Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Vercel confirms breach as hackers claim to be selling stolen data

Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems ...

Legal advisers help migrants pose as gay to get asylum, undercover BBC investigation finds

A shadow industry of law firms and advisers is charging thousands of pounds to help migrants pretend to be gay in order to ...
Cybernews

Axios patches critical vulnerability that allows attackers to steal cloud credentials

Axios, a widely used JavaScript library, is affected by a new critical vulnerability that enables attackers to chain exploits ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
The Hacker News

⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.
SecurityWeek

Next.js Creator Vercel Hacked

Vercel confirms that is has suffered an intrusion after a hacker offered to sell data allegedly stolen from the company’s ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.
CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...