In this world, the hackers have a significant advantage, having access to a large variety of permissions that the anti cheat do not. Initially we modified the anti cheat checks directly but in recent ...

CVE-2025-12735 in expr-eval allows remote code execution via unsafe input evaluation Vulnerable versions ≤2.0.2; patched in 2.0.3 and forked in expr-eval-fork 3.0.0 Developers should sanitize ...

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential ...

REDCap with EM Framework v14 support. Configuration data from version 1 of this module will be automatically converted to the new configuration model used by version 2. Warning: Once upgraded, there ...

Hackers are hosting fake invoices on Google Apps Script, experts warn The invoices are sent via email Victims are redirected to a fake Microsoft 365 login page Threat actors have been seen abusing ...

This blogpost introduces an operation that we named RoundPress, targeting high-value webmail servers with XSS vulnerabilities, and that we assess with medium confidence is run by the Sednit ...

The big picture: Doom, the original first-person shooter for DOS by id Software, was released in 1993. Despite being over 30 years old, the game continues to inspire resourceful (and somewhat crazy) ...

A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing existing protections against these ...

In this blogpost we discuss an uncommon type of phishing campaign targeting mobile users and analyze a case that we observed in the wild that targeted clients of a prominent Czech bank. This technique ...

IBM Security has dissected some JavaScript code that was injected into people's online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide ...

Tor Browser is an internet browser that focuses entirely on user privacy and security. The browser's particular focus is to protect users from having their internet history analysed for information on ...