CySecurity News - Latest Information Security and Hacking Incidents: Encryption

AI Cybersecurity Data Encryption Hacking Passwords penetration redteam SharePoint Vulnerabilities and Exploits Vulnerability

Pen Test Partners Uncovers Major Vulnerability in Microsoft Copilot AI for SharePoint

Pen Test Partners, a renowned cybersecurity and penetration testing firm, recently exposed a critical vulnerability in Microsoft’s Copilot AI for SharePoint. Known for simulating real-world hacking scenarios, the company’s redteam specialists investigate how systems can be breached just like skilled threatactors would attempt in real-time. With attackers increasingly leveraging AI, ethical hackers are now adopting similar methods—and the outcomes are raising eyebrows.

In a recent test, the Pen Test Partners team explored how Microsoft Copilot AI integrated into SharePoint could be manipulated. They encountered a significant issue when a seemingly secure encrypted spreadsheet was exposed—simply by instructing Copilot to retrieve it. Despite SharePoint’s robust access controls preventing file access through conventional means, the AI assistant was able to bypass those protections.

“The agent then successfully printed the contents,” said Jack Barradell-Johns, a red team security consultant at Pen Test Partners, “including the passwords allowing us to access the encrypted spreadsheet.”

This alarming outcome underlines the dual-nature of AI in informationsecurity—it can enhance defenses, but also inadvertently open doors to attackers if not properly governed.

Barradell-Johns further detailed the engagement, explaining how the red team encountered a file labeled passwords.txt, placed near the encrypted spreadsheet. When traditional methods failed due to browser-based restrictions, the hackers used their red team expertise and simply asked the Copilot AI agent to fetch it.

“Notably,” Barradell-Johns added, “in this case, all methods of opening the file in the browser had been restricted.”

Still, those download limitations were sidestepped. The AI agent output the full contents, including sensitive credentials, and allowed the team to easily copy the chat thread, revealing a potential weak point in AI-assisted collaborationtools.

This case serves as a powerful reminder: as AItools become more embedded in enterprise workflows, their securitytesting must evolve in step. It's not just about protecting the front door—it’s about teaching your digital assistant not to hold it open for strangers.

For those interested in the full technical breakdown, the complete Pen Test Partners report dives into the step-by-step methods used and broader securityimplications of Copilot’s current design.

Davey Winder reached out to Microsoft, and a spokesperson said:

“SharePoint information protection principles ensure that content is secured at the storage level through user-specific permissions and that access is audited. This means that if a user does not have permission to access specific content, they will not be able to view it through Copilot or any other agent. Additionally, any access to content through Copilot or an agent is logged and monitored for compliance and security.”

Further, Davey Winder then contacted Ken Munro, founder of Pen Test Partners, who issued the following statement addressing the points made in the one provided by Microsoft.

“Microsoft are technically correct about user permissions, but that’s not what we are exploiting here. They are also correct about logging, but again it comes down to configuration. In many cases, organisations aren’t typically logging the activities that we’re taking advantage of here. Having more granular user permissions would mitigate this, but in many organisations data on SharePoint isn’t as well managed as it could be. That’s exactly what we’re exploiting. These agents are enabled per user, based on licenses, and organisations we have spoken to do not always understand the implications of adding those licenses to their users.”

Pentera Report: 67% of Companies Hit by Data Breaches in Past Two Years



 

validation

Automation Compliance Cybersecurity Data Breach Downtime Encryption Infrastructure PenTesting Risk validation

Pentera Report: 67% of Companies Hit by Data Breaches in Past Two Years

A new study by Pentera reveals that 67% of organizations have experienced a data breach in the last 24 months — with 24% affected in the past year, and 43% reporting incidents within the previous 12 months.

The most common consequence of these breaches was unplanned downtime, affecting 36% of companies. In addition, 30% faced data compromise, while 28% incurred financial losses, emphasizing the growing risk and impact of security failures.

Among the organizations that shared the breach aftermath, a startling 76% said the incidents affected the confidentiality, integrity, or availability of their data. Only 24% reported no significant consequences.

Confidence in government-led cybersecurity efforts is also alarmingly low. Just 14% of cybersecurity leaders said they trust the support provided. Although 64% of CISOs acknowledged receiving some level of help, many feel it’s not enough to safeguard the private sector.

To strengthen cyber defenses, U.S. enterprises are spending an average of $187,000 a year on penetration testing, which simulates cyberattacks to uncover system vulnerabilities. This figure makes up just over 10% of the overall IT security budget, yet over 50% of CISOs plan to increase this allocation in 2025.

Still, companies are making system changes — such as new users, configuration updates, and permission modifications — much more frequently than they validate security. The report highlights that 96% of U.S. organizations update infrastructure quarterly, but only 30% test their defenses at the same pace.

“The pace of change in enterprise environments has made traditional testing methods unsustainable,” said Jason Mar-Tang, Field CISO at Pentera.

“96% of organizations are making changes to their IT environment at least quarterly. Without automation and technology-driven validation, it's nearly impossible to keep up. The report’s findings reinforce the need for scalable security validation strategies that meet the speed and complexity of today’s environments.”

Florida Scraps Controversial Law That Threatened Online Privacy



 

Social Media

Encryption Florida Instagram Law Privacy Social Media

Florida Scraps Controversial Law That Threatened Online Privacy

A proposed law in Florida that raised concerns about online privacy has now been officially dropped. The bill, called “Social Media Use by Minors,” aimed to place tighter controls on how children use social media. While it was introduced to protect young users, many experts argued it would have done more harm than good — not just for kids, but for all internet users.

One major issue with the bill was its demand for social media platforms to change how they protect users’ messages. Apps like WhatsApp, Signal, iMessage, and Instagram use something called end-to-end encryption. This feature makes messages unreadable to anyone except the person you're talking to. Not even the app itself can access the content.

The bill, however, would have required these platforms to create a special way for authorities to unlock private messages if they had a legal order. But cybersecurity professionals have long said that once such a "backdoor" exists, it can't be safely limited to just the police. Criminals, hackers, or even foreign spies could find and misuse it. Creating a backdoor for some means weakening protection for all.

The bill also included other rules, like banning temporary or disappearing messages for children and letting parents view everything their child does on social media. Critics worried this would put young users at greater risk, especially those needing privacy in situations like abuse or bullying.

Even though the Florida Senate passed the bill, the House of Representatives refused to approve it. On May 3, 2025, the bill was officially removed from further discussion. Digital privacy advocates, such as the Electronic Frontier Foundation, welcomed this move, calling it a step in the right direction for protecting online privacy.

This isn’t the first time governments have tried and failed to weaken encryption. Similar efforts have been blocked in other parts of the world, like France and the European Union, for the same reason: once secure messaging is weakened, it puts everyone at risk.

