptosystems

Utility-scale quantum computers can break elliptic curve cryptography much more efficiently than previously thought.

Google's Quantum Advances Bring Bitcoin Security Debate Into Focus

Breaking elliptic curve cryptography may require fewer quantum resources than previously thought, raising urgency in the crypto industry.

Google Warns Quantum Computers Could Crack Crypto Sooner Than Expected

Quantum computing poses an imminent threat to cryptocurrency security, with fewer resources needed to break current cryptographic protections than previously estimated.

Shrinking PQC timeline highlights immediate risk to data security | Computer Weekly

Google's accelerated timeline for post-quantum cryptography highlights urgent data security risks posed by quantum computers that need immediate attention.

more#quantum-computing

fromEngadget

13 minutes ago

Ireland is testing out a digital wallet that conducts age verification for social media users

Ireland is trialing a Government Digital Wallet to verify user age for social media access, aiming for user-friendly design before its 2026 EU deadline.

#data-breach

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

fromTheregister

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

fromTheregister

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

21 hours ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

21 hours ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

more#openclaw

#ai

fromHarvard Business Review

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

5 days ago

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

fromHarvard Business Review

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

5 days ago

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

NYC startup

Latest crypto hack sees thieves make off with $280 million from Solana DeFi platform Drift | Fortune

7 hours ago

EU data protection

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

fromTNW | Eu

4 hours ago

Information security

European Commission breached after hackers poisoned open-source security tool Trivy

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Third-party risk management is now a critical security challenge and growth opportunity for service providers.

10 Data Security Stories to Know About (March 2026)

March saw significant data security incidents including cyberattacks, data purchases by the FBI, and breaches affecting millions of customers.

NYC startup

fromFortune

Latest crypto hack sees thieves make off with $280 million from Solana DeFi platform Drift | Fortune

Drift suffered a $280 million hack attributed to North Korea, utilizing a novel attack method involving durable nonces.

7 hours ago

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.

fromTNW | Eu

4 hours ago

European Commission breached after hackers poisoned open-source security tool Trivy

A major data breach at the European Commission was caused by TeamPCP exploiting a supply chain attack on the Trivy security tool.

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Third-party risk management is now a critical security challenge and growth opportunity for service providers.

10 Data Security Stories to Know About (March 2026)

March saw significant data security incidents including cyberattacks, data purchases by the FBI, and breaches affecting millions of customers.

Apple issues warning to iPhone users over stealthy attack: Act NOW

Apple has released critical iOS updates to protect against the DarkSword cyberattack method targeting vulnerable devices.

Roam Research

New Rowhammer attacks give complete control of machines running Nvidia GPUs

Rowhammer attacks on Nvidia GPUs can compromise CPU memory, allowing full control of host machines.

Poker

fromBusiness Matters

Digital Wallets and the Future of Casino Payments in the UK

Digital wallets are preferred for online payments due to their speed, ease of use, and enhanced privacy, especially in casino transactions.

#generative-ai

fromBig Think

Digital life

3 ways to prove you're human online

fromNextgov.com

New methods for assuring digital identity and authenticity

Generative AI is transforming content creation, increasing the need for reliable identity verification and authenticity in digital media.

Digital life

fromBig Think

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.

fromNextgov.com

New methods for assuring digital identity and authenticity

Generative AI is transforming content creation, increasing the need for reliable identity verification and authenticity in digital media.

more#generative-ai

Business intelligence

5 days ago

Beyond Locking Doors

Access control systems provide valuable data that enhances operational efficiency and decision-making beyond just security.

27 minutes ago

USDC Freeze Controversy: ZachXBT Says Circle Froze 16 Legitimate Wallets, Missed Real Hacks

ZachXBT identified 15 cases of over $420M in illicit USDC flows that Circle failed to freeze promptly since 2022.

fromElectronic Frontier Foundation

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.

#privacy

Privacy technologies

Double Shot of Privacy's Defender in D.C.

Privacy technologies

What If Your VPN, Phone Number, And AI Chat Left Zero Trace? Meet Nadanada.me - The "Nothing At All" Privacy Revolution

fromElectronic Frontier Foundation

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Privacy technologies

Double Shot of Privacy's Defender in D.C.

