Dark Reading

Predator Spyware Sample Indicates 'Vendor-Controlled' C2

Researchers detailed how Intellexa, Predator's owner, uses failed deployments to strengthen its commercial spyware and ...

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
SecurityWeek

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

Chrome 144 and Firefox 147 were released with patches for a total of 26 vulnerabilities, including high-severity code ...