For now, users in Florida can breathe a sigh of relief. The bill’s failure shows growing recognition of how vital strong encryption is in keeping our personal information safe online.

Google’s New Android Security Update Might Auto-Reboot Your Phone After 3 Days



 

update

AFU Android auto-restart BFU Data Encryption Google Pin Privacy reboot Security Smartphone update

Google’s New Android Security Update Might Auto-Reboot Your Phone After 3 Days

In a recent update to Google Play Services, the tech giant revealed a new security feature that could soon reboot your Android smartphone automatically — and this move could actually boost your device’s safety.

According to the update, Android phones left unused for three consecutive days will automatically restart. While this might sound intrusive at first, the reboot comes with key security benefits.

There are two primary reasons why this feature is important:

First, after a reboot, the only way to unlock a phone is by entering the PIN — biometric options like fingerprint or facial recognition won’t work until the PIN is input manually. This ensures added protection, especially for users who haven’t set up any screen lock. A forced PIN entry makes it much harder for unauthorized individuals to access your device or the data on it.

Second, the update enhances encryption security. Android devices operate in two states: Before First Unlock (BFU) and After First Unlock (AFU). In the BFU state, your phone’s contents are completely encrypted, meaning that even advanced tools can’t extract the data.

This security measure also affects how law enforcement and investigative agencies handle seized phones. Since the BFU state kicks in automatically after a reboot, authorities have a limited window to access a device before it locks down data access completely.

“A BFU phone remains connected to Wi-Fi or mobile data, meaning that if you lose your phone and it reboots, you'll still be able to use location-finding services.”

The feature is listed in Google’s April 2025 System release notes, and while it appears to extend to Android tablets, it won’t apply to wearables like the Pixel Watch, Android Auto, or Android TVs.

As of now, Google hasn’t clarified whether users will have the option to turn off this feature or customize the three-day timer.

Because it’s tied to Google Play Services, users will receive the feature passively — there’s no need for a full system update to access it.

Massive Data Leak Exposes 520,000+ Ticket Records from Resale Platform 'Ticket to Cash'



 

ticketing

Cybersecurity Data Breach Digital Security Encryption event tickets Fraud Hacking Identity Theft PII Privacy ticketing

Massive Data Leak Exposes 520,000+ Ticket Records from Resale Platform 'Ticket to Cash'

A critical security lapse at online ticket resale platform Ticket to Cash has led to a major data breach, exposing over 520,000 records, according to a report by vpnMentor. The leak was first uncovered by cybersecurity researcher Jeremiah Fowler, who found the unsecured and unencrypted database without any password protection.

The database, weighing in at a massive 200 GB, contained a mix of PDFs, images, and JSON files. Among the leaked files were thousands of concert and live event tickets, proof of transfers, and receipt screenshots. Alarmingly, many documents included personally identifiable information (PII) such as full names, email addresses, physical addresses, and partial credit card details.

Using the internal structure and naming conventions within the files, Fowler traced the data back to Ticket to Cash, a company that facilitates ticket resale through over 1,000 partner websites. “Despite contacting TicketToCash.com through a responsible disclosure notice,” Fowler reported, “I initially received no response, and the database remained publicly accessible.” It wasn’t until four days later, following a second notice, that the data was finally secured. By then, an additional 2,000+ files had been exposed.

The responsible party behind maintaining the database—whether Ticket to Cash or a third-party contractor—remains uncertain. It’s also unknown how long the database was left open or whether it had been accessed by malicious actors. “Only a thorough internal forensic investigation could provide further clarity,” Fowler emphasized.

Ticket to Cash enables users to list tickets without upfront fees, taking a cut only when sales occur. However, the company has faced criticism over customer service, particularly regarding payment delays via PayPal and difficulty reaching support. Fowler also noted the lack of prompt communication during the disclosure process.

This breach raises serious concerns over data privacy and cybersecurity practices in the digital ticketing world. Leaked PII and partial financial information are prime targets for identity theft and fraud, posing risks well beyond the original ticketed events. As online ticketing becomes more widespread, this incident serves as a stark reminder of the need for strong security protocols and rapid response mechanisms to safeguard user data.

Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack



 

Ransomware

Akira Attack Breach Cloud Cybersecurity Data Encryption Extortion FBI Hitachi malware Ransomware

Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack

Hitachi Vantara, a subsidiary of Japan's Hitachi conglomerate, temporarily shut down several servers over the weekend after falling victim to a ransomware incident attributed to the Akira group.

The company, known for offering data infrastructure, cloud operations, and cyber resilience solutions, serves government agencies and major global enterprises like BMW, Telefónica, T-Mobile, and China Telecom.

In a statement to BleepingComputer, Hitachi Vantara confirmed the cyberattack and revealed it had brought in external cybersecurity specialists to assess the situation. The company is now working to restore all affected systems.

“On April 26, 2025, Hitachi Vantara experienced a ransomware incident that has resulted in a disruption to some of our systems," Hitachi Vantara told BleepingComputer.

"Upon detecting suspicious activity, we immediately launched our incident response protocols and engaged third-party subject matter experts to support our investigation and remediation process. Additionally, we proactively took our servers offline in order to contain the incident.

We are working as quickly as possible with our third-party subject matter experts to remediate this incident, continue to support our customers, and bring our systems back online in a secure manner. We thank our customers and partners for their patience and flexibility during this time."

Although the company has not officially attributed the breach to any specific threat actor, BleepingComputer reports that sources have linked the attack to the Akira ransomware operation. Insiders allege that the attackers exfiltrated sensitive data and left ransom notes on infiltrated systems.

While cloud services remained unaffected, sources noted that internal platforms at Hitachi Vantara and its manufacturing arm experienced disruption. Despite these outages, clients operating self-hosted systems are still able to access their data.

A separate source confirmed that several government-led initiatives have also been impacted by the cyberattack.

Akira ransomware first appeared in March 2023 and swiftly became notorious for targeting a wide range of sectors worldwide. Since its emergence, the group has reportedly compromised more than 300 organizations, including high-profile names like Stanford University and Nissan (in Oceania and Australia).

The FBI estimates that Akira collected over $42 million in ransom payments by April 2024 after infiltrating over 250 organizations. According to chat logs reviewed by BleepingComputer, the gang typically demands between $200,000 and several million dollars, depending on the scale and sensitivity of the targeted entity.

Keywords: ransomware, cybersecurity, Hitachi, Akira, cloud, breach, data, FBI, malware, attack, encryption, extortion, hacking, disruption, recovery, infrastructure, digital, protection

Scientists Achieve Groundbreaking Control Over Dual Quantum Light Sources



 

quantumphysics

Computing Cyber Security Cybersecurity Encryption entanglement Network photon Quantum quantumcomputers quantumphysics

Scientists Achieve Groundbreaking Control Over Dual Quantum Light Sources

In a major milestone for quantum research, scientists from the University of Copenhagen, in collaboration with Ruhr University Bochum, have achieved what was previously thought impossible—simultaneous control over two quantum light sources. Until now, researchers had only been able to manage one, making this a pivotal step forward for the future of quantum technology.

