Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files

Researchers say a vulnerability in Perplexity’s Comet AI browser could expose local files and credentials through malicious ...

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted ...

Leaked government-grade iPhone hacking tools now used to steal crypto and data from users

According to new technical analyses from Google and mobile security firm iVerify, Coruna's technical core comprises five complete exploit chains and 23 distinct iOS vulnerabilities that ...
PCMag

This iOS 'Exploit' Kit Can Hack Vulnerable iPhones Using 23 Different Attacks

Security researchers discover the 'Coruna' exploit kit running over malicious Chinese websites that were able to secretly hack vulnerable iPhones running iOS 13 to 17.2.1.
Tech Digest

Dark web marketplace exploits stolen air miles for pennies, investigation shows

Cybercriminals have found a lucrative niche in the shadow economy by trading stolen air miles for as little as 56p. A new investigation by NordVPN and travel eSIM provider Saily has exposed a massive ...
Searchenginejournal.com

WooCommerce WordPress Plugin Exploit Enables Fraudulent Charges

The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...
World Socialist Web Site

New Zealand government exploits Auckland fire to slander striking firefighters

New Zealand’s National Party-led government has seized on a fire that broke out in Auckland during a brief firefighters’ strike on January 9 to escalate a vicious propaganda campaign against the ...
CoinTelegraph

Trust Wallet will cover $7M lost in Christmas Day hack, CZ says

The malicious Trust Wallet extension has also been exporting users’ personal information, pointing to potential insider activity, according to cybersecurity company SlowMist. Trust Wallet users lost ...
Ars Technica

Fraudulent gambling network may actually be something more nefarious

A sprawling infrastructure that has been bilking unsuspecting people through fraudulent gambling websites for 14 years is likely a dual operation run by a nation-state-sponsored group that is ...
ExtremeTech

Microsoft Rolls Out Emergency Windows Server Update Following WSUS Exploits

Microsoft has released an emergency out-of-band security update for Windows Server to address a probable remote code execution vulnerability tracked as CVE-2025-59287. The issue affects the Windows ...
Hosted on MSN

Everybody's warning about critical Windows Server WSUS bug exploits ... but Microsoft's mum

Governments and private security sleuths warned that attackers are already exploiting a critical bug in Microsoft Windows Server Update Services, shortly after ...
Bleeping Computer

Windows Server emergency patches fix WSUS bug with PoC exploit

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...