CSO Online

6 ways attackers abuse AI services to hack your business

As enterprises rely more heavily on AI technologies and services, attackers’ living-off-the-land techniques have evolved to ...

Axios npm hack used fake Teams error fix to hijack maintainer account

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
CoinDesk

Here's what 'cracking' bitcoin in 9 minutes by quantum computers actually means

Google's quantum paper made headlines with that number. Here's what it means, what's actually at risk, and why 6.9 million ...
CoinDesk

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

The exploit did not involve a bug in Drift's code. It used "durable nonces," a legitimate Solana transaction feature, to pre-sign administrative transfers weeks before executing them, bypassing the ...