Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted ...

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits ...

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Follows suggestions iPhone-pwning toolset bears hallmarks of zero-days that targeted Russian diplomats Russian cybersecurity ...

How did OpenClaw become botnet infrastructure so quickly? DataDome analyzes the hijacked AI agents scraping sites at scale ...

It suggests that most real-world AI deployments are not as reckless as some narratives imply. The most common issues we observed were familiar ones: weak defaults, excessive permissions, and poor ...

A high-severity Chrome vulnerability has allowed malicious extensions to exploit the Gemini panel and gain elevated access to camera, microphone, and files.

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.

A critical-severity FreeScout vulnerability can be exploited for remote code execution without authentication or user interaction.

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s security. This finding highlights the core risks of ...