The Gemini AI assistant, integrated into Google Workspace, has unexpectedly proven vulnerable to a novel form of social engineering. By exploiting a particular method of structuring content within emails, malicious actors can deceive the...
Security researchers from GitGuardian and Synacktiv have uncovered a critical vulnerability in Laravel, the widely used PHP framework that powers hundreds of thousands of web applications. The issue stems from the leakage of the...
Fortinet has released critical security updates for FortiWeb, addressing a severe vulnerability that allowed unauthenticated attackers to execute arbitrary SQL queries remotely. The flaw, tracked as CVE-2025-25257, received a CVSS score of 9.6, placing...
NVIDIA has issued a warning about a newly discovered vulnerability in its graphics processing units, dubbed GPUHammer. This attack, rooted in the well-known RowHammer technique, enables malicious actors to corrupt data belonging to other...
A hacker who siphoned $40 million in cryptocurrency from the decentralized exchange GMX has returned nearly the entire haul in exchange for a $5 million payout. The breach ranked among the largest in DeFi...
Cybercriminals have begun leveraging GitHub to disseminate dangerous spyware disguised as a free VPN service. The malicious campaign, uncovered by researchers at Cyfirma, masqueraded as a program called “Free VPN for PC.” Instead of...
One of the world’s largest steel manufacturing conglomerates, the Japanese company Nippon Steel, has reported a large-scale cyberattack during which hackers gained unauthorized access to data belonging to clients, employees, and business partners. The...
Researchers at Huntress have observed active exploitation of a critical vulnerability in Wing FTP Server—a mere day after its public disclosure. The flaw, tracked as CVE-2025-47812, received the highest possible severity rating (CVSS 10.0),...
Jack Dorsey, co-founder of Twitter and head of Block, recently unveiled his latest endeavor—Bitchat, a messaging application envisioned as a fully decentralized communication tool, independent of traditional internet infrastructure. Instead of relying on conventional...
The research laboratory Security Explorations has unveiled the results of a months-long investigation exposing critical vulnerabilities at the core of eSIM technology. The focus of their analysis was a GSMA-certified eUICC card developed by...
McDonald’s hiring system was found to be secured by a password so trivial that even a child might guess it—”123456.” Two elementary vulnerabilities granted access to the personal data of over 64 million job...
Four vulnerabilities within the Bluetooth stack BlueSDK, developed by OpenSynergy and collectively named PerfektBlue, pose a serious security threat to millions of vehicles. These flaws allow remote code execution on targeted devices and potentially...
