Security researchers at Socket have uncovered a large-scale spam campaign orchestrated through WhatsApp Web, revealing 131 Chrome extensions that are, in essence, variants of a single mass-messaging automation tool. Disguised as legitimate utilities for...
A critical vulnerability in the WatchGuard Fireware operating system allows attackers to execute arbitrary code on affected devices without prior authentication. The flaw impacts VPN services using the IKEv2 protocol, both for mobile user...
Hackers have unleashed a new self-propagating malware dubbed GlassWorm, which first infiltrated the Visual Studio Code extension ecosystem via the OpenVSX marketplace. Researchers at Koi Security found that the worm conceals malicious code using...
Kuba Gretzky originally sought to make the internet a safer place — yet his creation achieved the opposite. In 2017, the Polish programmer developed Evilginx, a tool designed to help Red Team professionals study...
For the first time, the U.S. Department of Homeland Security has formally demanded that OpenAI disclose the identity of a ChatGPT user whose prompts appeared in a child pornography investigation. The warrant—issued to agents...
Across the Asia-Pacific region and Japan, a new breed of cybercrime is taking shape—one where attackers operate as structured business entities, guided by clear strategies and profit-driven motives. According to the CrowdStrike 2025 APJ...
The Japanese company Ryohin Keikaku, owner of the Muji brand, has suspended operations of its online store following a cyberattack on its logistics partner, Askul Corp. According to Ryohin Keikaku, the decision was made...
Developers using the Cursor and Windsurf IDEs are currently exposed to exploitation through at least 94 known vulnerabilities in Chromium and its JavaScript engine, V8. Both environments are built on outdated versions of Electron...
In early 2025, a developer named Jay Gibson (name changed for security reasons) received a chilling notification on his personal iPhone: Apple had warned him that his device had been the target of a...
LinkedInDumper Python 3 script to dump company employees from LinkedIn Voyager API. The results contain firstname, lastname, position (title), location, and a user’s profile link. Only 2 API calls are required to retrieve all...