-
OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ghost APIs are deprecated endpoints left active, exposing systems to attack. Learn how they differ from shadow APIs and why they create hidden security risks
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Android banking trojan linked to Cambodia scam compounds uses forced labour to target users in 21 countries, bypassing security to steal funds.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using GitHub typo-squatting to target developers with malware.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An Adobe Reader zero-day vulnerability is being actively exploited via malicious PDFs, allowing hackers to steal data without user interaction, with no patch available.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
