LATEST NEWS
WhatsApp ‘Private Inference’ pre-launch audit uncovered critical flaws
A newly published security audit by Trail of Bits reveals that WhatsApp’s privacy-preserving AI system initially contained …
LinkedIn faces class action over alleged covert scanning of users’ browsers
LinkedIn is facing a proposed class action lawsuit in the United States following allegations that it secretly scans users’ …
Disgruntled researcher drops “BlueHammer” Windows zero-day LPE exploit
A security researcher has publicly released proof-of-concept exploit code for a previously undisclosed Windows zero-day …
D-Link releases security fixes to address AirSnitch Wi-Fi attack threat
D-Link has released firmware updates and mitigation guidance addressing the recently disclosed “AirSnitch” Wi-Fi attacks, which …
New GPUBreach attack achieves root access via memory corruption
Researchers have demonstrated a new class of GPU-based Rowhammer attack, dubbed GPUBreach, that goes beyond data corruption and …
Chrome color picker extension with 400k users sneaked browsing tracker
A widely used Chrome extension designed to help users pick colors from web pages has come under scrutiny after researchers …
1.2 million Crunchyroll users confirmed impacted by data breach
Have I Been Pwned (HIBP) has added 1.2 million email addresses tied to the recent Crunchyroll data breach, enabling users to …
Malwarebytes VPNs audit uncovers critical flaws, fixes underway
Malwarebytes has completed the first independent security audit of its Privacy VPN infrastructure, revealing a generally strong …
Samsung Galaxy S25 ships browser vulnerable to RCE and XSS attacks
Researchers have demonstrated a remote code execution (RCE) exploit chain in Samsung Internet on the Galaxy S25, caused by the …
EU Commission says TeamPCP data breach impacted 29 Union entities
The EU Commission’s recent cloud breach has been linked to a supply-chain attack involving the Trivy security tool, with …
Independent audit confirms Cloudflare’s 1.1.1.1 resolver privacy claims
Cloudflare has confirmed, via an independent audit, that its 1.1.1.1 public DNS resolver operates in line with the privacy …
Spyware firm used fake WhatsApp app in targeted surveillance operation
Meta has uncovered and disrupted a targeted spyware campaign that used a fake WhatsApp application to compromise users’ …
Apple expands DarkSword protections to more iPhones with iOS 18.7.7 update
Apple has released iOS 18.7.7 and iPadOS 18.7.7, expanding protections against the DarkSword iPhone exploit chain to a wider …
Toy giant Hasbro hit by cyberattack that disrupted operations
Hasbro has disclosed a cybersecurity incident involving unauthorized access to its network, prompting containment measures and …
Waterfox browser to add Brave’s adblock engine, allow search ads for revenue
Waterfox has announced plans to integrate Brave’s adblock engine into its browser, alongside a decision to allow search ads by …
