Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
CSO Online

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch ...

TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password

TP-Link patched high-severity Archer NX router flaws, including one that could let attackers upload rogue firmware without ...
The Guardian

‘Exploit every vulnerability’: rogue AI agents published passwords and overrode anti-virus software

Exclusive: Lab tests discover ‘new form of insider risk’ with artificial intelligence agents engaging in autonomous, even ‘aggressive’ behaviours Robert Booth UK technology editor Rogue artificial ...

Uh Oh—New ‘Hack Yourself’ Apple Mac Attack Can Steal Your Passwords

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.
TechRadar

Experts say Perplexity's AI Comet browser can be hijacked to steal your passwords

Zenity researchers uncovered PleaseFix, a zero-click indirect prompt injection flaw in Comet browser Malicious calendar invites could trick the AI into exfiltrating ...
Infosecurity Magazine

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Threat actors have demonstrated just how quickly they operate today after exploiting a critical open source vulnerability ...
TidBITS

DarkSword Exploit Threatens iPhones Still Running iOS 18

Security researchers have discovered DarkSword, a sophisticated exploit chain targeting iOS 18.4 through 18.7.2. Unlike past spyware aimed at high-profile targets, DarkSword is being surreptitiously ...
HotHardware

LastPass Issue Urgent Warning Over New Security Scam To Steal Passwords

LastPass is informing users of an active phishing campaign that started at the beginning of this month, which spoofs official LastPass emails and directs users to a false login page. While directing ...

Chrome encryption bypass discovered: New malware steals passwords and cookies

The infostealer uses a first‑seen‑in‑the‑wild debugging method to extract Chrome’s decryption key without privilege ...
Daily Mail

Urgent warning to all Gmail users over new texting scam stealing accounts: Do NOT click

Gmail users are being targeted by a new scam that exploits their own phone numbers. The scheme, first reported on Reddit, involves a text message that appears to come from 'Gmail from Google,' warning ...