Google has released a new security update for the Chrome browser, addressing four vulnerabilities at once. Particular emphasis was placed on a zero-day flaw already observed in active exploitation: CVE-2025-10585, a type confusion error...
Developers of the PureHVNC remote-access trojan have adopted a new level of concealment, brazenly using GitHub to host source code and modules for their malicious toolkit. That is the conclusion of Check Point Research...
Researchers at SySS GmbH have disclosed a critical vulnerability in the Windows Boot Manager dubbed BitPixie. The flaw permits attackers to bypass BitLocker protections and attain full administrative access to a system. At the...
The newly discovered Python trojan XillenStealer, identified by researchers at Cyfirma, poses a grave threat to Windows users. Engineered to harvest system information, stored credentials, and cryptocurrency wallets, it also bundles an array of...
Microsoft, in collaboration with Cloudflare, has carried out a sweeping operation against RaccoonO365, a Phishing-as-a-Service (PhaaS) platform widely exploited to steal Microsoft 365 credentials across the globe. Through coordinated action, 338 domains were seized,...
A Yandex information security specialist has identified and helped eliminate a high-severity vulnerability in the Chromium project code, the foundation of many modern browsers. The flaw could have allowed attackers to execute actions within...
The Yala protocol has suffered a devastating blow to its ecosystem: on September 14, its Bitcoin-backed stablecoin YU collapsed by nearly 80%—plunging from $1 to $0.20—after attackers exploited a vulnerability in the system. The...
Google has confirmed that a bogus account was created in its Law Enforcement Request System (LERS), the portal used by government agencies to request user data. A company spokesperson said: “We discovered a fake...
Experts at Unit 42 have presented an analysis of vulnerabilities associated with the use of large language model–based coding assistants. These tools, integrated into IDEs such as GitHub Copilot, can perform a wide range...
Twenty-two-year-old American Conor Brian Fitzpatrick, better known by his alias Pompompurin, has received a new sentence in the case concerning the creation and administration of the notorious hacking forum BreachForums. An appellate court overturned...
Apple has released supplemental security updates for older iPhone and iPad models, addressing a zero-day vulnerability previously patched in the latest versions of iOS, iPadOS, and macOS. Tracked as CVE-2025-43300, the flaw stems from...
A dangerous worm dubbed Shai-Hulud has been uncovered in the JavaScript ecosystem, infecting at least 187 packages in the NPM repository. What sets it apart is that it not only steals developer credentials but...
