Offensive Security

Compromised Android Photo Frames: A Supply Chain Attack Vector for Botnets and Spyware

Threat Intelligence

Compromised Android Photo Frames: A Supply Chain Attack Vector for Botnets and Spyware

A significant security threat has been identified within the consumer Internet of Things (IoT) market, specifically targeting...

Windows 11 Expands Passkey Ecosystem with Third-Party Manager Integration

Blue-Team

Windows 11 Expands Passkey Ecosystem with Third-Party Manager Integration

Microsoft has fundamentally altered the authentication landscape on Windows 11 by enabling native, system-level support for third-party...

UK’s Proactive AI Testing Framework: A Technical Analysis of the New Defense Against AI-Generated CSAM

Cyber Laws & Regulations

UK’s Proactive AI Testing Framework: A Technical Analysis of the New Defense Against AI-Generated CSAM

The United Kingdom has announced a significant legislative amendment that will permit authorized testers to proactively assess...

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Blue-Team

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Mozilla has released Firefox 145, introducing a significant upgrade to its anti-fingerprinting technology that substantially reduces the...

FileFix Attack Evolves with Cache Smuggling to Evade Detection

Threat Intelligence

FileFix Attack Evolves with Cache Smuggling to Evade Detection

A new variant of the FileFix social engineering attack is leveraging cache smuggling to secretly download malicious...

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Bug Bounties & Responsible Disclosure

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Google has formally launched a dedicated AI Vulnerability Reward Program (AI VRP), creating a structured channel for...

Zeroday Cloud Hacking Contest Unites Tech Giants with $4.5 Million Bounty Pool

Bug Bounties & Responsible Disclosure

Zeroday Cloud Hacking Contest Unites Tech Giants with $4.5 Million Bounty Pool

A new hacking competition called Zeroday Cloud has announced a total prize pool of $4.5 million in...

Signal’s Post-Quantum Triple Ratchet: A Technical Deep Dive on SPQR

News

Signal’s Post-Quantum Triple Ratchet: A Technical Deep Dive on SPQR

Signal has completed a significant cryptographic upgrade to its protocol with the introduction of the Sparse Post-Quantum...

Apple Removes ICE Tracking Apps Following DOJ Pressure: A Security Analysis

Threat Intelligence

Apple Removes ICE Tracking Apps Following DOJ Pressure: A Security Analysis

On October 3, 2025, Apple removed the ICEBlock application and similar software from its App Store, a...

HackerOne’s $81 Million Bug Bounty Payout Signals AI Security Surge

Bug Bounties & Responsible Disclosure

HackerOne’s $81 Million Bug Bounty Payout Signals AI Security Surge

The bug bounty ecosystem is experiencing unprecedented growth, with HackerOne announcing it paid out $81 million in...

MatrixPDF Toolkit Transforms PDFs into Advanced Phishing and Malware Lures

Threat Intelligence

MatrixPDF Toolkit Transforms PDFs into Advanced Phishing and Malware Lures

A new phishing and malware distribution toolkit called MatrixPDF enables attackers to convert ordinary PDF files into...

OpenAI’s Dynamic Safety Routing: A Technical Analysis of GPT-4o’s New Guardrails

Red-Team

OpenAI’s Dynamic Safety Routing: A Technical Analysis of GPT-4o’s New Guardrails

Recent user observations of GPT-4o conversations being unexpectedly rerouted to an unknown model have been confirmed as...

Supermicro BMC Vulnerabilities Expose Persistent Backdoor Risks in Server Firmware

CVE News

Supermicro BMC Vulnerabilities Expose Persistent Backdoor Risks in Server Firmware

Security researchers have identified new vulnerabilities in Supermicro’s Baseboard Management Controller (BMC) firmware that allow attackers to...

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

Threat Intelligence

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

In a significant blow to transnational cybercrime, a five-month international operation led by Interpol has resulted in...

EDR-Freeze: Abusing Windows Error Reporting to Suspend Security Software

Red-Team

EDR-Freeze: Abusing Windows Error Reporting to Suspend Security Software

A new proof-of-concept tool named EDR-Freeze demonstrates a significant evolution in attacker evasion techniques. Developed by security...

U.S. Sanctions Target Infrastructure and Operators Behind Southeast Asian Cyber Scam Networks

Threat Intelligence

U.S. Sanctions Target Infrastructure and Operators Behind Southeast Asian Cyber Scam Networks

The U.S. Department of the Treasury has initiated a significant, multi-phase sanctions campaign against the individuals and...

Geopolitical Implications of China’s Proposed Yuan-Backed Stablecoin

Threat Intelligence

Geopolitical Implications of China’s Proposed Yuan-Backed Stablecoin

A new legislative framework in Hong Kong is creating conditions for the potential development of state-controlled digital...

Image-Scaling Attacks: A New Vector for AI Prompt Injection and Data Exfiltration

Red-Team

Image-Scaling Attacks: A New Vector for AI Prompt Injection and Data Exfiltration

A new class of attack, exploiting the image preprocessing pipelines of multimodal AI systems, has been demonstrated...

Software Developer Sentenced for Deploying Logic Bomb and Kill Switch Against Former Employer

Cyber Laws & Regulations

Software Developer Sentenced for Deploying Logic Bomb and Kill Switch Against Former Employer

A software developer has been sentenced to four years in federal prison for a calculated act of...

Why Email Security Needs an EDR-Style Evolution for Modern Threats

Blue-Team

Why Email Security Needs an EDR-Style Evolution for Modern Threats

The current state of email security is analogous to the endpoint protection landscape a decade ago, relying...

Posts pagination

1 2 3 4 … 10 Next

Offensive Security

Compromised Android Photo Frames: A Supply Chain Attack Vector for Botnets and Spyware

Windows 11 Expands Passkey Ecosystem with Third-Party Manager Integration

UK’s Proactive AI Testing Framework: A Technical Analysis of the New Defense Against AI-Generated CSAM

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

FileFix Attack Evolves with Cache Smuggling to Evade Detection

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Signal’s Post-Quantum Triple Ratchet: A Technical Deep Dive on SPQR

Apple Removes ICE Tracking Apps Following DOJ Pressure: A Security Analysis

HackerOne’s $81 Million Bug Bounty Payout Signals AI Security Surge

MatrixPDF Toolkit Transforms PDFs into Advanced Phishing and Malware Lures

OpenAI’s Dynamic Safety Routing: A Technical Analysis of GPT-4o’s New Guardrails

Supermicro BMC Vulnerabilities Expose Persistent Backdoor Risks in Server Firmware

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

EDR-Freeze: Abusing Windows Error Reporting to Suspend Security Software

U.S. Sanctions Target Infrastructure and Operators Behind Southeast Asian Cyber Scam Networks

Geopolitical Implications of China’s Proposed Yuan-Backed Stablecoin

Image-Scaling Attacks: A New Vector for AI Prompt Injection and Data Exfiltration

Software Developer Sentenced for Deploying Logic Bomb and Kill Switch Against Former Employer

You may have missed

ClickFix Malware Campaigns Resurrect Decades-Old Finger Protocol for Command Retrieval

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

Digital Passport Integration in Mobile Wallets: A Security Analysis

U.S. Launches Scam Center Strike Force to Combat $10 Billion Crypto Fraud Networks