To those outside the field, the feat may seem modest. But within the realm of quantum, it's a transformational leap. The breakthrough enables entanglement between two light sources, paving the way for future computing, encryption, and network applications powered by quantum systems.

Mastering the interaction of multiple quantum light sources is essential for building scalable quantum networks. Entanglement—the phenomenon where two particles remain interconnected regardless of distance—is central to quantumphysics. Without it, efforts to create ultra-fast quantumcomputers and advanced cybersecurity solutions would stall.

The findings, recently published in Science, mark a turning point. Researchers from the Niels Bohr Institute believe this could accelerate the commercialization of quantum technologies.

Peter Lodahl, who led the initiative, described it as a major step forward. "We can now control two quantum light sources and connect them. It might not sound like much, but it’s a major advancement and builds upon the past 20 years of work," he shared.

Lodahl, who has been investigating the potential of quantum light since 2001, added: "By doing so, we’ve revealed the key to scaling up the technology, which is crucial for the most groundbreaking of quantum hardware applications." This progress propels the global race to develop quantum-based computers, security, and even a new form of the internet.

The innovation stems from a custom-designed nanochip, only slightly wider than a human hair. Developed over several years, this chip has become the foundation for this scientific leap.

Lodahl's team specializes in photon-based quantum communication, where particles of light transport information. Until this breakthrough, the challenge was that these light sources were too sensitive to external disturbances, limiting control to just one at a time. Now, they've succeeded in developing two identical, noise-resistant quantum light sources.

"Entanglement means that by controlling one light source, you immediately affect the other. This makes it possible to create a whole network of entangled quantum light sources, all of which interact with one another, and which you can get to perform quantum bit operations in the same way as bits in a regular computer, only much more powerfully," explained lead author and postdoctoral researcher Alexey Tiranov.

A quantumbit, or qubit, can exist as both a 1 and 0 simultaneously—enabling processing speeds that dwarf traditional systems. As Lodahl notes, 100 photons from a single quantum light source contain more information

than the world's largest supercomputer can process.

With 20-30 entangled light sources, scientists could construct a universal, error-corrected quantum computer—the ultimate prize in this field. Leading technology companies are already investing billions into this endeavor.

The biggest obstacle? Scaling from one to two light sources. This required crafting ultra-quiet nanochips and achieving precise control over both light sources. With that now achieved, the foundational research is in place. The next step: transitioning from lab success to real-world quantum systems.

"It is too expensive for a university to build a setup where we control 15-20 quantum light sources. So, now that we have contributed to understanding the fundamental quantum physics and taken the first step along the way, scaling up further is very much a technological task," said Lodahl.

The research was conducted at the Danish National Research Foundation's Center of Excellence for Hybrid Quantum Networks (Hy-Q), a joint effort between the University of Copenhagen’s Niels Bohr Institute and Ruhr University Bochum in Germany.

Telegram Says It Will Quit Markets That Demand User Data Access



 

data breach data access Encryption Government Telegram

Telegram Says It Will Quit Markets That Demand User Data Access

Telegram, the popular messaging app, has made it clear that it will never allow anyone to read users’ private chats. Its founder, Pavel Durov, recently said that if any government forces the app to break its privacy rules, Telegram will simply stop operating in that country.

Durov shared this message with users through his official Telegram channel on April 21, 2025. He said that, unlike some other tech companies, Telegram refuses to trade privacy for profit. Since it started 12 years ago, the app has never given out private messages to anyone.

This strong response comes after many European countries, especially France, have been pushing for laws that would give police and other authorities access to encrypted messages. Encrypted chats are protected by special codes that make it difficult for anyone else to read them. Governments want tech companies to build “backdoors” — hidden ways to unlock these messages — so law enforcement can look into criminal activities.

France had even proposed a new rule that would force apps like Telegram to help authorities unlock private data when asked. However, this idea was recently turned down. If it had passed, France would have been the first country to remove such privacy rights from its citizens.

Cybersecurity experts say adding backdoors to messaging apps is dangerous. If one group can access these hidden tools, so can others — including hackers or foreign governments. Once security is weakened, it can’t be limited to just one user or one case.

Durov also mentioned that creating backdoors won’t stop criminals. He explained that people with bad intentions will always find other ways to hide, such as using VPNs or less-known secure apps.

In August 2024, French officials arrested Durov and accused him of providing encrypted services to criminals. That case is still being investigated.

Even though the recent proposal was blocked in France, Durov believes that the fight for digital privacy is not over. Some French officials are still in favor of breaking encryption, and other countries, like Sweden, are thinking about passing similar laws by 2026.

The European Union is also working on a plan called ProtectEU, which aims to give authorities more power to access private data. Outside of Europe, the US state of Florida is considering a rule that would make social media apps used by children include encryption backdoors.

Switzerland, a country known for its strong privacy laws, may also change its rules and allow more surveillance. Apple has already removed end-to-end encryption for its iCloud service in the UK under pressure from the government.

Telegram, however, continues to stand its ground. The company says that if it must choose between following such rules or keeping users safe, it will walk away from that market — no matter the cost.

Ethical Hacking: The Cyber Shield Organizations Need



 

WhiteHat

Compliance Cyber Security Encryption EthicalHacking Firewalls PenTesting Ransomware Vulnerabilities WhiteHat

Ethical Hacking: The Cyber Shield Organizations Need

Ethical hacking may sound paradoxical, but it’s one of the most vital tools in modern cyber defence. Known as white hat hackers, these professionals are hired by companies to simulate cyberattacks, uncover vulnerabilities, and help fix them before malicious actors can strike.

“Ethical hackers mimic real-world threats to identify and patch security flaws. It’s about staying a step ahead of the bad guys,” says a cybersecurity expert.

As cyber threats surge globally, ethical hackers are in high demand. A recent Check Point Software report revealed a staggering 44% rise in global cyberattacks. From ransomware gangs to state-sponsored intrusions, the risks are growing—and the need for skilled defenders is greater than ever.

The ethical hacking process begins with reconnaissance—mapping a company’s digital infrastructure. Next comes scanning and vulnerability testing, using the same techniques as criminal hackers. Once issues are identified, they’re reported, not exploited. Some ethical hackers work independently, participating in bug bounty programs for companies like Google and Microsoft.

Industries like finance, healthcare, and tech—where sensitive data is a prime target—rely heavily on ethical hackers. Their techniques include penetration testing, system and network hacking, internal assessments, and web application testing.

