Facebook Password Warning For 3 Billion Users As Attacks Surge

That warning concerns what is known as a browser-in-the-browser attack and, according to the Trellix security boffins, is an ...

Urgent warning as 17.5 million Instagram accounts exposed in leak & users targeted by surge in ‘password reset’ attacks

A MASSIVE data breach has exposed the personal information of about 17.5 million Instagram users. The breach has triggered a ...
Cyber Defense Magazine

How Real-Time Phishing Relay Attacks Work—And How To Stop Them Cold Today

Real-time phishing relay attacks are now the most dangerous and effective weapon in the modern cybercriminal’s arsenal. They ...

Sophisticated Phishing Attack Targets MetaMask Users Through Fake 2FA Security Alerts

A new phishing scam is targeting MetaMask users with a fake two-factor authentication process designed to steal wallet ...

Barracuda report finds phishing kits doubled in 2025 as attacks grew more evasive

A new report out today from Barracuda Networks Inc. has detailed how phishing attacks grew more sophisticated and harder to detect in 2025 thanks to the rapid evolution of phishing-as-a-service kits ...
SecurityWeek

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks

Threat actors abuse complex routing and misconfigured protections to spoof domains and send phishing emails that appear to be ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
Cloud Security Alliance

Reimagining the Browser as a Critical Policy Enforcement Point: A Zero Trust Security Architecture for Modern Enterprises

Explores turning the browser into a policy enforcement point within a Zero Trust framework, covering governance, MFA, device ...
Forbes

Amazon CISO Confirms Hacker Exploit Used 2 Zero-Day Attacks

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Not all zero-day threat stories are worth getting unduly ...
Wired

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, and other private data in less than 30 seconds. The new attack, named ...

Patch now! Attacks on Adobe ColdFusion and Fortinet firewalls observed

Currently, attackers are targeting a five-year-old vulnerability in Fortinet firewalls. The vulnerabilities in ColdFusion are ...