CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
vg247

The latest Arc Raiders patch is almost entirely about fixing exploits, including all the clipping through locked rooms business

A fresh Arc Raiders patch has arrived, bringing a host of new fixes to several exploits players have recently been relying on to do things they’re not supposed to, and bypass certain mechanics to get ...
CoinDesk

Balancer Hit by Apparent Exploit as $110M in Crypto Moves to New Wallets

Balancer, a decentralized finance (DeFi) protocol with over $750 million in value locked, appears to have been hit by its biggest exploit yet, with on-chain data showing upward of $110 million in ...
Gizmodo

$120 Million Exploit Has Chilling Effect on Entire Crypto Ecosystem

Balancer, which is a decentralized finance (DeFi) protocol focused on automated market making (AMM), was exploited early Monday morning in an attack that may have led to $120 million or more in losses ...
CSOonline

Atlas browser exploit lets attackers hijack ChatGPT memory

OpenAI’s Atlas browser is under scrutiny after researchers demonstrated how attackers can hijack ChatGPT memory and execute malicious code, without leaving traditional malware traces. Days after ...
The Washington Post

How some veterans exploit $193 billion VA program, due to lax controls

Military veterans are swamping the U.S. government with dubious disability claims — including cases of brazen fraud totaling tens of millions of dollars — that are exploiting the country’s sacred ...
Fox News

Hackers found a way to turn off Windows Defender remotely

Most modern Windows PCs rely on Microsoft Defender as their first line of defense against malware. Over the years, it has evolved into a capable and often underrated antivirus that blocks a wide range ...
CoinDesk

Sui-Based Yield Protocol Nemo Exploited for $2.4M in USDC

Crypto price rallies come and go, but some things never change — hacks. The latest victim? Nemo, a yield protocol based on the Sui blockchain. The protocol fell victim to a $2.4 million exploit on ...
Infosecurity-magazine.com

Malicious npm Packages Exploit Ethereum Smart Contracts

A malicious campaign targeting developers through npm and GitHub repositories has been uncovered, featuring an unusual method of using Ethereum smart contracts to conceal command-and-control (C2) ...
ConsumerAffairs

Hackers exploit Salesloft breach to steal cloud data

Experts warn stolen credentials could open the door to wider cyberattacks A major security breach at Salesloft, a company whose AI chatbot is widely used to generate sales leads, has turned into a far ...
AppleInsider

WhatsApp flaw paired with iOS 18 exploit delivered zero-click spyware

A new spyware campaign chained WhatsApp and a flaw in iOS 18.6 to expose users to a "zero-click" hack that required no interaction to compromise an iPhone. Apple had previously issued a fix for a ...