Stolen Keys Let Attacker Mint 300M H Tokens on BSC
The attack on Humanity Protocol’s H token was not a smart contract exploit at all. Instead, it served as a painful reminder of one of crypto’s oldest problems: lose control of your private keys,...
Information Security News Blog
-
-
Novo Nordisk Cyberattack: Clinical Trial Data Breach
Novo Nordisk recently fell victim to a sophisticated cyberattack. Consequently, this incident compromised a segment of patient data from clinical trials. Fortunately, the company asserted that names and direct identifiers remained unexposed. Therefore, unauthorized...
-
SQL Server 2025 AI Features Enable Data Exfiltration
Databases have long evolved beyond mere tabular repositories. However, new functionalities within SQL Server 2025 illustrate the inherent dangers of this progression. Recently, SpecterOps researchers discovered significant vulnerabilities. They detailed how attackers can abuse...
Firefox 152 Adds Tab Mute Shortcut and JPEG XL
Firefox 152 arrives after an unusually busy month for its predecessor. Firefox 151 received no fewer than four minor patches in quick succession, and this new release focuses on making the browser more convenient...
OptinMonster Supply Chain Attack Hits 1.2M Sites
Popular WordPress plugins have found themselves at the center of a supply chain attack, where the products themselves were not compromised directly. Instead, attackers targeted the infrastructure responsible for distributing them. Three plugins from...
Payroll Pirate Hijacks Sessions to Steal Paychecks
Payroll systems rarely attract attention until a single edited bank detail quietly turns a routine paycheck into a direct transfer to criminals. Researchers at BushidoToken Threat Intel have detailed a new financially motivated campaign...
Velvet Ant Hid in Air-Gapped Network for 10 Years
An air-gapped network offers no guarantee of safety when adversaries are willing to spend years probing for a way in. Researchers at Sygnia have released the full details of Operation Highland, a campaign in...
CVE-2026-46316: KVM arm64 Guest Escapes to Host
Security researcher Hyeonwoo Kim has disclosed a vulnerability named ITScape that disrupted behavior within KVM on arm64 and allowed a guest virtual machine to break out onto its host system. Critical Severity in the...
phpBB Authentication Bypass Fixed in Version 3.3.17
Old internet forums may no longer sit at the center of digital life, but many continue to hold private messages, restricted sections, and accounts carrying years of personal history. A critical vulnerability discovered in...
AMD Denied $10K Bounty After CVE-2026-40677 Fix
Sometimes finding a vulnerability proves far easier than extracting an honest response from the vendor. That is precisely the experience of security researcher MrBruh, who uncovered a serious flaw in AMD software and ultimately...
152 Chrome Wallpaper Extensions Hid Ad Tracking
Live wallpaper extensions may look like a harmless way to refresh a browser’s appearance, but researchers recently uncovered 152 potentially dangerous extensions lurking in the Chrome Web Store. Disguised as live wallpapers, these add-ons...
Anthropic Mythos Restrictions: White House AI Security Concerns
Access to preeminent artificial intelligence models is increasingly perceived as a critical matter of national security. Furthermore, this trend reflects intensifying global technological rivalries. According to an exclusive report published by Semafor, the White...
Handala’s FBI Drone Hack Claim Doubted by Experts
An Iran-linked hacking group called Handala has claimed it gained access to data from the FBI’s FPV drones, and the group is now threatening participants in the upcoming World Cup. According to a report...
GreatXML BitLocker Bypass: Windows Defender & WinRE Exploit
Full-disk encryption safeguards data only until the recovery environment emerges as a catastrophic weak link. Recently, the infamous cybersecurity researcher, Nightmare Eclipse, unveiled a novel Windows vulnerability. They dubbed this flaw GreatXML. Specifically, this...
Oracle PeopleSoft Zero-Day Exploit: ShinyHunters Attack
The Hidden Threat Within Utility Modules Colossal corporate networks frequently suffer breaches through obscure utility modules. Indeed, these quiet systems harbor valuable employee, student, and client archives for decades. Recently, the notorious ShinyHunters syndicate...
