Jack Dorsey, co-founder of Twitter and head of Block, recently unveiled his latest endeavor—Bitchat, a messaging application envisioned as a fully decentralized communication tool, independent of traditional internet infrastructure. Instead of relying on conventional...
The research laboratory Security Explorations has unveiled the results of a months-long investigation exposing critical vulnerabilities at the core of eSIM technology. The focus of their analysis was a GSMA-certified eUICC card developed by...
McDonald’s hiring system was found to be secured by a password so trivial that even a child might guess it—”123456.” Two elementary vulnerabilities granted access to the personal data of over 64 million job...
Researchers have uncovered a new packer, Ducex, which conceals one of the most formidable mobile malware threats— the Triada Trojan—through advanced encryption and obfuscation techniques. Its analysis in the interactive sandbox environment ANY.RUN reveals...
A lightweight, ergonomic framework for building bug bounty-ready Cybersecurity AIs (CAIs). Why CAI? The cybersecurity landscape is undergoing a dramatic transformation as AI becomes increasingly integrated into security operations. We predict that by 2028, AI-powered...
Experts at SentinelOne have reported the discovery of new traces of activity linked to the ZuRu malware, which specifically targets macOS users. Its primary method of distribution is the impersonation of popular macOS applications—most...
DeviceCodePhishing This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow as soon as the victim opens the phishing link and instantly redirects them to the...
Activision has disabled the Microsoft Store version of Call of Duty: WWII after hackers began exploiting a critical vulnerability that enabled remote access to players’ computers. The affected users were those who installed the...
A Russian blockchain developer has fallen victim to a targeted attack executed through a counterfeit extension within the Cursor AI environment, resulting in the theft of approximately $500,000 worth of cryptocurrency. The incident was...
AMD has disclosed the discovery of a new class of processor vulnerabilities, dubbed Transient Scheduler Attacks (TSA). These attacks exploit speculative side channels arising from specific microarchitectural conditions, potentially leading to the leakage of...
The discovery of a new vulnerability, aptly named Opossum, has cast a shadow over the reliability of secure communications relying on the Transport Layer Security (TLS) protocol. This exploit enables malicious actors to inject...
ChatGPT has once again proven susceptible to unconventional manipulation—this time, the model divulged valid Windows product keys, including one registered to the major financial institution Wells Fargo. The vulnerability was exposed through a peculiar...
Experts at Palo Alto Networks Unit 42 have uncovered a new malicious campaign orchestrated by the threat actor group known as Gold Melody. This group specializes in gaining unauthorized access to corporate systems and...
On the morning of July 9, the decentralized exchange GMX fell victim to a major cyber heist. An unidentified attacker siphoned off over $40 million worth of cryptocurrency from the platform. According to GMX...
Google has introduced a new security configuration on Android, tailored for users vulnerable to targeted cyberattacks. Known as Advanced Protection, this suite of features—once exclusive to individual Google Accounts—is now available at the device...
A researcher at Positive Technologies has uncovered a critical vulnerability in the implementation of the NTFS file system, which enables a local attacker to escalate privileges to SYSTEM by leveraging a specially crafted virtual...
