OAuth Attacks Target Microsoft 365, GitHub

In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites.

darkreading – ​Read More

ClickFix Attack Compromises 100+ Car Dealership Sites

The ClickFix attack tactic seems to be gaining traction among threat actors.

darkreading – ​Read More

GitHub restores code following malicious changes to tj-actions tool

GitHub was forced to take action this weekend to help users after a threat actor compromised a popular open source package used by more than 23,000 organizations.

The Record from Recorded Future News – ​Read More

Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware

Medusa ransomware now operates as a RaaS model, recruiting affiliates from criminal forums to launch attacks, encrypt data, and extort victims worldwide.

Security | TechRepublic – ​Read More

This slick Linux browser is like a tricked-out Opera – and it’s faster than Firefox

Looking for a web browser that is as cool looking as it is secure and private? Take a look at this fork of Floorp.

Latest stories for ZDNET in Security – ​Read More

ChatGPT Down as Users Report “Gateway Time-out” Error

ChatGPT Down: Users report “Gateway time-out” errors. OpenAI’s popular AI chatbot is experiencing widespread outages. Stay updated on the service disruption.

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum

Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server.

The post Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum appeared first on SecurityWeek.

SecurityWeek – ​Read More

Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit

The researchers who discovered the initial assault warned that the simple, staged attack is just the beginning for advanced exploit sequences that will test cyber defenses in new and more difficult ways.

darkreading – ​Read More

Texas man faces prison for activating ‘kill switch’ on former employer’s network

Software developer Davis Lu was found guilty of sabotaging the company’s systems.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

NIST Announces HQC as Fifth Standardized Post Quantum Algorithm

First choices for both KEMs and DSAs are already standardized, and organizations should not wait for the backups to be available before migrating to PQC. 

The post NIST Announces HQC as Fifth Standardized Post Quantum Algorithm appeared first on SecurityWeek.

SecurityWeek – ​Read More