Author: user
A mysterious foot fossil discovered in Ethiopia many years ago belongs to a mysterious and controversial human relative who lived at the same time as our ancestor Lucy, a new study has revealed.This discovery took many years. In 2009, scientists discovered a 3.4-million-year-old foot fossil with toes designed for living in trees. Newly discovered fossilized teeth and jawbones near the so-called Bartele’s Foot suggest that Lucy’s species, Australopithecus afarensis, lived side-by-side with another now extinct human relative, Australopithecus deiremeda, which lived about 3.5 to 3.3 million years ago.The study, published in the journal Nature on Wednesday (November 26), suggests that…
Cybersecurity researchers at Microsoft have identified a critical flaw in modern artificial intelligence (AI) systems. This means that your conversation with the chatbot could have been intercepted by a hacker attack. This bypasses the encryption used to keep your chats private.This attack technique, known as Whisper Leak, is a type of “man-in-the-middle” attack that allows hackers to intercept messages as they travel between servers. This worked because the hacker was able to read the message’s metadata and infer its content.The researchers outlined the attack in a study uploaded to the preprint arXiv database on November 5th. They notified large-scale language…
Several public websites designed to help courts in the United States and Canada manage potential jurors’ personal information had simple security flaws that could easily leak sensitive data such as names and home addresses, TechCrunch has learned exclusively. A security researcher, who requested anonymity for this story, contacted TechCrunch for details on the easily exploitable vulnerability and identified at least a dozen jury websites created by government software maker Tyler Technologies, which he said appear to be vulnerable because they run on the same platform. Our locations are located throughout the country, including California, Illinois, Michigan, Nevada, Ohio, Pennsylvania, Texas,…
South Korea’s financial sector has been targeted by what is described as an advanced supply chain attack that led to the deployment of Qilin ransomware. “This operation combines the capabilities of Qilin, a leading Ransomware-as-a-Service (RaaS) group, with the potential involvement of North Korean state-affiliated actors (Moonstone Sleet), which utilized Managed Service Provider (MSP) compromises as an initial access vector,” Bitdefender said in a report shared with The Hacker News. Qilin has emerged as one of the most active ransomware campaigns this year, with the RaaS team showing “explosive growth” with over 180 victims in October 2025. According to NCC…
Duke University researchers have solved a long-standing mystery about the source of high levels of PFAS contamination in water sources in North Carolina’s Piedmont region. By sampling and analyzing sewage in and around Burlington, researchers traced the source of the PFAS contamination to a local textile manufacturing plant. The source remained hidden for years because the facility did not emit PFAS in a regulated and monitored chemical form. Instead, they found that solid nanoparticle PFAS “precursors” break down into the chemicals that current tests are designed to detect. “We have some of the most sophisticated equipment in the world to…
The first results from the world’s largest neutrino detector have just been published, revealing the most accurate measurements of neutrino parameters to date.After operating the detector at the Jiangmen Underground Neutrino Observatory (JUNO) in southern China for just under two months, researchers were able to measure the parameters of different types, or “flavors,” of neutrinos with unprecedented precision.As a result, the values of two important parameters of the neutrino are narrowed down. It is the mixing angle, which describes how different neutrino mass states combine to form a neutrino flavor, and the square of the difference between these mass states.…
Detection is considered a standard investment and first line of defense, so today’s enterprises are expected to have at least six to eight detection tools. However, security leaders have a hard time justifying dedicating resources to their superiors further downstream in the alert lifecycle. As a result, most organizations’ security investments are asymmetric and robust detection tools coupled with a last line of defense: an under-resourced SOC. A recent case study shows how a company using a standardized SOC prevented sophisticated phishing attacks that evaded key email security tools. This case study involved a cross-company phishing campaign targeting executives at…
Patients with B-cell acute lymphoblastic leukemia in the UK will receive a breakthrough CAR-T therapy on the NHS that has made a difference in clinical trials. This personalized treatment, known as obe-cel (obecabtagene autoleucel), reprograms a patient’s own immune cells to attack cancer, offering hope for remission when conventional treatments fail. Obe-cel, also known as Orcatsil, is manufactured by Autolus Therapeutics, a spin-out from University College London. The therapy is produced in Stevenage, a hub for pharmaceutical research and cell and gene therapy innovation, strengthening the UK’s position at the forefront of CAR-T therapy development. Experts are hailing this as…
November 26, 2025hacker newsSoftware security/patch management If you’re using community tools like Chocolatey and Winget to keep your system up to date, you’re not alone. These platforms are fast, flexible, and easy to use, making them a favorite of IT teams. But there’s a catch… The very tools that make your job easier can also put your system at risk. These tools are community-run. This means anyone can add or update packages. Some packages may be outdated, lack safety checks, or have been modified accidentally or intentionally. Hackers look for these weaknesses. This is already happening in places like NPM…
November 26, 2025Ravi LakshmananBrowser security / Cryptocurrency Cybersecurity researchers have discovered a new malicious extension in the Chrome Web Store that can insert stealthy Solana transfers into swap transactions and transfer funds to an attacker-controlled crypto wallet. The extension, named Crypto Copilot, was first published on May 7, 2024 by a user named ‘sjclark76’. The developer describes the browser add-on as offering the ability to “trade cryptocurrencies directly on X with real-time insights and seamless execution.” This extension has had 12 installations and is still available for download at the time of writing. “Behind the interface, the extension injects additional…