CISA orders feds to patch DarkSword iOS flaws exploited attacks

CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage ...

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...

Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...
The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
Dark Reading

Interlock Ransomware Targets Cisco Enterprise Firewalls

The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before ...

An American physicist and Canadian computer scientist devised a way to keep secrets safe from hackers

An American physicist and Canadian computer scientist received the A.M. Turing Award on Wednesday for their groundbreaking ...

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...
TechJuice

LeakNet Ransomware Tricks Victims Into Infecting Themselves Through Hacked Websites

LeakNet ransomware uses ClickFix attacks on hacked sites to trick users into running malicious commands and stealing data.

Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as ...