Search

Mozilla patched a Firefox browser vulnerability that was discovered after a similar Google Chrome flaw was found to be actively exploited in potential espionage campaigns. The critical flaw, tracked as CVE-2025-2857, could enable an attacker to escape the Firefox browser’s sandbox protection on ...

Cybernews reports that nearly 40 web domains masquerading as the increasingly popular Chinese artificial intelligence platform DeepSeek have been created to facilitate intrusions distributing the Vidar information-stealing malware and compromising cryptocurrency wallets. Threat ac...

Mozilla will remove the “Do Not Track” privacy option from the Firefox browser, with the change already effective in development versions of the browser. While Do Not Track is still available in stable releases of Firefox, it is retired in Firefox version 135, with the changes apparent in the la...

Intrusions exploiting a Firefox animation timeline use-after-free vulnerability, tracked as CVE-2024-9680, and a Windows Task Scheduler privilege escalation bug, tracked as CVE-2024-49039 both of which are zero-days have been deployed by Russian threat operation RomCom, also known as Tropical Scor...

Intrusions exploiting a Firefox animation timeline use-after-free vulnerability, tracked as CVE-2024-9680, and a Windows Task Scheduler privilege escalation bug, tracked as CVE-2024-49039 — both of which are zero-days — have been deployed by Russian threat operation RomCom, also known as Tropi...

Apple macOS systems running on x86_64 and ARM64 architectures are at risk of being comprehensively targeted by the novel Banshee Stealer malware, which is being sold for $3,000 monthly, reports The Hacker News. Aside from being touted to facilitate data exfiltration from major web...

We're familiar with attacks that try to compromise your usernames and passwords. Weak passwords can be cracked. Reused passwords are vulnerable to credential-stuffing and password-spraying attacks. Phishing scams try to steal usernames and passwords outright. All of these are "pre-authentication...

A vulnerability affecting all major browsers, dubbed “0.0.0.0 Day,” could enable attackers to send malicious requests to local networks, potentially leading to remote code execution (RCE). Oligo Security disclosed the flaw on Wednesday, detailing how the ability to contact the 0.0.0.0 IP address...

Google announced Monday that third-party cookies are here to stay on its Chrome browser, eliminating plans to deprecate cookies by the second half of 2024. The tech giant disabled cookies for 1% of Chrome users in early January as part of its twice-postponed plan to phase out third-party cookies...

Security Affairs reports that the new Python-based information-stealing malware dubbed Snake has been distributed through malicious messages on Facebook Messenger since August. Attacks commence with the delivery of direct messages on Messenger that lure recipients into downloading...