https://www.sygnia.co/threat-reports-and-advisories/weaver-ant-tracking-a-china-nexus-cyber-espionage-operation Sophisticated Espionage Campaign Exploits Vulnerable Home Routers Cybersecurity researchers from Sygnia have uncovered a sophisticated four-year cyber...
https://www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records Threat Actor Offers Stolen Data on Hacking Forum, Seeks Ransom or Zero-Day Exploits Oracle has firmly denied allegations of a data breach after...
https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware A critical vulnerability, CVE-2025-29927, has been discovered in the Next.js web development framework, enabling attackers to bypass authorization checks. This flaw allows malicious...
https://www.itnews.com.au/news/over-200000-mygov-users-disable-passwords-in-passkey-shift-615664 Over half a million myGov users have adopted passkeys as their login method since the feature launched in June 2024, with over 200,000 users exclusively relying on...
https://www.bleepingcomputer.com/news/security/fake-security-alert-issues-on-github-use-oauth-app-to-hijack-accounts A widespread phishing campaign is targeting GitHub users with fake “Security Alert” issues, attempting to trick them into authorizing a...
