Hundreds of fake Reddit sites push Lumma Stealer malware
Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading…
Critical zero-days impact premium WordPress real estate plugins
The RealHome theme and the Easy Real Estate plugins for WordPress are vulnerable to two critical severity flaws that allow…
Cloudflare CDN flaw leaks user location data, even through secure chat apps
A security researcher discovered a flaw in Cloudflare's content delivery network (CDN), which could expose a person's general location by simply…
Telegram captcha tricks you into running malicious PowerShell scripts
Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that…
Cisco warns of denial of service flaw with PoC exploit code
Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. [...]
PowerSchool hacker claims they stole data of 62 million students
The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they stole the personal data of…
Conduent confirms cybersecurity incident behind recent outage
American business services giant and government contractor Conduent confirmed today that a recent outage resulted from what it described as…
IPany VPN breached in supply-chain attack to push custom malware
South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised…
Use this AI chatbot prompt to create a password-exclusion list
Creating a custom password-exclusion list can help prevent employees from using passwords that are likely to be guessed. Learn from…
Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025
On the first day of Pwn2Own Automotive 2025, security researchers exploited 16 unique zero-days and collected $382,750 in cash awards.…