Latest IntelligencePage 92
Search by keyword →Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web b...
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-se...
Signal to roll out anti-phishing safeguards following account takeovers
Signal says recent reports describing attacks against its users do not reflect a breach of its platform, while also announcing plans to introduce new protection...
Robinhood account creation flaw abused to send phishing emails
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users i...
Vimeo suffers 3rd-party breach exposing user data, hackers threaten leak
Vimeo has disclosed a security incident stemming from a breach at third-party analytics provider Anodot, which resulted in unauthorized access to certain user a...
CISA flags new SD-WAN flaw as actively exploited in attacks
CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploite...
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without au...
Firefox flaw enables cross-site tracking, undermines Tor Browser defenses
A newly disclosed vulnerability in Firefox and Tor Browser allowed websites to generate a stable, process-level identifier using IndexedDB, undermining private ...
Home security giant ADT data breach affects 5.5 million people
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this m...
Money launderer linked to $230M crypto heist gets 70 months in prison
22-year-old Evan Tangeman of Newport Beach, California, was sentenced to 70 months in prison for laundering funds stolen in a massive $230 million cryptocurren...
FTC: Americans lost over $2.1 billion to social media scams in 2025
The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025. [...]...
Popular PyPI Package With 1 Million Monthly Downloads Hacked to Inject Malicious Scripts
A major software supply chain attack has compromised the popular Python package elementary-data, exposing thousands of developers to massive credential the...
Microsoft asks iPhone users to reauthenticate after Outlook outage
After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to rega...
Spectrum Security Emerges From Stealth Mode With $19 Million
The threat detection startup will invest in accelerating its engineering and go-to-market efforts. The post Spectrum Security Emerges From Stealth Mode With $19...
Windows Remote Desktop Leaves Behind Image Fragments Attackers Can Stitch Into Screenshots
Whenever someone uses Windows Remote Desktop, the operating system quietly saves visual fragments of the active session. As recently highlighted by SCYTHE Labs,...
Multiple OpenClaw Vulnerabilities Enables Policy Bypass and Host Override
Cybersecurity researchers have recently disclosed three moderate-severity vulnerabilities in OpenClaw, an AI agent framework previously known as Clawdbot and Mo...
Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes
Researchers from the Czech Technical University in Prague have developed a new adversarial malware generator targeting Linux ELF binaries. It achieves a 67.74% ...
OilRig Hides C2 Configuration in Google Drive Image Using LSB Steganography
A well-known Iranian state-sponsored hacking group called OilRig, also tracked as APT34 and Helix Kitten, has been found hiding its command-and-control (C2) ser...
New Android Banking Malware Abuses Fake KYC Workflow and WhatsApp Delivery to Hijack Accounts
A new Android banking malware, tracked as KYCShadow, was discovered targeting bank customers across India through a carefully designed fake Know Your Customer (...
Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic. The post Medtronic Hack Confirmed Aft...