New VoidProxy Phishing Service Bypasses MFA on Microsoft and Google Accounts
Okta Threat Intelligence exposes VoidProxy, a new PhaaS platform. Learn how this advanced service uses the Adversary-in-the-Middle technique…
Scattered Lapsus$ Hunters Hacker Group Announces Shutdown
Scattered Lapsus$ Hunters, linked to the Jaguar Land Rover cyberattack, claims to shut down as experts suggest the…
New Google AppSheet Phishing Scam Deliver Fake Trademark Notices
A phishing scam is exploiting Google’s trusted AppSheet platform to bypass email filters. Learn how hackers are using…
Google fixes critical Chrome flaw, researcher earns $43K
Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution. A researcher earned $43000 from Google for reporting a critical Chrome vulnerability, tracked as CVE-2025-10200, in the Serviceworker component. A use-after-free (UAF) occurs when a program accesses memory after it has been freed. This can cause crashes, data […]
Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images
Pixel 10 adds C2PA to camera and Photos, helping users verify authenticity and spot AI-generated or altered images. Pixel 10 integrates C2PA Content Credentials into the camera and Photos, allowing users to verify whether images are real or AI-generated, or edited. The company announced the integration of the new feature during the Made by Google […]
Microsoft’s Patch Tuesday: About 80 Vulnerabilities Patched
An elevation of privilege vulnerability in the Windows NTLM authentication protocol and a flaw in Office’s Preview Pain are among the most important to patch.
Google Drive Desktop for Windows Flaw Lets Users Gain Full Access to Others’ Drives
Millions of people and businesses trust Google Drive every day to store important files like contracts, reports, photos, and research papers. The desktop app for Windows promises secure and seamless syncing of files between local folders and the cloud….
AI agents are here, now comes the hard part for CISOs
AI agents are being deployed inside enterprises today to handle tasks across security operations. This shift creates new opportunities for security teams but also introduces new risks. Google Cloud’s new report, The ROI of AI 2025, shows that 52% of or…
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or actively exploited vulnerabilities in this month’s bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft’s most-dire “critical” label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.
Zero-Day in Sitecore Exploited to Deploy WEEPSTEEL Malware
Hackers exploit a Sitecore zero-day (CVE-2025-53690) to deploy WEEPSTEEL Malware via ViewState attacks, enabling Remote Code Execution (RCE).