Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern…
The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an…
New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting…
Researchers Crack Microsoft Azure MFA in an Hour
A critical flaw in the company’s rate limit for failed sign-in attempts allowed unauthorized access to a user account, including…
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI
Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could…
390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is…
Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two…
Digital Certificates With Shorter Lifespans Reduce Security Vulnerabilities
Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight — and hopefully…