ConsentFix Debrief: New Insights on OAuth Phishing Attack
Push Security shares insights on ConsentFix, an OAuth phishing technique hijacking Microsoft accounts via browser authorization…
Microsoft Updates Windows DLL Triggering False Security Alerts
Microsoft resolved an issue causing security apps to incorrectly flag a core Windows DLL (WinSqlite3.dll) as…
Kyowon Group confirms data theft in ransomware attack
South Korean conglomerate Kyowon Group confirms a ransomware attack led to data theft and service disruptions.…
OpenAI’s ChatGPT Translate Tool Challenges Google Translate
OpenAI launches ChatGPT Translate, a new feature similar to Google Translate, offering advanced translation with contextual…
Chrome and Firefox Patch High-Severity Vulnerabilities
Chrome and Firefox have released updates to address high-severity vulnerabilities. Users are urged to update to…
Predator Spyware’s Anti-Analysis Features Exposed
Details emerge on Predator spyware’s granular anti-analysis techniques. Understanding these features is key to defense against…
CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited
CISA adds Microsoft Office and HPE OneView vulnerabilities to its KEV list, urging agencies to patch…
[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl
Learn to secure Agentic AI workflows, MCPs, APIs, and prevent code execution attacks. Register for the…
PLUGGYAPE Malware Targets Ukrainian Defense Forces via Signal, WhatsApp
PLUGGYAPE malware targets Ukrainian defense forces using Signal and WhatsApp with phishing and evolving backdoors.
Third-Party App Data Access: Research Shows 64% Lack Justification
Study of 4,700 websites reveals 64% of third-party apps access sensitive data without a clear business…
Latest Posts
- Drones to Diplomas: Russia’s University Linked to $25M Essay Mill
- The Kimwolf Botnet is Stalking Your Local Network
- Who Benefited from the Aisuru and Kimwolf Botnets?
- Windows 11 PCs may fail to shut down after January update: Microsoft confirms
- Cisco Patches AsyncOS Zero-Day Exploited Since November 2025