In 2019, a team at Positive Technologies uncovered a Visa card flaw that could’ve allowed contactless payments to exceed set limits—just one example of ethical hacking saving the day.

Penetration testing simulates real breaches, such as injecting code, overloading systems, or intercepting data. System hacking targets devices with tools to crack passwords or exploit system weaknesses. Internal testing flags human errors, like weak credentials or poor security training. Web app testing scans for issues like XSS or SQL injections before launch. Network hacking exposes flaws in protocols, open ports, or wireless vulnerabilities.

The biggest advantage? Ethical hackers reveal blind spots that internal teams might miss. They prevent data breaches, build customer trust, and ensure compliance with regulatory standards—saving organizations from reputational and financial harm.

“Finding flaws isn’t enough. Ethical hackers offer the roadmap to fix them—fast,” a security analyst shares.

With the right skills, anyone can break into this field—often with significant rewards. Major companies offer million-dollar payouts through bug bounty programs. Many ethical hackers hold certifications like CEH, OSCP, or CySA+, with backgrounds ranging from military service to degrees in computer science.

The term “hacker” doesn’t always mean trouble. Ethical hackers use the same tools as their criminal counterparts—but to protect, not exploit. In today’s digital battlefield, they’re the unsung heroes safeguarding the future.

Google Rolls Out Simplified End-to-End Encryption for Gmail Enterprise Users



 

Workspace

Beta Enterprise Compliance CSE Cybersecurity Encryption Gmail Privacy S/MIME Security Workspace

Google Rolls Out Simplified End-to-End Encryption for Gmail Enterprise Users

Google has begun the phased rollout of a new end-to-end encryption (E2EE) system for Gmail enterprise users, simplifying the process of sending encrypted emails across different platforms.

While businesses could previously adopt the S/MIME (Secure/Multipurpose Internet Mail Extensions) protocol for encrypted communication, it involved a resource-intensive setup — including issuing and managing certificates for all users and exchanging them before messages could be sent.

With the introduction of Gmail’s enhanced E2EE model, Google says users can now send encrypted emails to anyone, regardless of their email service, without needing to handle complex certificate configurations.

"This capability, requiring minimal efforts for both IT teams and end users, abstracts away the traditional IT complexity and substandard user experiences of existing solutions, while preserving enhanced data sovereignty, privacy, and security controls," Google said today.

The rollout starts in beta with support for encrypted messages sent within the same organization. In the coming weeks, users will be able to send encrypted emails to any Gmail inbox — and eventually to any email address, Google added.

"We're rolling this out in a phased approach, starting today, in beta, with the ability to send E2EE emails to Gmail users in your own organization. In the coming weeks, users will be able to send E2EE emails to any Gmail inbox, and, later this year, to any email inbox."

To compose an encrypted message, users can simply toggle the “Additional encryption” option while drafting their email. If the recipient is a Gmail user with either an enterprise or personal account, the message will decrypt automatically.

For users on the Gmail mobile app or non-Gmail email services, a secure link will redirect them to view the encrypted message in a restricted version of Gmail. These recipients can log in using a guest Google Workspace account to read and respond securely.

If the recipient already has S/MIME enabled, Gmail will continue to use that protocol automatically for encryption — just as it does today.

The new encryption capability is powered by Gmail's client-side encryption (CSE), a Workspace control that allows organizations to manage their own encryption keys outside of Google’s infrastructure. This ensures sensitive messages and attachments are encrypted locally on the client device before being sent to the cloud.

The approach supports compliance with various regulatory frameworks, including data sovereignty, HIPAA, and export control policies, by ensuring that encrypted content is inaccessible to both Google and any external entities.

Gmail’s CSE feature has been available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers since February 2023. It was initially introduced in beta for Gmail on the web in December 2022, following earlier launches across Google Drive, Docs, Sheets, Slides, Meet, and Calendar.

Fake Zoom Download Sites Spreading BlackSuit Ransomware, Experts Warn



 

Zoom

BlackSuit Cyberattack Encryption malware phishing Ransomware Zoom

Fake Zoom Download Sites Spreading BlackSuit Ransomware, Experts Warn

A new cyberattack campaign is targeting Zoom users by disguising ransomware as the popular video conferencing tool, according to Cybernews. Researchers from DFIR have uncovered a scheme by the BlackSuit ransomware gang, which uses deceptive websites to distribute malicious software.

Instead of downloading Zoom from the official site, unsuspecting users are being lured to fraudulent platforms that closely mimic the real thing. One such site, zoommanager[.]com, tricks users into installing malware. Once downloaded, the BlackSuit ransomware remains dormant for several days before launching its full attack.

The malware first scrapes and encrypts sensitive personal and financial data. Then, victims are presented with a ransom demand to regain access to their files.

BlackSuit has a history of targeting critical infrastructure, including schools, hospitals, law enforcement, and public service systems. The ransomware begins by downloading a malicious loader, which can bypass security tools and even disable Windows Defender.

Researchers found that the malware connects to a Steam Community page to fetch the next-stage server, downloading both the legitimate Zoom installer and malicious payload. It then injects itself into a MSBuild executable, staying inactive for eight days before initiating further actions.

On day nine, it executes Windows Commands to collect system data and deploys Cobalt Strike, a common hacker tool for lateral movement across networks. The malware also installs QDoor, allowing remote access through a domain controller. The final phase involves compressing and downloading key data before spreading the ransomware across all connected Windows systems. Victims’ files are locked with a password, and a ransom note is left behind.

Cybersecurity experts stress the importance of downloading software only from official sources. The genuine Zoom download page is located at zoom[.]us/download, which is significantly different from the deceptive site mentioned earlier.

"Zoom isn't nearly as popular with hackers now as it was a few years ago but given how widely used the service is, it's an easy way to target unsuspecting users online."

To protect against these kinds of attacks, users should remain vigilant about phishing tactics, use reputable antivirus software, and ensure it stays updated. Many modern antivirus tools now offer VPNs, password managers, and multi-device protection, adding extra layers of security.

"As well as making sure you're always downloading software from the correct source, make sure you are aware of common phishing techniques and tricks so you can recognize them when you see them."

It’s also recommended to manually navigate to software websites instead of clicking links in emails or search results, reducing the risk of accidentally landing on malicious clones.

Encryption Under Siege: A New Wave of Attacks Intensifies



 

Government surveillance

Cyber Security Data Privacy Digital Security Encryption End-to-End Encryption Government surveillance

Encryption Under Siege: A New Wave of Attacks Intensifies

Over the past decade, encrypted communication has become a standard for billions worldwide. Platforms like Signal, iMessage, and WhatsApp use default end-to-end encryption, ensuring user privacy. Despite widespread adoption, governments continue pushing for greater access, threatening encryption’s integrity.

Recently, authorities in the UK, France, and Sweden have introduced policies that could weaken encryption, adding to EU and Indian regulatory measures that challenge privacy. Meanwhile, US intelligence agencies, previously critical of encryption, now advocate for its use after major cybersecurity breaches. The shift follows an incident where the China-backed hacking group Salt Typhoon infiltrated US telecom networks. Simultaneously, the second Trump administration is expanding surveillance of undocumented migrants and reassessing intelligence-sharing agreements.

“The trend is bleak,” says Carmela Troncoso, privacy and cryptography researcher at the Max-Planck Institute for Security and Privacy. “New policies are emerging that undermine encryption.”

Law enforcement argues encryption obstructs criminal investigations, leading governments to demand backdoor access to encrypted platforms. Experts warn such access could be exploited by malicious actors, jeopardizing security. Apple, for example, recently withdrew its encrypted iCloud backup system from the UK after receiving a secret government order. The company’s compliance would require creating a backdoor, a move expected to be challenged in court on March 14. Similarly, Sweden is considering laws requiring messaging services like Signal and WhatsApp to retain message copies for law enforcement access, prompting Signal to threaten market exit.

“Some democracies are reverting to crude approaches to circumvent encryption,” says Callum Voge, director of governmental affairs at the Internet Society.

A growing concern is client-side scanning, a technology that scans messages on users’ devices before encryption. While presented as a compromise, experts argue it introduces vulnerabilities. The EU has debated its implementation for years, with some member states advocating stronger encryption while others push for increased surveillance. Apple abandoned a similar initiative after warning that scanning for one type of content could pave the way for mass surveillance.

“Europe is divided, with some countries strongly in favor of scanning and others strongly against it,” says Voge.

Another pressing threat is the potential banning of encrypted services. Russia blocked Signal in 2024, while India’s legal battle with WhatsApp could force the platform to abandon encryption or exit the market. The country has already prohibited multiple VPN services, further limiting digital privacy options.

Despite mounting threats, pro-encryption responses have emerged. The US Cybersecurity and Infrastructure Security Agency and the FBI have urged encrypted communication use following recent cybersecurity breaches. Sweden’s armed forces also endorse Signal for unclassified communications, recognizing its security benefits.

With the UK’s March 14 legal proceedings over Apple’s backdoor request approaching, US senators and privacy organizations are demanding greater transparency. UK civil rights groups are challenging the confidential nature of such surveillance orders.

“The UK government may have come for Apple today, but tomorrow it could be Google, Microsoft, or even your VPN provider,” warns Privacy International.

Encryption remains fundamental to human rights, safeguarding free speech, secure communication, and data privacy. “Encryption is crucial because it enables a full spectrum of human rights,” says Namrata Maheshwari of Access Now. “It supports privacy, freedom of expression, organization, and association.”

As governments push for greater surveillance, the fight for encryption and privacy continues, shaping the future of digital security worldwide.

Thousands of iOS Apps Expose Sensitive Data Through Hardcoded Secrets, Researchers Warn



 

iOS

API Keys App security cloud storage Cybersecurity Data Breach Data Leak Encryption Hardcoded Secrets iOS

Thousands of iOS Apps Expose Sensitive Data Through Hardcoded Secrets, Researchers Warn

Cybersecurity researchers have uncovered alarming vulnerabilities in thousands of iOS applications, revealing that hardcoded secrets in their code have put users' sensitive information at risk.

A recent analysis by Cybernews examined over 156,000 iOS apps and detected more than 815,000 hardcoded secrets—some of which are highly sensitive and could potentially lead to security breaches or data leaks.

The term "secret" broadly refers to sensitive credentials like API keys, passwords, and encryption keys. These are often embedded directly into an app’s source code for convenience during development, but developers sometimes fail to remove them before release. According to Cybernews, the average iOS app exposes 5.2 secrets, and 71% of apps contain at least one leaked credential.

While some of these hardcoded secrets pose minimal risk, the report highlights serious threats. Researchers identified over 83,000 cloud storage endpoints, with 836 exposed without authentication, potentially leaking more than 400TB of data. Additionally, 51,000 Firebase endpoints were discovered, thousands of which were accessible to outsiders. Other exposed credentials include API keys for platforms like Fabric API, Live Branch, and MobApp Creator.

Among the most critical findings were 19 hardcoded Stripe secret keys, which directly control financial transactions. Cybernews researchers emphasized the severity of this issue, stating: “Stripe is widely used by e-commerce and even fintech companies to handle online payments.”

This vulnerability could allow cybercriminals to manipulate transactions or gain unauthorized access to payment infrastructure.

The findings challenge the common belief that iOS apps offer stronger security compared to other platforms.

“Many people believe that iOS apps are more secure and less likely to contain malware. However, our research shows that many apps in the ecosystem contain easily accessible hardcoded credentials. We followed the trail and found open databases with personal data and accessible infrastructure,” said Aras Nazarovas, a security researcher at Cybernews.

This study underscores the importance of secure coding practices and urges developers to adopt better security protocols to prevent data breaches and unauthorized access.

Hawcx Aims to Solve Passkey Challenges with Passwordless Authentication



 

Technology

Authentication Cybersecurity Digital Identity Encryption Passkeys Passwordless Technology

Hawcx Aims to Solve Passkey Challenges with Passwordless Authentication

Passwords remain a staple of online security, despite their vulnerabilities. According to Verizon, nearly one-third of all reported data breaches in the past decade resulted from stolen credentials, including some of the largest cyberattacks in history.

In response, the tech industry has championed passkeys as a superior alternative to passwords. Over 15 billion accounts now support passkey technology, with major companies such as Amazon, Apple, Google, and Microsoft driving adoption.

However, widespread adoption remains sluggish due to concerns about portability and usability. Many users find passkeys cumbersome, particularly when managing access across multiple devices.

Cybersecurity startup Hawcx is addressing these passkey limitations with its innovative authentication technology. By eliminating key storage and transmission issues, Hawcx enhances security while improving usability.

Users often struggle with passkey setup and access across devices, leading to account lockouts and costly recovery—a significant challenge for businesses. As Dan Goodin of Ars Technica highlights, while passkeys offer enhanced security, their complexity can introduce operational inefficiencies at scale.

Hawcx, founded in 2023 by Riya Shanmugam (formerly of Adobe, Google, and New Relic), along with Selva Kumaraswamy and Ravi Ramaraju, offers a platform-agnostic solution. Developers can integrate its passwordless authentication by adding just five lines of code.

Unlike traditional passkeys, Hawcx does not store or transmit private keys. Instead, it cryptographically generates private keys each time a user logs in. This method ensures compatibility with older devices that lack modern hardware for passkey support.

“We are not reinventing the wheel fundamentally in most of the processes we have built,” Shanmugam told TechCrunch.

