O-UNC-066 uses vishing and a live phishing kit to trick Microsoft 365 users into enrolling attacker-controlled Entra passkeys ...
Researchers tested 281 free Android VPN apps and found DNS leaks, plaintext traffic, weak tunnels, and flaws across apps with ...
Progress ordered ShareFile customers to shut down their Storage Zone Controllers while it investigates a credible external ...
China-linked Silver Fox deploys the Rust-based MODBEACON RAT through fake software installers, targeting technology, ...
Six U-Boot flaws include four that can crash devices and two that could run code before signature checks; no fixed stable ...
An open WP-SHELLSTORM server exposed tools, logs, and target lists naming 1.4 million sites, with researchers validating ...
A researcher says three patched OpenClaw flaws could enable credential theft, privilege escalation, and host code execution ...
Former ransomware negotiator Angelo Martino gets 70 months for giving victim negotiation data to BlackCat operators and ...
Coinspect confirms $3.1M from 431 wallets drained due to Ill Bloom flaw, affecting crypto wallets from mobile apps built weak ...
Unknown attackers compromised Injective Labs' GitHub repo to publish npm package 1.20.21, which steals wallet private keys ...
FoxIO disclosed XRING, an unpatched XQUIC flaw that lets unauthenticated clients crash HTTP/3 servers with 260 bytes of legal ...
Lumen used Axonius to reconcile 40-plus systems, uncover 60 times more devices, and rebuild exposure management around trusted asset data.