You are browsing archives for
A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,” a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets — including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the suspect and an unidentified co-conspirator rented out the botnet to online […]
The world we dream about I’m finding it really difficult to find the right words to say goodbye to Hadestown. This show and this cast have been the very best that live theater can be; a moment, a happening, an emergent experience that was so much more than the sum of the parts. The cast, […]
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of accounts, the phishers have pivoted to using multiple compromised brokerage […]
Microsoft today released updates to fix more than 100 security flaws in its Windows operating systems and other software. At least 13 of the bugs received Microsoft’s most-dire “critical” rating, meaning they could be abused by malware or malcontents to gain remote access to a Windows system with little or no help from users. August’s […]
A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius Kivimäki, a prolific Finnish hacker recently convicted of leaking tens of thousands of patient records from an online psychotherapy practice while attempting to extort the clinic and its patients. The […]
On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculation and panic among XSS denizens about the identity of the […]
This post was written by Sahar Kazmi and edited by Jaime Mears. A longer version of this post appeared in the Library of Congress staff Gazette on July 25th, 2025. The Library of Congress has embarked on a new multiyear digital initiative, LOCal, that will help expand access to the digital collections through partnerships with […]
Recurring guest writer, Nina Grant discusses how today’s libraries are helping kids grow kinder, one story at a time. Enjoy! When some people think of libraries, they picture piles of books and maybe a grumpy librarian shushing kids for sneezing too loud. But here’s what’s actually happening: libraries across the world are turning into mini […]
Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here’s a closer look at the social engineering tactics and remarkable traits of this sprawling network of more than […]
This is a fascinating summary of a big problem with some AI-enhanced library products: The AI powered Library Search That Refused to Search (Aaron Tay). The link to the ACRLog post is also worth a read: “We Couldn’t Generate an Answer for your Question”. In a nutshell, it appears that Microsoft Azure’s OpenAI content filter, […]
Three news releases in quick succession made my antennae stand up, though they’ve actually been trickling out over the past month. In the order I saw them: Introducing Lumo, the AI where every conversation is confidential. A new privacy-focussed LLM Chatbot from Proton. I’ve only poked at it a bit, but it seems solid, aside […]
KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime ring that is actively targeting established companies in the transportation and aviation industries. Image: […]
Today’s guest post is from Sabrina Templeton, a 2025 Junior Fellow at the Library of Congress. Sabrina is pursuing her MS in Information Studies at the University of Texas at Austin. Prior to starting her degree, she worked as a software engineer and she is passionate about the intersection of library and technology spaces. As this […]
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the SharePoint flaw to breach U.S. federal and state agencies, universities, and energy companies. Image: Shutterstock, by Ascannio. In […]
Today’s post is from Abbey Potter and Isabel Brador of the Digital Strategy Directorate and Kate Murray of the Digital Collections Management & Services Division here at the Library of Congress. Since January 2025, a new Library of Congress working group has been exploring ways to bring responsible AI together with digital preservation through an […]
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 firms. Paradox.ai said the security oversight was […]
Today’s guest post is from Heather Alvord, Liz Caringola, Liz Holdzkom, Genevieve Havemeyer-King and Kate Murray of the Digital Collections Management & Services Division and Ted Westervelt, Chief, US/Anglo Division at the Library of Congress. The Library of Congress Recommended Formats Statement (RFS) is well into its second decade, having first launched in 2014. It […]
Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over […]
Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. The breaches have been linked to a prolific but loosely-affiliated cybercrime group dubbed “Scattered Spider,” whose other […]
Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize control over vulnerable Windows PCs with […]
