Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI
Cryptocurrency scams alone cost victims over $7 billion, while AI-enabled fraud threats are on the rise, says FBI
Aggregator
UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks
2 months 1 week ago
New advisory warns cyber threat group APT28 have exploited vulnerable edge devices to support malicious operations.
APT28 exploit routers to enable DNS hijacking operations
2 months 1 week ago
Russian cyber actor APT28 exploit vulnerable routers to hijack DNS, enabling adversary‑in‑the‑middle attacks and theft of passwords and authentication tokens.
AI-enabled device code phishing campaign exploits OAuth flow for account takeover
2 months 1 week ago
A phishing campaign that bypasses the standard 15-minute expiration window through automation and dynamic code generation, leveraging the OAuth Device Code Authentication flow to compromise organizational accounts at scale, has been observed by the Microsoft Defender Security Research team. The campaign uses AI-assisted infrastructure and end-to-end automation. Attack overview Device Code Authentication is a legitimate OAuth flow designed for devices that cannot support a standard interactive login. In this model, a code is presented on … More →
The post AI-enabled device code phishing campaign exploits OAuth flow for account takeover appeared first on Help Net Security.
Anamarija Pogorelec
Ваш VPN вас выдает. Популярные клиенты (v2rayNG, Clash, Hiddify) оказались уязвимы
2 months 1 week ago
В мобильных VLESS-клиентах нашли критическую «дыру».
The Hidden Cost of Recurring Credential Incidents
2 months 1 week ago
When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. Avoiding even one major incident is enough to justify most security investments, but that headline figure obscures the more persistent problems caused by recurring credential
The Hacker News
GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover
2 months 1 week ago
GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flips in GPU memory (GDDR6) to go beyond data corruption. Attackers can use this technique to escalate privileges and, in some cases, gain full control of the system. […]
Pierluigi Paganini
ShadowByt3 New threat Actor
2 months 1 week ago
You must login to view this content
cohenido
TDF 基金会称它取消 Collabora 员工的会员资格是为了遵守非营利组织法
2 months 1 week ago
The Document Foundation(TDF)再次通过官方博客回应了它与主要商业合作伙伴 Collabora 之间的分歧。TDF 称过去几年它犯下了多项违反非营利组织法的错误:仅允许生态系统内的公司免费使用 LibreOffice 品牌;将 LibreOffice 的开发合同——新功能开发、修 bug 等——授予在基金会董事会中拥有代表,积极参与采购的企业。基金会法律顾问指出这些违反法律的错误之后,从中受益的企业试图维持现状而不是解决问题。为避免失去非营利组织地位以及由此带来的不可预见的后果,TDF 基金会采取了措施,取消 Collabora 员工的会员资格、冻结招标以及引入开发采购政策,并制定了规则降低未来再次出现类似问题的风险。
The Gentleman
2 months 1 week ago
You must login to view this content
cohenido
The Gentleman
2 months 1 week ago
You must login to view this content
cohenido
The Gentleman
2 months 1 week ago
You must login to view this content
cohenido
The Gentleman
2 months 1 week ago
You must login to view this content
cohenido
The Gentleman
2 months 1 week ago
You must login to view this content
cohenido
The Gentleman
2 months 1 week ago
You must login to view this content
cohenido
Submit #798632: Oracle Java SE 8u461-b50 Buffer Overflow [Accepted]
2 months 1 week ago
Submit #798632 / VDB-355727
lywand
The Gentleman
2 months 1 week ago
You must login to view this content
cohenido
Audit Team New threat Actor
2 months 1 week ago
You must login to view this content
cohenido
ShadowByt3
2 months 1 week ago
You must login to view this content
cohenido
ShadowByt3
2 months 1 week ago
You must login to view this content
cohenido