CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
Sep 30, 2025Ravie LakshmananVulnerability / Linux The U.S. Cybersecurity and Infrastructure Security…
ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent
Sep 20, 2025Ravie LakshmananArtificial Intelligence / Cloud Security Cybersecurity researchers have disclosed…
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with…
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
Cybersecurity researchers have detailed a new cluster of activity where threat actors…
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
Jul 31, 2025Ravie LakshmananPhishing / Threat Intelligence Cybersecurity researchers have disclosed details…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python…
Securing Data in the AI Era
Jul 11, 2025The Hacker NewsData Security / Enterprise Security The 2025 Data…
Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign
Jun 19, 2025Ravie LakshmananEmail Security / Identity Protection Threat actors with suspected…
New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains
A new campaign is making use of Cloudflare Tunnel subdomains to host…