A student with a laptop and a radio stopped four high-speed trains. The crypto keys hadn’t been changed in 19 years.
A student with a laptop and a radio stopped four high-speed trains. The crypto keys hadn’t been changed in 19 years.

At 23:23 on 5 April, a 23-year-old university student in Taichung transmitted a falsified General Alarm signal into the Taiwan High Speed Rail Corporation’s internal radio system. Four trains travelling at up to 300 km/h received the highest-priority e…

Four OpenClaw flaws let attackers steal data, escalate privileges, and plant backdoors through the agent’s own sandbox
Four OpenClaw flaws let attackers steal data, escalate privileges, and plant backdoors through the agent’s own sandbox

Cybersecurity researchers at Cyera have disclosed four vulnerabilities in OpenClaw that, when chained together, allow an attacker to steal sensitive data, escalate privileges, and establish persistent control over a compromised host. The flaws, collect…

Snap, YouTube, and TikTok settle school addiction lawsuit, leaving Meta to face trial alone
Snap, YouTube, and TikTok settle school addiction lawsuit, leaving Meta to face trial alone

Snap, Google’s YouTube, and ByteDance’s TikTok have reached settlements in the first lawsuit brought by a public school district over claims that social media addiction has disrupted learning and forced schools to spend heavily on combating a youth men…

Google found the first AI-generated zero-day exploit. It stopped the attack before it started.
Google found the first AI-generated zero-day exploit. It stopped the attack before it started.

  Google has identified the first zero-day exploit it believes was developed with artificial intelligence. The criminal threat actor that built it planned to use it in a mass exploitation event. Google’s Threat Intelligence Group discovered the vulnera…

NHS England gives Palantir contractors broader access to patient data
NHS England gives Palantir contractors broader access to patient data

A leaked internal briefing note describes a new admin role on the £330m Federated Data Platform that lets external staff bypass case-by-case data approvals. Patient groups and Labour MPs have called the change dangerous. NHS England has decided to allo…

Cloudflare beat earnings, cut 1,100 jobs because AI agents do the work now, and lost a quarter of its stock price in a day
Cloudflare beat earnings, cut 1,100 jobs because AI agents do the work now, and lost a quarter of its stock price in a day

  Cloudflare beat Wall Street’s revenue and earnings estimates on Wednesday, announced it would cut 1,100 employees because artificial intelligence agents now do their work, and watched its stock fall 24 per cent on Thursday. The sequence is becoming t…

A data centre fire in Almere disabled a university, a transport emergency system, and the assumption that physical infrastructure is someone else’s problem
A data centre fire in Almere disabled a university, a transport emergency system, and the assumption that physical infrastructure is someone else’s problem

A fire at a data centre in Almere on Thursday morning knocked a university offline, disabled the emergency communication system for public transport across an entire province, triggered an NL-Alert to residents across Flevoland, and required a crash te…

The largest education data breach in history was not an attack on a school. It was an attack on a vendor.
The largest education data breach in history was not an attack on a school. It was an attack on a vendor.

  The largest education data breach in history was not an attack on a school. It was an attack on a vendor. On 30 April, hackers exploited a vulnerability in the systems of Instructure, the company that makes Canvas, the learning management system used…

Hospital websites are still leaking patient data to advertisers, four years after the warnings
Hospital websites are still leaking patient data to advertisers, four years after the warnings

A new Bloomberg-Feroot investigation finds that nine of the 10 largest US health companies are still loading advertising trackers on the very pages where patients log in and register. The story keeps repeating because nothing has stopped it. There is, …

The next satisfactory standard for data governance may not come from Brussels. It may come from Beijing.
The next satisfactory standard for data governance may not come from Brussels. It may come from Beijing.

The European Union treats data as a privacy right. The United States treats it as a corporate asset. China treats it as a factor of production, a national economic resource on par with land, labour, capital, and technology. That distinction, which soun…