Cybersecurity

A new malware called AryStinger has infected at least 4,300 older home routers, according to research from QiAnXin's XLab.Instead of creating a typical DDoS...

A WordPress plugin flaw exposes API keys and system data on roughly 100,000 sites.The vulnerability allows unauthenticated attackers to harvest credentials for email services.Over...

A working exploit achieves arbitrary code execution within the SecureROM of Apple's A12 and A13 chips, a flaw burned into the silicon.Affected devices, including...

Security firm Klue suffered a breach via a legacy credential, allowing hackers to steal OAuth tokens and access customer data on integrated platforms.The incident...

Malicious actors are creating a "fake reputation economy" by using coordinated reviews, social media buzz, and paid news articles to promote malware.The goal is...

Attackers can maintain access after C2 takedowns by installing separate persistence tools like OpenSSH and VPN software.A junior hacker used free-tier services and a...

Fifteen malicious plugins on the JetBrains Marketplace have been stealing AI provider API keys in a campaign active since October 2025.Two of the fraudulent...

A new Android banking trojan named Rokarolla targets 217 banking and cryptocurrency applications.It uses sophisticated overlay attacks and 137 remote commands to gain near-total...