Firefox shipped with a dangerous WebAssembly vulnerability that affected 180 million users for six months. The memory corruption bug could allow attackers to execute arbitrary code through carefully crafted payloads. Mozilla has now patched the issue in Firefox 145 and ESR 140.5+.
China’s APT31 hacking group has been conducting espionage against Russia’s IT sector since at least 2022. The sophisticated campaign abuses legitimate cloud services like Microsoft OneDrive and Yandex Cloud for command-and-control. Researchers suspect the true targets may include Russian government
A new variant of the ClickFix scam is tricking users with fake Windows Update pages. The scam uses clipboard commands to install dangerous malware that steals sensitive information. Security experts warn this campaign has been active since early October.
Government spies and cyber-mercenaries are actively breaking into Signal and WhatsApp accounts using sophisticated spyware. They’re bypassing encryption entirely by exploiting phones and app features. High-value individuals worldwide are being targeted.
A new Russian-linked malware campaign is hiding StealC V2 inside Blender 3D files distributed on platforms like CGTrader. The attack exploits Blender’s Auto Run feature to execute malicious Python scripts that download additional payloads. Researchers have been tracking this operation for at least s
A New Zealand hacker conference built their own air quality monitoring system using Adafruit components to track CO2 levels across their venue. The DIY solution gave attendees real-time data about virus transmission risks during a measles outbreak. It’s a brilliant example of hackers solving public
The Eternidade malware combines worm-like spreading through WhatsApp with sophisticated banking trojan capabilities. Researchers discovered it specifically targets Brazilian users through personalized messages and checks for Portuguese language settings. The malware’s unique C2 resilience and Delphi
Global leaders are taking obsequiousness to new extremes with Trump, from Nobel Prize nominations to calling him “daddy.” But the Financial Times analysis shows this approach consistently backfires, earning contempt rather than cooperation. The only proven strategy involves leverage, not flattery.
A comprehensive study found Meta AI, ChatGPT, Claude, and Gemini all unsafe for teen mental health conversations. The chatbots missed critical warning signs including psychosis and eating disorders despite company safeguards.
DoorDash has suffered a data breach exposing customer personal information including names, addresses, and contact details. The company is being deliberately vague about how many users were affected while claiming payment information remains secure.