If a user switches devices, Hawcx’s system verifies authenticity before granting access, without storing additional private keys on the new device or in the cloud. This approach differs from standard passkeys, which require syncing private keys across devices or through cloud services.

“No one is challenging beyond the foundation,” Shanmugam said. “What we are challenging is the foundation itself. We are not building on top of what passkeys as a protocol provides. We are saying this protocol comes with an insane amount of limitations for users, enterprises, and developers, and we can make it better.”

Although Hawcx has filed patents, its technology has yet to be widely deployed or independently validated—factors that could influence industry trust. However, the company recently secured $3 million in pre-seed funding from Engineering Capital and Boldcap to accelerate development and market entry.

Shanmugam revealed that Hawcx is in talks with major banks and gaming companies for pilot programs set to launch in the coming weeks. These trials, expected to run for three to six months, will help refine the technology before broader implementation. Additionally, the startup is working with cryptography experts from Stanford University to validate its approach.

“As we are rolling out passkeys, the adoption is low. It’s clear to me that as good as passkeys are and they have solved the security problem, the usability problem still remains,” Tushar Phondge, director of consumer identity at ADP, told TechCrunch.

ADP plans to pilot Hawcx’s solution to assess its effectiveness in addressing passkey-related challenges, such as device dependency and system lockups.

Looking ahead, Hawcx aims to expand its authentication platform by integrating additional security services, including document verification, live video authentication, and background checks.

Frances Proposes Law Requiring Tech Companies to Provide Encrypted Data



 

AI Backdoor Data Encryption Pegasus Spyware Technology WhatsApp

Frances Proposes Law Requiring Tech Companies to Provide Encrypted Data

Law demanding companies to provide encrypted data

New proposals in the French Parliament will mandate tech companies to give decrypted messages, email. If businesses don’t comply, heavy fines will be imposed.

France has proposed a law requiring end-to-end encryption messaging apps like WhatsApp and Signal, and encrypted email services like Proton Mail to give law enforcement agencies access to decrypted data on demand.

The move comes after France’s proposed “Narcotraffic” bill, asking tech companies to hand over encrypted chats of suspected criminals within 72 hours.

The law has stirred debates in the tech community and civil society groups because it may lead to building of “backdoors” in encrypted devices that can be abused by threat actors and state-sponsored criminals.

Individuals failing to comply will face fines of €1.5m and companies may lose up to 2% of their annual world turnover in case they are not able to hand over encrypted communications to the government.

Criminals will exploit backdoors

Few experts believe it is not possible to bring backdoors into encrypted communications without weakening their security.

According to Computer Weekly’s report, Matthias Pfau, CEO of Tuta Mail, a German encrypted mail provider, said, “A backdoor for the good guys only is a dangerous illusion. Weakening encryption for law enforcement inevitably creates vulnerabilities that can – and will – be exploited by cyber criminals and hostile foreign actors. This law would not just target criminals, it would destroy security for everyone.”

Researchers stress that the French proposals aren’t technically sound without “fundamentally weakening the security of messaging and email services.” Similar to the “Online Safety Act” in the UK, the proposed French law exposes a serious misunderstanding of the practical achievements with end-to-end encrypted systems. Experts believe “there are no safe backdoors into encrypted services.”

Use of spyware may be allowed

The law will allow using infamous spywares such as NSO Group’s Pegasus or Pragon that will enable officials to remotely surveil devices. “Tuta Mail has warned that if the proposals are passed, it would put France in conflict with European Union laws, and German IT security laws, including the IT Security Act and Germany’s Telecommunications Act (TKG) which require companies to secure their customer’s data,” reports Computer Weekly.

Protect Your Security Cameras from Hackers with These Simple Steps



 

Security Cameras

Encryption Hackers Passwords Privacy Security Cameras

Protect Your Security Cameras from Hackers with These Simple Steps

Security cameras are meant to keep us safe, but they can also become targets for hackers. If cybercriminals gain access, they can spy on you or tamper with your footage. To prevent this, follow these straightforward tips to ensure your security cameras remain under your control.

1. Avoid Cheap or Second-Hand Cameras

While it might be tempting to buy an inexpensive or used security camera, doing so can put your privacy at risk. Unknown brands or knockoffs may have weak security features, making them easier to hack. Used cameras, even if reset, could still contain old software vulnerabilities or even hidden malware. Always choose reputable brands with good security records.

2. Choose Cameras with Strong Encryption

Encryption ensures that your video data is protected from unauthorized access. Look for brands that offer end-to-end encryption, which keeps your footage secure even if intercepted. Some brands, like Ring and Arlo, provide full encryption options, while others offer partial protection. The more encryption a company provides, the better your data is protected.

3. Research Security Reputation Before Buying

Before purchasing a camera, check if the company has a history of data breaches or security flaws. Some brands have had incidents where hackers accessed user data, so it’s essential to choose a manufacturer with a strong commitment to cybersecurity. Look for companies that use offline storage or advanced security features to minimize risks.

4. Strengthen Your Wi-Fi and App Passwords

A weak Wi-Fi password can allow hackers to access all connected devices in your home, including security cameras. Always use a strong, unique password for both your Wi-Fi network and camera app. Enable encryption on your router, activate built-in firewalls, and consider using a virtual private network (VPN) for extra protection. If you experience life changes like moving or breaking up with a partner, update your passwords to prevent unauthorized access.

5. Keep Your Camera Software Updated

Security camera companies regularly release updates to fix vulnerabilities and improve protection. If your camera has an option for automatic updates, turn it on. If not, make sure to check for updates manually through your camera app to ensure your system has the latest security patches.

6. Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security by requiring a second verification step, such as a text message or email code, before logging in. This prevents unauthorized users from accessing your camera, even if they have your password.

Modern security cameras are much safer than before, thanks to improved encryption and security features. Most hacking attempts happen when users fail to secure their accounts or choose unreliable brands. However, there is still a risk if the camera company itself experiences a data breach. To minimize exposure, consider cameras with local storage or privacy covers for indoor models.

Who Tries to Hack Security Cameras?

In most cases, security cameras are not hacked by strangers. Instead, unauthorized access usually comes from people you know, such as an ex-partner or family member who already has login details. Occasionally, unethical employees at security companies have been caught misusing access. Ensuring strong passwords, encryption, and additional security measures can help prevent these issues.

By following these simple steps, you can keep your security cameras safe from hackers and ensure your home remains private and secure.

RSA Encryption Breached by Quantum Computing Advancement



 

Technology

Cryptographic CyberCrime Cybersecurity CyberThreat Encryption Quantum computing RSA Technology

RSA Encryption Breached by Quantum Computing Advancement

A large proportion of the modern digital world involves everyday transactions taking place on the internet, from simple purchases to the exchange of highly sensitive corporate data that is highly confidential. In this era of rapid technological advancement, quantum computing is both perceived as a transformative opportunity and a potential security threat.

