Another Week in Cybersecurity Hell

Another Week in Cybersecurity Hell

It's been a wild week for cybersecurity, folks! From Social Security numbers getting lost to AI models being hacked, it seems like the world is one big threat landscape. In this article, we'll take a closer look at some of the latest developments and offer some advice on how to stay safe online.

The State of Your SSN

Remember that time our Social Security numbers got hacked? Well, technically, it was “lost in a data breach,” but the end result was the same: Last year, National Public Data lost the SSNs of nearly every American citizen. The site is back, and this time it's a free people search site, and it probably has your information on it.

If that sounds like a recipe for disaster, you're not alone. Many people are worried about identity theft, and there are steps you can take to protect yourself. We have 11 tips to make sure your data doesn't end up on some shady website. Take a look!

Black Hat and the World of Cybersecurity

Last week, we reported on our coverage from Black Hat in Las Vegas, including an incredible walkthrough of the Network Operations Center (NOC) that powered the conference. We also spoke with Jennifer Granick about her part-plea part-warning to security experts to stop enabling mass surveillance by collecting treasure troves of data.

But breaches don't stop for security conferences. For example, last week, security researchers discovered a flaw in the venerable WinRAR file compression software that could be used to deliver malware. If you use it (and even if you don’t, you probably have it installed), you should update it now.

More Breaches and Vulnerabilities

AT&T customers who were breached back in 2019 may be entitled to a $177 million settlement. We have a guide to help you get your part of the settlement over that hack.

We also published a guide to check your phone for malware, and some things to look out for if you think your phone is being tapped. And don't forget to add a VPN to your security toolkit – we've got tips on how to use it safely and effectively.

GPT-5: The AI Model That's Causing Concern

The launch of GPT-5 has been rocky, to say the least. While Microsoft and OpenAI claim the model is highly secure, several security researchers and analysts have pointed out that it fails on almost every safety and security measure.

A recent test by AI red-teaming company SPLX showed that GPT-5 scored painfully low on security, safety, and “business alignment,” or its propensity to leak data and perform tasks outside of its instructions. This isn't a good sign for the model's future.

North Korean Hackers Exposed in Alleged Data Breach

In a shocking turn of events, Kimsuky, the state-sponsored North Korean hacking group, itself has been hacked by two hackers who describe themselves as having the “complete opposite” of Kimsuky's values.

The hackers made off with close to 9GB of data from the North Korean government, including information on internal operations, phishing logs, tools to build phishing sites to target South Korean government and military officials, and even the entire source code for the internal email platform for South Korea's Ministry of Foreign Affairs.

Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking

Smart buses are being rolled out in many cities, but they're also rolling computers with complicated software that can be breached. Security researchers revealed at the Def Con hacker conference that buses can be remotely hacked using free Wi-Fi.

The vulnerabilities appear to still be unpatched, and security researchers reported easily bypassing a bus's onboard router authentication and accessing the systems that govern everything from collision detection to passenger monitoring.