Researchers Crack Microsoft Azure MFA in an Hour
A critical flaw in the company’s rate limit for failed sign-in attempts allowed unauthorized access to a user account, including…
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI
Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could…
390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is…
Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two…
Digital Certificates With Shorter Lifespans Reduce Security Vulnerabilities
Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight — and hopefully…
Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions
In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial…
Pegasus Spyware Infections Proliferate Across iOS, Android Devices
The notorious spyware from Israel’s NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants…
Veeam Urges Updates After Discovering Critical Vulnerability
The vulnerability affects certain versions of the Veeam Service Provider Console that can only be fixed by updating with the…
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android…
There’s a Weak Spot in Your System, and Threat Actors Are Going to Find It
In today’s hyper-connected world, no system is impervious to vulnerabilities. Threat actors, hackers, cybercriminals, and malicious insiders are constantly on…