Quantum computing has been generating considerable attention in recent years, but as far as the 2048-bit RSA standard is concerned, it defies any threat these advances pose to the existing encryption standards that have been in use for decades. Several cybersecurity experts have expressed concern about quantum technologies potentially compromising military-grade encryption because of the widespread rumours.

However, these developments have not yet threatened robust encryption protocols like AES and TLS, nor do they threaten high-security encryption protocols like SLA or PKI. In addition to being a profound advancement over classical computing, quantum computing utilizes quantum mechanics principles to produce computations that are far superior to classical computation.

Despite the inherent complexity of this technology, it has the potential to revolutionize fields such as pharmaceutical research, manufacturing, financial modelling, and cybersecurity by bringing enormous benefits. The quantum computer is a device that combines the unique properties of subatomic particles with the ability to perform high-speed calculations and is expected to revolutionize the way problems are solved across a wide range of industries by exploiting their unique properties.

Although quantum-resistant encryption has been the focus of much attention lately, ongoing research is still essential if we are to ensure the long-term security of our data. As a major milestone in this field occurred in 2024, researchers reported that they were able to successfully compromise RSA encryption, a widely used cryptography system, with a quantum computer.

To ensure the security of sensitive information transferred over digital networks, data encryption is an essential safeguard. It converts the plaintext into an unintelligible format that can only be decrypted with the help of a cryptographic key that is designated by the sender of the encrypted data. It is a mathematical value which is known to both the sender and the recipient but it is only known to them. This set of mathematical values ensures that only authorized parties can access the original information.

To be able to function, cryptographic key pairs must be generated, containing both a public key and a private key. Plaintext is encrypted using the public key, which in turn encrypts it into ciphertext and is only decryptable with the corresponding private key. The primary principle of RSA encryption is that it is computationally challenging to factor large composite numbers, which are formed by multiplying two large prime numbers by two.

Therefore, RSA encryption is considered highly secure. As an example, let us consider the composite number that is released when two 300-digit prime numbers are multiplied together, resulting in a number with a 600-digit component, and whose factorization would require a very long period if it were to be done by classical computing, which could extend longer than the estimated lifespan of the universe.

Despite the inherent complexity of the RSA encryption standard, this standard has proven to be extremely resilient when it comes to securing digital communications. Nevertheless, the advent of quantum computing presents a formidable challenge to this system. A quantum computer has the capability of factoring large numbers exponentially faster than classical computers through Shor's algorithm, which utilizes quantum superposition to perform multiple calculations at once, which facilitates the simultaneous execution of many calculations at the same time.

Among the key components of this process is the implementation of the Quantum Fourier Transform (QFT), which extracts critical periodic values that are pertinent to refining the factorization process through the extraction of periodic values. Theoretically, a quantum computer capable of processing large integers could be able to break down the RSA encryption into smaller chunks of data within a matter of hours or perhaps minutes, effectively rendering the security of the encryption susceptible.

As quantum computing advances, the security implications for cryptographic systems such as RSA are under increasing threat, necessitating that quantum-resistant encryption methodologies must be developed. There is a significant threat posed by quantum computers being able to decrypt such encryption mechanisms, and this could pose a substantial challenge to current cybersecurity frameworks, underscoring the importance of continuing to improve quantum-resistant cryptographic methods.

The classical computing system uses binary bits for the representation of data, which are either zero or one digits. Quantum computers on the other hand use quantum bits, also called qubits, which are capable of occupying multiple states at the same time as a result of the superposition principle. As a result of this fundamental distinction, quantum computers can perform highly complex computations much faster than classical machines, which are capable of performing highly complex computations.

As an example of the magnitude of this progress, Google reported a complex calculation that it successfully performed within a matter of seconds on its quantum processor, whereas conventional computing technology would have taken approximately 10,000 years to accomplish. Among the various domains in which quantum computing can be applied, a significant advantage can be seen when it comes to rapidly processing vast datasets, such as the artificial intelligence and machine learning space.

As a result of this computational power, there are also cybersecurity concerns, as it may undermine existing encryption protocols by enabling the decryption of secure data at an unprecedented rate, which would undermine existing encryption protocols. As a result of quantum computing, it is now possible for long-established cryptographic systems to be compromised by quantum computers, raising serious concerns about the future security of the internet. However, there are several important caveats to the recent study conducted by Chinese researchers which should be taken into account.

In the experiment, RSA encryption keys were used based on a 50-bit integer, which is considerably smaller and less complex than the encryption standards used today in security protocols that are far more sophisticated. RSA encryption is a method of encrypting data that relies on the mathematical difficulty of factoring large prime numbers or integers—complete numbers that cannot be divided into smaller fractions by factors.

To increase the security of the encryption, the process is exponentially more complicated with larger integers, resulting in a greater degree of complexity. Although the study by Shanghai University proved that 50-bit integers can be decrypted successfully, as Ron Rivest, Adi Shamir, and Leonard Adleman have stressed to me, this achievement has no bearing on breaking the 2048-bit encryption commonly used in current RSA implementations. This achievement, however, is far from achieving any breakthrough in RSA. As a proof of concept, the experiment serves rather as a potential threat to global cybersecurity rather than as an immediate threat.

It was demonstrated in the study that quantum computers are capable of decrypting relatively simple RSA encryption keys, however, they are unable to crack the more robust encryption protocols that are currently used to protect sensitive digital communications. The RSA algorithm, as highlighted by RSA Security, is the basis for all encryption frameworks across the World Wide Web, which means that almost all internet users have a vested interest in whether or not these cryptographic protections remain reliable for as long as possible. Even though this experiment does not signal an imminent crisis, it certainly emphasizes the importance of continuing to be vigilant as quantum computing technology advances in the future.

Report: Telegram Crypto Scammers Adopt More Sophisticated Tactics



 

Crypto scams Cyber Fraud Encryption malware scams phishing tactics Telegram

Report: Telegram Crypto Scammers Adopt More Sophisticated Tactics

Telegram, a popular communications app known for encrypted messaging and calls, has become a prime target for sophisticated malware scams, according to the Web3-focused Scam Sniffer account on X. Sharing data on the platform, Scam Sniffer revealed that scammers on Telegram are now deploying malware instead of traditional phishing tactics.

The app, often considered an alternative to WhatsApp and Signal, offers privacy through encryption, making it attractive for both legitimate users and scammers. Previously, cryptocurrency scams on Telegram relied heavily on phishing techniques involving spoofed web pages and social engineering to extract sensitive information or access to crypto wallets.

However, the latest scam wave employs deceptive tools like fake verification bots, scam trading groups, and so-called “exclusive alpha groups,” as noted by Scam Sniffer. Victims are tricked into installing malware disguised as verification tools. Once installed, the malware can access passwords, wallets, clipboard data, and even browser information, leaving victims highly vulnerable.

