News

The zero-day that could've compromised every Cursor and Windsurf user
Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines ...
Pen Test Partners4h
Sil3ncer Deployed – RCE, Porn Diversion, and Ransomware on an SFTP-only Server
TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...
SecurityWeek5h
In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware, DoNot APT
Microsoft shows attack against AMD processors, SentinelOne details latest ZuRu macOS malware version, Indian APT DoNot ...
Pen Test Partners5h
Sil3ncer Deployed – Exploitation, Porn and Ransomware on an SFTP-only Server
TL;DR Introduction We investigated a ransomware incident on a Windows Server 2012 host running in an SFTP-only role. The ...
Perplexity AI Browser Comet Review : Say Goodbye to Tedious Online Tasks
Learn how the Perplexity AI Comet browser combines Chrome familiarity with cutting-edge AI to redefine your online experience ...
CSO Online1d
Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures
Despite verified status and high ratings, 18 extensions silently deployed surveillance code, raising urgent questions about ...
All Chrome users must delete 11 apps downloaded over two million times NOW as experts issue ‘tracker’ warning
THOUSANDS of Chrome users are being urged to delete immediately certain apps that pose a security risk. It comes after experts issued a “tracker” warning on 11 apps that have been ...
Apple Adds iCloud Passwords Support For Mozilla Firefox Via Browser Extension on Windows
Apple has added autofill passwords support for Mozilla Firefox through a browser extension. The feature is currently only ...
Malicious Google Chrome and Edge extensions downloaded more than 2 million times - here's how to stay safe from being tracked online
Most were removed from the Play Store, but according to BleepingComputer, “many of them continue to be available”. Although ...
Cybernews2d
Dangerous Android flaw unveiled: apps can make prompts invisible and gain sensitive permissions
A new Android “TapTrap” flaw exploits UI animations to make security prompts invisible, allowing malicious apps to gain full ...
The Hacker News2d
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
"Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a ...
Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws
Today is Microsoft's July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed ...