The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and ...

Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, ...

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens ...

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from ...

ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced ...

Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your ...

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing ...

A new malware-as-a-service (MaaS) platform named 'SuperCard X' has emerged, targeting Android devices via NFC relay attacks ...

A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active ...

The FBI warns that scammers posing as FBI IC3 employees are offering to "help" fraud victims recover money lost to other ...

Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail ...

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing ...