Censys researchers have detailed a new web-attack technique known as EtherHiding, in which attackers conceal malicious code inside smart contracts on the Binance Smart Chain test network and deliver it through counterfeit CAPTCHA pages....
ASUS continues to patch dangerous flaws in its home routers following a wave of attacks targeting the AiCloud service. The company has released a new firmware version addressing nine vulnerabilities, including a critical authentication...
Cato Networks has unveiled a new attack technique, dubbed HashJack, which conceals malicious AI prompts behind the “#” symbol within legitimate URLs — coercing AI-powered browsers into executing them while remaining invisible to traditional...
The CodeRED alert platform operated by OnSolve and maintained by the risk-management firm Crisis24 has fallen victim to a major cyberattack — an incident that disrupted emergency-notification systems relied upon by government agencies and...
Ordinary mergers and acquisitions are unexpectedly becoming a convenient point of entry for extortionists: operators of the Akira ransomware are infiltrating the networks of large companies through vulnerable SonicWall appliances inherited along with the...
The FBI has reported a surge in fraudulent schemes involving the takeover of financial accounts and warned that such attacks may intensify as the holiday shopping season approaches. According to the agency, more than...
Cybercriminals no longer need to coax ChatGPT or Claude Code into assisting with malware development or data-theft scripts. A whole class of specialized language models now exists expressly for offensive operations. One such system...
RAITrigger The RPC-function RAiForceElevationPromptForCOM from the appinfo.dll library allows SYSTEM coercion. This only works on domain joined systems. It turns out, that this function can be called from any low privileged user (not to spawn a process) but to...
Malicious activity has once again surged within the npm ecosystem. This time, it is the second wave of the Shai-Hulud attack—an operation that mirrors the logic of the September campaign but unfolds with far...
Accumulated failures in Windows 11 version 24H2 have led to situations in which the system, under certain conditions, loses portions of its interface immediately upon the first login after updating. Users encounter vanishing shell...