What If Your VPN, Phone Number, And AI Chat Left Zero Trace? Meet Nadanada.me - The "Nothing At All" Privacy Revolution

LNVPN has evolved into a comprehensive privacy infrastructure service offering anonymous eSIM data plans, disposable phone numbers, and AI chat tools.

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.

fromTNW | Insights

3 hours ago

KeeperDB brings zero-trust database access to privileged access management

Database credentials are a major attack vector, and KeeperDB integrates access controls into its PAM platform to enhance security.

Drift Protocol Hack 2026: What Happened, Who Lost Money, and What's Next

A Solana-based perpetual futures exchange lost $286 million in 12 minutes due to a sophisticated attack involving fake collateral and social engineering.

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

Drift Protocol Hack 2026: What Happened, Who Lost Money, and What's Next

A Solana-based perpetual futures exchange lost $286 million in 12 minutes due to a sophisticated attack involving fake collateral and social engineering.

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

DevOps

fromInfoQ

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.

Artificial intelligence

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

Elon Musk's X to Auto-Lock Accounts Posting Crypto for First Time

X introduces auto-lock for accounts making first crypto posts to combat phishing attacks.

Warren Presses Commerce Department Over Bitmain Security Risks and Trump-Linked Crypto Ties

Heightened scrutiny over crypto supply chains involves concerns about foreign influence and infrastructure vulnerabilities linked to Bitmain and Eric Trump's ventures.

Elon Musk's X to Auto-Lock Accounts Posting Crypto for First Time

X introduces auto-lock for accounts making first crypto posts to combat phishing attacks.

Warren Presses Commerce Department Over Bitmain Security Risks and Trump-Linked Crypto Ties

Heightened scrutiny over crypto supply chains involves concerns about foreign influence and infrastructure vulnerabilities linked to Bitmain and Eric Trump's ventures.

more#crypto

fromZDNET

I turned to PrivacyBee to clean up my data - here's how it made me disappear

PrivacyBee is preferred for its comprehensive data removal services and user-friendly management tools.

14 hours ago

SEC Warns Fake Officials Exploit Trust With Fraud Tactics Targeting Investors

Impersonation scams using SEC branding are increasing, exploiting investor trust through social media and text messages.

REAL and Redstone Collaborate to Enhance Data Integrity for Tokenized Assets

REAL partners with Redstone to enhance data transparency and risk intelligence in its ecosystem for tokenized assets.

Kraken User Loses $18.2M in Crypto Social Engineering Attack as Funds Move via Thorchain: ZachXBT

A coordinated theft involved phishing tactics, rapid asset transfers, and laundering of approximately $1.8 million in ether through decentralized protocols.

REAL and Redstone Collaborate to Enhance Data Integrity for Tokenized Assets

REAL partners with Redstone to enhance data transparency and risk intelligence in its ecosystem for tokenized assets.

Kraken User Loses $18.2M in Crypto Social Engineering Attack as Funds Move via Thorchain: ZachXBT

A coordinated theft involved phishing tactics, rapid asset transfers, and laundering of approximately $1.8 million in ether through decentralized protocols.

more#blockchain

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

fromFortune

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

fromFortune

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

more#north-korea

fromAdvocate.com

How the Kash Patel hack turned a college-linked username into a security warning

FBI Director Kash Patel's personal email was hacked, exposing over 300 emails and photos, raising concerns about digital security and identity management.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

5 telltale signs that your phone has been compromised (and how to combat them)

Phone hacking can be detected through signs like battery drain, slow performance, unfamiliar logins, and reduced storage space.

#bitcoin

Cryptocurrency

How Real Is The Quantum Threat?

fromFast Company

Cryptocurrency

Bitcoin could fall victim to quantum computers sooner than expected. Now crypto investors are turning to these alternative coins

Cryptocurrency

Bitcoin Treasury Companies Are Dumping Their Bitcoin

Google's New Quantum Research Renews Push To Secure Bitcoin

Bitcoin's reliance on elliptic curve cryptography faces potential threats from quantum computing advancements, necessitating urgent preparation among developers and investors.

