German firm Einhaus Group declared bankruptcy after a $230K ransomware attack by Royal. Despite paying the ransom, the company couldn't recover, underscoring the true cost of cybercrime.

Linux Kernel 6.17 is getting a major influx of Rust code for drivers and infrastructure. This marks a significant step in Rust's growing role in core kernel development.

Linux Kernel 6.17 introduces "Attack Vector Controls," a new system for managing CPU security mitigations by attack type, simplifying administration and boosting performance.

Meta and Stanford unveiled a 3mm-thick holographic VR headset prototype, using laser projection to eliminate bulky optics and bringing VR glasses closer to consumer reality.

Proton has patched a critical flaw in its iOS Authenticator app (v1.1.1) that logged TOTP secrets in plaintext. Users are urged to update immediately to secure their accounts.

Cloudflare accuses Perplexity AI of ignoring robots.txt files and impersonating a browser to evade detection, and has removed it from its list of verified bots.

OpenAI adds new "take a break" reminders to ChatGPT and is refining responses to high-stakes decisions, aiming to combat misinformation and promote healthier AI usage.

A critical SQL injection flaw (CVE-2025-54119, CVSS 10.0) in ADOdb’s SQLite3 driver allows arbitrary SQL execution via improperly escaped table names.

Amazon is reorganizing its audio division, integrating Wondery's narrative content into Audible and creating a new "Creator Services" team for celebrity-led podcasts.

Broadcom has shipped Jericho4, a new 3nm Ethernet router designed for distributed AI. It connects over a million XPUs across data centers with lossless, secure 3.2 Tbps HyperPorts.

Meta is reportedly in talks to acquire AI video startup Pika Labs, a move that would accelerate its push into generative AI and short-form video creation for its platforms.

Elon Musk's xAI has filed a trademark for “MacroHard,” a provocative jab at Microsoft. The move hints at a new multi-agent AI venture and reignites a simmering rivalry with Bill Gates.

Google's August 2025 Android Security Bulletin addresses a critical RCE flaw (CVE-2025-48530) in the core System component, which requires no user interaction for exploitation. Update now!

McAfee uncovers a new Android malware campaign targeting Indian users. The malware impersonates major banks to steal financial data and silently mines Monero in the background.

NVIDIA has patched multiple critical flaws (CVSS 9.8) in its Triton Inference Server. A vulnerability chain allows unauthenticated attackers to gain RCE and seize AI servers.

Cleafy uncovers PlayPraetor, a Chinese-speaking MaaS Android RAT that has infected 11,000+ devices, using real-time control via Accessibility Services to conduct on-device fraud.

APT36, a Pakistan-linked threat actor, is targeting Indian government officials with phishing campaigns that mimic official websites to harvest credentials and Kavach MFA OTPs in real time.

SentinelLABS and Beazley expose PXA Stealer, a Python-based infostealer campaign targeting 62 countries with stealthy DLL sideloading, decoy files, and Telegram-based data exfiltration.

Dell patched a critical flaw (CVE-2025-36594) in DD OS allowing unauthenticated remote auth bypass. DDSH CLI flaws (CVE-2025-30096-30099) also patched.

ThreatLabz reveals the evolution of Raspberry Robin malware, now featuring stronger encryption, complex obfuscation, and a new privilege escalation exploit to bypass detection.

Veracode warns of a North Korean cyber-espionage campaign using malicious NPM packages to spread Beavertail malware and steal crypto from developers via fake interview tasks.