Cybersecurity

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions​

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users’ knowledge pixel-by-pixel.
The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University of

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions​ Read Post »

What AI Reveals About Web Applications— and Why It Matters​

Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and enabling attackers to map your

What AI Reveals About Web Applications— and Why It Matters​ Read Post »

Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months​

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group’s expansion to the country beyond Southeast Asia and South America.
The activity, which took place from January to May 2025, has been attributed by Broadcom-owned Symantec to a threat actor it tracks as Jewelbug, which it said overlaps with

Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months​ Read Post »

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion​

U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP’s source code and information related to undisclosed vulnerabilities in the product.
It attributed the activity to a “highly sophisticated nation-state threat actor,” adding the adversary maintained long-term, persistent access to its network. The

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion​ Read Post »

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks​

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk.
“A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base,”

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks​ Read Post »

How Attackers Bypass Synced Passkeys​

TLDR
Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys.

Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure.
Adversary-in-the-middle (AiTM) kits can force authentication fallbacks that circumvent strong

How Attackers Bypass Synced Passkeys​ Read Post »

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped​

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program.
Of the 183 vulnerabilities, eight of them are non-Microsoft

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped​ Read Post »

Scroll to Top