Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations.

Critical Check Point VPN flaw CVE-2026-50751 is being exploited to bypass passwords in IKEv1 Remote Access setups.

A coding error in several Microsoft 365 Android apps could have allowed a malicious app on the same device to silently obtain account tokens and act as the signed-in user, according to new research ...

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

Microsoft patched a Microsoft 365 Android flaw that exposed account tokens across six apps. Here’s what IT teams should check ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Abstract: Secure bootstrapping of Internet of Things (IoT) devices is often a multi-step process that begins with enabling Internet access through a local wireless network. The process of enabling ...

Securing digital identities has never been more important. Passwords alone can’t keep up with today’s threats, which is why Two-Factor Authentication (2FA) has become one of the most widely adopted ...

Exchange tokens are a Kategorie of cryptocurrencies specifically designed to operate within a crypto exchange ecosystem worth over $150 billion. Unlike general-purpose cryptocurrencies like Bitcoin or ...