New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts ...

AI is accelerating cyberattacks. Is your network prepared?

AI-driven attacks now automate reconnaissance, generate malware variants, and evade detection at a speed that overwhelms ...

Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...

Microsoft fixes Windows Explorer white flashes in dark mode

Microsoft has fixed a known issue that caused bright white flashes when launching File Explorer in dark mode on Windows 11 ...

Microsoft Teams to warn of suspicious traffic with external domains

Microsoft is working on a new Teams security feature that will analyze suspicious traffic with external domains to help IT ...

New DroidLock malware locks Android devices and demands a ransom

A new Android malware called DroidLock has emerged with capabilities to lock screens for ransom payments, erase data, access ...

Over 10,000 Docker Hub images found leaking credentials, auth keys

More than 10,000 Docker Hub container images expose data that should be protected, including live credentials to production ...

Microsoft bounty program now includes any flaw impacting its services

Microsoft now pays security researchers for finding critical vulnerabilities in any of its online services, regardless of whether the code was written by Microsoft or a third party.

Google ads for shared ChatGPT, Grok guides push macOS infostealer malware

A new AMOS infostealer campaign is abusing Google search ads to lure users into Grok and ChatGPT conversations that appear to ...