Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

New ‘Powerful’ iOS Attack Warning Issued To Millions Of iPhone Users

An iOS warning has been issued by researchers after they discovered “a new and powerful” exploit kit targeting Apple iPhones. Here's what you need to know.
PC Magazine

Your Online Privacy Is Disappearing Fast. Here's Why You Need a VPN in 2026

A good VPN can protect your privacy and data, as long as you use it correctly. Here’s how to choose the right one, cut through the marketing lingo, and get the most out of it. I’ve been writing about ...

Feds take notice of iOS vulnerabilities exploited under mysterious circumstances

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...
ZDNet

The right way to run an internet speed test (and how I use the results for better Wi-Fi)

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Cybernews

AI-driven hacking uses booking.com and Microsoft Teams in vibe coding and “flat pack ...

AI is helping cybercriminals to rapidly assemble malware with flat-pack efficiency. It’s almost like buying a sofa from Ikea, ...
Cybernews

AI agents are too easy to fool, with websites now littered with hidden “system override ...

Researchers at Unit 42, a security arm of Palo Alto Networks, have documented real-world attacks, and they’re as dumb as it gets. Hidden text on websites simply asks AI to “ignore previous ...

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks.
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

UK will allow US to use bases to strike Iranian missile sites, PM says

The UK has agreed to a US request to use British military bases for "defensive" strikes on Iranian missile sites, Sir Keir Starmer has said. But the prime minister said the UK had learned lessons from ...
SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...