CISA warns feds to patch iOS flaws exploited in crypto-theft attacks

CISA ordered U.S. federal agencies to patch three iOS security flaws targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit.

Feds take notice of iOS vulnerabilities exploited under mysterious circumstances

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...

Hackers Used New Exploit Kit to Compromise Thousands of iPhones

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.
Network World

Cisco issues emergency patches for critical firewall vulnerabilities

Cisco has handed security teams one of the largest ever patching workloads affecting its firewall products, including fixes ...

Google says 90 zero-days were exploited in attacks last year

Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances.
Hosted on MSN

Explore the Chrome exploit affecting Edge, Brave and Opera browsers

Tech expert ThioJoe warns about a critical Chrome zero-day vulnerability and urges users to update immediately. Johnny Carson at home: The king of late night’s off-air life in 20 photos Study of 27.8M ...
Dark Reading

Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again

A handful of European government agencies have been compromised by hackers in recent weeks, thanks to a new round of critical vulnerabilities in an Ivanti product — and it's another grim reminder of ...
Crowdfund Insider

Crypto Crime : Wrench Attacks and Technical Exploits Analyzed by Blockchain Security Firm CertiK

The the nascent ecosystem of blockchain and decentralized finance, security remains a paramount concern. Blockchain security firm CertiK has recently highlighted critical areas of risk: sophisticated ...
VentureBeat

Infostealers added Clawdbot to their target lists before most security teams knew it was running

Clawdbot's MCP implementation has no mandatory authentication, allows prompt injection, and grants shell access by design. Monday's VentureBeat article documented these architectural flaws. By ...
HotHardware

Millions At Risk As Attackers Exploit This Alarming WinRAR Security Flaw

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...
Crowdfund Insider

DeFi Protocol MakinaFi Exploit Analyzed by Blockchain Security Firm CertiK

In the ecosystem of decentralized finance, web3 and blockchain, staying ahead of increasingly sophisticated cyber threats and shifting regulatory demands is becoming vital. Recent analyses from ...
CoinTelegraph

Saga pauses chainlet after $7M exploit that depegged its stablecoin

Saga’s US dollar-pegged stablecoin has dropped to $0.75, while the protocol's total value locked has fallen by around 55% over the past 24 hours. Layer-1 blockchain protocol Saga has paused its ...