Microsoft Says Edge Password Security Vulnerability Is ‘By Design’—Is It Time To Switch To Chrome?

Microsoft Edge loads all your saved passwords, decrypted and in plaintext, into memory at startup. Google Chrome doesn’t—is ...

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.” ...

Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to ‘DarkSword’ Exploit

Apple issues a rare iOS 18 security patch as the DarkSword exploit threatens up to 270 million iPhones, marking a shift in ...
Bleeping Computer

Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. Viettel Cyber Security took an early ...
AMBCryptoOpinion

Is crypto’s security model cracking? April’s $600M in DeFi hacks tells us…

Security has long been one of DeFi’s core promises, yet the sector is increasingly struggling to keep pace with its ...
Bleeping Computer

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The ...
The Hacker News

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.
VentureBeat

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms ...
Fox News

New Android attack tricks you into giving dangerous permissions

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...
Hosted on MSN

Unity discloses a years-old security exploit and urges developers to update their games

Unity is urging developers to take “immediate action” after it disclosed a major security vulnerability affecting games built using versions of its popular development tool dating back to 2017. While ...
HHS

Exploit Attempts Surge for React2Shell

Hacker interest is high in a days-old vulnerability in widely used web application framework React, with dozens of organizations already falling victim to it, cybersecurity experts warn. See Also: ...
CoinDesk

The State of DeFi Exploit Risk

The decentralized finance (DeFi) sector has undergone a remarkable security transformation, achieving a 90% reduction in exploit losses since 2020 and positioning itself as mature financial ...