Scammers have shifted to malware schemes partly because users are now more aware of traditional phishing tactics. Scam Sniffer pointed out that these new approaches make it harder to trace the source of the scams. The rise in cryptocurrency scams has been dramatic, with data showing over 2000% growth in dedicated scam groups. Bitcoin's soaring value, surpassing $100,000, has made cryptocurrency users more frequent targets.

Telegram has actively banned accounts involved in these scams, but managing the volume of malicious actors remains challenging. The website “Web3 is Going Great,” which tracks Web3-related scams, reports $7.84 million in losses from scams and hacks so far this year.

Bitcoin Security Concerns Amid Quantum Computing Advancements



 

Quantum computing

Bitcoin Bitcoin Vulnerability Blockchain Blockchain Technology Computing Cryptography Cyber Secuirty Encryption Quantum computing

Bitcoin Security Concerns Amid Quantum Computing Advancements

Chamath Palihapitiya, CEO of Social Capital, has raised alarms over Bitcoin’s future security, cautioning that its SHA-256 encryption may become vulnerable within the next two to five years. Speaking on the All-In Podcast, he highlighted rapid advancements in quantum computing, particularly Google’s unveiling of the Willow quantum chip featuring 105 qubits. Palihapitiya estimates that 8,000 such chips could potentially breach SHA-256 encryption, underscoring the pressing need for blockchain networks to adapt.

Quantum Computing's Impact on Cryptography

While acknowledging the infancy of quantum computing, Palihapitiya pointed to Google’s Willow chip as a pivotal development that could accelerate breakthroughs in cryptography. Despite scalability challenges, he remains optimistic that the cryptocurrency sector will evolve to develop quantum-resistant encryption methods.

Not all experts share his concerns, however. Ki Young Ju, founder of CryptoQuant, has expressed confidence that Bitcoin’s encryption is unlikely to face quantum threats within this decade.

Satoshi Nakamoto’s Early Solutions

Bitcoin’s pseudonymous creator, Satoshi Nakamoto, had anticipated such scenarios. In 2010, Satoshi proposed that the Bitcoin community could agree on the last valid blockchain snapshot and transition to a new cryptographic framework if SHA-256 were compromised. However, these early solutions are not without controversy.

Emin Gün Sirer, founder of Avalanche, has warned that some of Satoshi’s early-mined coins used an outdated Pay-To-Public-Key (P2PK) format, which exposes public keys and increases the risk of exploitation. Sirer suggested the Bitcoin community should consider freezing these coins or setting a sunset date for outdated transactions to mitigate risks.

Recent advancements in quantum computing, including Google’s Willow chip, briefly unsettled the cryptocurrency market. A sudden wave of liquidations resulted in $1.6 billion being wiped out within 24 hours. However, Bitcoin demonstrated resilience, reclaiming the $100,000 resistance level and achieving a 4.6% weekly gain.

Proactive Measures for Long-Term Security

Experts widely agree that proactive steps, such as transitioning to quantum-resistant cryptographic frameworks, will be essential for ensuring Bitcoin’s long-term security. As the quantum era approaches, collaboration and innovation within the cryptocurrency community will be pivotal in maintaining its robustness against emerging threats.

The ongoing advancements in quantum computing present both challenges and opportunities. While they highlight vulnerabilities in existing systems, they also drive the cryptocurrency sector toward innovative solutions that will likely define the next chapter in its evolution.

Google's Quantum Computing Leap: Introducing the "Willow" Chip



 

Technology

Encryption Google Oxford University Quantum computing Technology

Google's Quantum Computing Leap: Introducing the "Willow" Chip

Google has made a significant stride in quantum computing with the announcement of its latest chip, named "Willow." According to Google, this advanced chip can solve problems in just five minutes that would take the most powerful supercomputers on Earth an astonishing 10 septillion years to complete. This breakthrough underscores the immense potential of quantum computing, a field that seeks to harness the mysterious and powerful principles of quantum mechanics.

What is Quantum Computing?

Quantum computing represents a revolutionary leap in technology, distinct from traditional computing. While classical computers use "bits" to represent either 0 or 1, quantum computers use "qubits," which can represent multiple states simultaneously. This phenomenon, known as superposition, arises from quantum mechanics—a branch of physics studying the behavior of particles at extremely small scales. These principles allow quantum computers to process massive amounts of information simultaneously, solving problems that are far beyond the reach of even the most advanced classical computers.

Key Achievements of Willow

Google's Willow chip has tackled one of the most significant challenges in quantum computing: error rates. Typically, increasing the number of qubits in a quantum system leads to higher chances of errors, making it difficult to scale up quantum computers. However, Willow has achieved a reduction in error rates across the entire system, even as the number of qubits increases. This makes it a more efficient and reliable product than earlier models.

That said, Google acknowledges that Willow remains an experimental device. Scalable quantum computers capable of solving problems far beyond the reach of current supercomputers are likely years away, requiring many additional advancements.

Applications and Risks of Quantum Computing

Quantum computers hold the promise of solving problems that are impossible for classical computers, such as:

Designing better medicines and more efficient batteries.
Optimizing energy systems for greater efficiency.
Simulating complex systems, like nuclear fusion reactions, to accelerate clean energy development.

However, this power also comes with risks. For example, quantum computers could potentially "break" existing encryption methods, jeopardizing sensitive information. In response, companies like Apple are already developing "quantum-proof" encryption to counter future threats.

Global Efforts in Quantum Computing

Google's Willow chip was developed in a cutting-edge facility in California, but the race for quantum supremacy is global:

The UK has established a National Quantum Computing Centre to support research and development.
Japan and researchers at Oxford University are exploring alternative methods, such as room-temperature quantum computing.

These international efforts reflect intense competition to lead this transformative technology.

A Step Towards the Future

Experts describe Willow as an important milestone rather than a definitive breakthrough. While it is a game-changing chip, challenges such as further reductions in error rates remain before quantum computers see widespread practical use. Nevertheless, Google’s advancements have brought the world closer to a future where quantum computing can revolutionize industries and solve some of humanity’s most complex challenges.

This remarkable progress highlights the vast potential of quantum computing while reminding us of the responsibility to use its power wisely.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

About Me

Showing result(s) for

Popular Posts

Pages

Menu Item

Law demanding companies to provide encrypted data

Criminals will exploit backdoors

Use of spyware may be allowed

Quantum Computing's Impact on Cryptography

Satoshi Nakamoto’s Early Solutions

Proactive Measures for Long-Term Security

What is Quantum Computing?

Key Achievements of Willow

Applications and Risks of Quantum Computing

Global Efforts in Quantum Computing

A Step Towards the Future