Hackers exploit Roundcube webmail flaw to steal email, credentials
Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of…
Internet Archive breached again through stolen access tokens
The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors…
Internet Archive hacked, data breach impacts 31 million users
Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a…
New Mamba 2FA bypass service targets Microsoft 365 accounts
An emerging phishing-as-a-service (PhaaS) platform called Mamba 2FA has been observed targeting Microsoft 365 accounts in AiTM attacks using well-crafted…
LEGO’s website hacked to push cryptocurrency scam
On Friday night, cryptocurrency scammers briefly hacked the LEGO website to promote a fake Lego token that could be purchased…
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks
Approximately 5% of all Adobe Commerce and Magento online stores, or 4,275 in absolute numbers, have been hacked in "CosmicSting"…
Fake browser updates spread updated WarmCookie malware
A new 'FakeUpdate' campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread…
Arc browser launches bug bounty program after fixing RCE bug
The Browser Company has introduced an Arc Bug Bounty Program to encourage security researchers to report vulnerabilities to the project…
Android malware ‘Necro’ infects 11 million devices via Google Play
A new version of the Necro malware loader for Android was installed on 11 million devices through Google Play in…
Windows Server 2025 previews security updates without restarts
Microsoft announced today that Hotpatching is now available in public preview for Windows Server 2025, allowing installation of security updates…