Ernestas Naprys

Lithuania

Senior Journalist at CyberNews

Featured in: Favicon

cybernews.com Favicon

delfi.lt

15min.lt

delfi.ee

newsbeezer.com Favicon

epl.delfi.ee

Articles

Update VMware Tools: hackers can tamper with virtual machines

2 days ago | cybernews.com | Ernestas Naprys

Broadcom alerts that attackers with limited access to a virtual machine can exploit a vulnerability affecting VMware Tools and trigger insecure file operations. The open-source implementation, open-vm-tools, is also affected. Broadcom has released patches addressing the flaw affecting VMware Tools, a suite of utilities that enhance the performance and management of virtual machines (VMs) on the ESXi hypervisor.
Easy subscription cancellation rule delayed to July 14th

3 days ago | cybernews.com | Ernestas Naprys

The jumping through hoops and loops to cancel unwanted subscriptions should end on July 14th, 2025. The Federal Trade Commission (FTC) gives companies two additional months to comply with the click-to-cancel rule. In October last year, the FTC revised a Negative Option Rule, also known as a “click-to-cancel” requirement. The updated rule requires companies to provide an easy way to cancel, no harder than it was to sign up for the services. The rule went into effect on January 19th.
Malware detected in popular JavaScript packages – vibecoders under attack

3 days ago | cybernews.com | Ernestas Naprys

Malware in the Node.js ecosystem is hiding in plain sight. Security researchers uncover npm packages with thousands of installs, delivering remote access trojans, infostealers, or backdoors. The largest one has over 45,000 weekly downloads.
Google adds scam-fighting AI to Chrome: will detect malicious websites, unwanted notifications

6 days ago | cybernews.com | Ernestas Naprys

Google is adding an on-device artificial intelligence (AI) model to Chrome to fight scams. Gemini Nano, a large language model (LLM), will evaluate websites that users visit and alert if potential fraud is detected. The new feature will be included in Chrome 137, which launches this week, currently in beta. Google describes it as an additional layer of protection.
Trezor, MetaMask, Ledger users targeted by a massive global-scale scam campaign

6 days ago | cybernews.com | Ernestas Naprys

A massive “industrial-scale cryptocurrency phishing operation” has been uncovered involving tens of thousands of lure pages, SEO manipulation, abuse of legitimate services, and victims with massive losses. It came to light after one individual, a crypto investor, sent a plea for help after losing approximately eight bitcoin (BTC), or around $500,000 at the time.
Malwarebytes to block Google ads directly on Safari for iOS

6 days ago | cybernews.com | Ernestas Naprys

Malwarebytes announced that its iOS app will start blocking Google’s sponsored ads directly on the Safari browser. The security firm argues that cybercriminals often abuse Google ads to deliver malware or direct users to harmful scam websites. “Sponsored ads on Google search don’t just irritate users—they also provide a dangerous opportunity for cybercriminals to spread malware and scams to their unsuspecting victims.
Hackers abuse X ads to spoof CNN, sell fraudulent “iToken”

1 week ago | cybernews.com | Ernestas Naprys

Scammers on X (former Twitter) are running ads luring users with a fake “iToken” product. The new scam abuses the Apple brand, spoofs a landing page URL to show CNN, but ultimately leads users to a malicious website with a faux Tim Cook peddling a non-existent token. Silent Push, a threat intelligence firm, discovered a new finance scam targeting X users. Cybercriminals abuse the X advertising loophole to appear legitimate.
Dangerous macOS flaw patched that could lead to arbitrary code execution

1 week ago | cybernews.com | Ernestas Naprys

A now-patched security flaw in Apple macOS could have allowed attackers to execute arbitrary code, leading to a compromise, according to Trend Micro Zero Day Initiative (ZDI). Researchers helped to discover and patch an out-of-bounds write vulnerability in macOS that could lead to serious consequences if successfully exploited by attackers.
Tulsi Gabbard’s leaked password is reused by thousands of other people

1 week ago | cybernews.com | Ernestas Naprys

Tulsi Gabbard, the current US Director of National Intelligence, reused the same weak password across multiple personal accounts over several years, according to leaked records reviewed by Wired. Over 100,000 users rely on almost the same password to this day, Cybernews data reveals. Gabbard’s password reportedly appears in leaks dating back to at least 2012.
Previous routers failed me. So I made my own DIY network beast for under $200

1 week ago | cybernews.com | Ernestas Naprys

When I was on a quest to set up my home network, I spent countless hours researching all the possible solutions and hardware combinations. Here’s everything I wish I had known in the beginning. Man, why would you even build a DIY router in the first place? I haven’t been satisfied with three of my previous routers. The first one was issued by the internet service provider — a white square box without a name or firmware updates.