Feds take notice of iOS vulnerabilities exploited under mysterious circumstances

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
InfoWorld

Three web security blind spots in mobile DevSecOps pipelines

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile ...
Coinspeaker

iPhone Crypto Exploit Kit: Google Warns of ‘Coruna’ Seed Phrases Theft

The iPhone crypto exploit Coruna targets outdated iOS devices, stealing wallet seed phrases through compromised sites, ...

ClaudeがFirefoxの脆弱性22件を発見、Mozillaと共同調査 セキュリティ ...

AnthropicとMozillaの共同調査で、AIモデル「Claude Opus 4.6」がFirefoxから22件の脆弱性を見つけた。厳しく検証されてきたソフトでもAIが新たな弱点を洗い出せる可能性を示した一方、攻撃より防御での実用性が先行している点も注目される。

iPhone Users At Serious Risk As Government-Grade Hacking Toolkit Has Fallen Into Hands Of ...

A sophisticated toolkit capable of silently breaking into iPhones has migrated from the hands of a government-linked surveillance vendor to those of criminal hackers, security researchers warned this ...