News

The zero-day that could've compromised every Cursor and Windsurf user
Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines ...
Pen Test Partners3h
Sil3ncer Deployed – RCE, Porn Diversion, and Ransomware on an SFTP-only Server
TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...
Pen Test Partners5h
Sil3ncer Deployed – Exploitation, Porn and Ransomware on an SFTP-only Server
TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...
CSO Online1d
Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures
Despite verified status and high ratings, 18 extensions silently deployed surveillance code, raising urgent questions about ...
Apple Adds iCloud Passwords Support For Mozilla Firefox Via Browser Extension on Windows
Apple has added autofill passwords support for Mozilla Firefox through a browser extension. The feature is currently only ...
Cybernews2d
Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions
A new Android “TapTrap” flaw exploits UI animations to make security prompts invisible, allowing malicious apps to gain full ...
Samsung's July Security Update Arrives, Brings Mysterious Chip Fix
Samsung has disclosed its July 2025 security update for eligible Galaxy devices with an official changelog. More details here ...
Montgomery Advertiser3d
Auburn basketball's flaw exposed in final loss: Johni Broome couldn't ...
Johni Broome played through injuries yet again for Auburn basketball. But as Florida beat it in the Final Four, the Tigers couldn't ride their star.
Google finally gets strict about web server certificates
The Web cert world has undergone a lot of change this year, and Google has now set a June 2026 deadline for being even ...
How Let's Encrypt made the internet safer and HTTPS standard - and free
Over the last ten years, more than 600 million websites have been secured with free certificates from Let's Encrypt. Here's how it all began and why.
Stalkerware firm gets scooped by SQL-slinging security snoop
Infosec In Brief A security researcher looking at samples of stalkerware discovered an SQL vulnerability that allowed him to ...
Google Chrome users warned to heed advice due to high-severity security threat
With hackers attacking the Google Chrome system, the tech giant wants users to take action so they aren't the next victim.