How Real Is The Quantum Threat?

A panel titled 'How Real Is The Quantum Threat?' will address quantum computing's impact on Bitcoin at Bitcoin 2026.

fromFast Company

Bitcoin could fall victim to quantum computers sooner than expected. Now crypto investors are turning to these alternative coins

Bitcoin's security is threatened by quantum computers, prompting a shift towards quantum-resistant tokens.

Bitcoin Treasury Companies Are Dumping Their Bitcoin

Public companies and sovereign entities are selling bitcoin to address liquidity needs and operational priorities, marking a shift from previous accumulation trends.

Google's New Quantum Research Renews Push To Secure Bitcoin

Bitcoin's reliance on elliptic curve cryptography faces potential threats from quantum computing advancements, necessitating urgent preparation among developers and investors.

more#bitcoin

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

ViaBTC Showcases Collateral-Pledged Loan Solutions to Navigate Diverse Market Conditions

ViaBTC offers a collateral-pledged loan service to help miners maintain operations during bear markets without selling their cryptocurrencies.

Hasbro says it was hacked, and may take 'several weeks' to recover | TechCrunch

Hasbro detected an intrusion on March 28, prompting the company to take down some of its systems. Parts of Hasbro's website appeared down, with error messages indicating maintenance.

Privacy professionals

fromWIRED

20 hours ago

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack | TechCrunch

Drift has suspended withdrawals and deposits due to a significant security incident involving a potential theft of up to $285 million.

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

TeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.

#phishing

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Tycoon 2FA continues to operate despite international takedown efforts, facilitating phishing attacks and compromising accounts without alerts.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Tycoon 2FA continues to operate despite international takedown efforts, facilitating phishing attacks and compromising accounts without alerts.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

more#phishing

fromTearsheet

How Paze is betting bank trust can crack the digital wallet market - Tearsheet

I'm the general manager of Paze, one of the business units of Early Warning Services. The mandate is really to take Paze and bring this new payment checkout system to the masses - both on the consumer side and on the merchant side - really making sure that our goal of becoming one of the top three wallets for checkout in the next five years becomes reality.

Cryptocurrency

fromComputerworld

23 hours ago

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

Information security

fromMedCity News

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

Naoris Protocol Deploys Post-Quantum Mainnet to Secure Global Digital Infrastructure

Naoris Protocol launched its Layer 1 mainnet for decentralized post-quantum security, processing over 106 million transactions to combat quantum computing threats.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

fromTechzine Global

Axios supply chain attack victim posts postmortem to prevent a repeat

Axios was compromised for three hours, distributing Remote Access Trojans due to a sophisticated social engineering attack by North Korean group UNC1069.

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation exploits the React2Shell vulnerability to steal sensitive data from compromised hosts across multiple regions.

E-Commerce

fromCointelegraph

2 months ago

How a Third-Party Leak Fueled Phishing Against Ledger Users

A breach at an e-commerce partner can expose customers' order and contact details, enabling highly convincing phishing that leverages real purchase context.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

fromCointelegraph

How a 'Wrong Number' Message Turned Into a $3.4M Crypto Scam

This $3.4 million scam illustrates the rise of social engineering in crypto fraud, focusing on emotional manipulation over technical exploits.

fromComputerworld

Jamf warns of massive app insecurities

Mac and iOS users face significant security threats, with many devices vulnerable to attacks and outdated systems.

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

fromTechzine Global

Blind trust in hardware vendors is always a bad idea

Attackers are increasingly targeting hardware and firmware vulnerabilities as traditional security tools focus primarily on software layers.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

fromTelecompetitor

Quantum network supports high-security QKD: How it works, why it matters

Quantum technology presents both risks and benefits for network security, particularly through quantum key distribution (QKD) as a solution to encryption vulnerabilities.

fromTheregister

Security boffins harvest bumper crop of API keys from web

Almost 2,000 API credentials were found exposed on 10,000 webpages, posing significant security risks to organizations and critical infrastructure.

fromTechzine Global