News Hackers exploit critical auth bypass flaw in JobMonster WordPress theme
Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administ...
news
News 
News Fake Solidity VSCode extension on Open VSX backdoors developers
A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source...
News Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks
Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert co...
News Hackers use RMM tools to breach freighters and steal cargo shipments
Threat actors are targeting freight brokers and trucking carriers with malicious links and emails to deploy remote monit...
News US cybersecurity experts indicted for BlackCat ransomware attacks
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allege...
News OAuth Device Code Phishing: Azure vs. Google Compared
Written by Matt Kiely, Principal Security Researcher at Huntress Come along with me on a journey as we delve into the sw...
News Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching
An out-of-band (OOB) security update that patches an actively exploited Windows Server Update Service (WSUS) vulnerabili...
News Penn hacker claims to have stolen 1.2 million donor records in data breach
A hacker has taken responsibility for last week's University of Pennsylvania "We got hacked" email incident, saying it w...
News Open VSX rotates access tokens used in supply-chain malware attack
The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and...
News China-linked hackers exploited Lanscope flaw as a zero-day in attacks
China-linked cyber-espionage actors tracked as 'Bronze Butler' (Tick) exploited a Motex Lanscope Endpoint Manager vulner...