Project Zero Exposes ASLR Bypass In Apple Serialization Flaw
Google Project Zero has revealed a new technique capable of bypassing Address Space Layout Randomization (ASLR) protections on Apple devices. The finding, published by security…
Month: September 2025
Dutch Teens Arrested for Allegedly Helping Russian Hackers
Two teenage boys were arrested in the Netherlands over suspicions of spying for pro-Russian hackers, Dutch authorities announced. The two 17-year-old boys were allegedly approached…
Hackers Weaponizing SVG Files to Deliver PureMiner Malware and Steal Sensitive Information
In recent weeks, a sophisticated phishing campaign has emerged, targeting organizations in Ukraine with malicious Scalable Vector Graphics (SVG) files designed to propagate the PureMiner…
Tile Tracking Tags Can Be Exploited by Tech-Savvy Stalkers, Researchers Say
Tile trackers, used to locate everything from lost keys to stolen pets, are used by more than 88 million people worldwide, according to Tile’s parent…
New Olymp Loader Malware-as-a-Service Promises Defender Bypass with Auto Certificate Signing
Olymp Loader, a newly emerged Malware-as-a-Service (MaaS) offering, has rapidly gained traction across underground forums and Telegram since its debut on June 5, 2025. Developed…
Windows Heap Exploitation Vulnerability With Record’s Size Field Leads to Arbitrary R/W
A critical vulnerability in Windows heap management demonstrates how improper handling of record-size fields enables arbitrary memory read and write operations. Suraj Malhotra shared a…
Formbricks Signature Verification Flaw Lets Attackers Reset User Passwords
A critical vulnerability in the open source Formbricks experience management toolbox allows attackers to reset any user’s password without authorization. Published three days ago as advisory GHSA-7229-q9pv-j6p4…
Harrods Data Breach Affects 430,000 Customer Records
Luxury department store Harrods recently disclosed a data breach, in which, hackers stole information linked to approximately 430,000 customer records. The Harrods data breach has…
Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization
A critical security flaw discovered in Formbricks, an open-source experience management platform, demonstrates how missing JWT signature verification can lead to complete account takeovers. The…
New ModStealer Evades Antivirus, Targets macOS Users to Steal Sensitive Data
A sophisticated new malware strain targeting macOS users has emerged, capable of bypassing traditional antivirus solutions while specifically targeting developers and cryptocurrency holders. The cross-platform…
Despite Russian Influence, Moldova Votes Pro-EU, Highlighting Future Election Risks
Despite Russian influence, Moldova votes Pro-EU, highlighting future election risks Pierluigi Paganini September 29, 2025 Moldova ’s deputy PM blames Russia for an election cyberattack,…
SUSE Rancher Flaws Allow Attackers to Lock Out Admin Accounts
A critical security vulnerability in SUSE Rancher Manager has been discovered that enables attackers with elevated privileges to lock out administrative accounts, potentially disrupting entire Kubernetes cluster…