TeamPCP And BreachForums Promote $1,000 Contest For Supply Chain Attacks
TeamPCP and BreachForums are promoting a supply chain attack contest that offers $1,000 in Monero for the biggest open-source package compromise, according to new research…
News
Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
Critical Canon MailSuite Vulnerability Enables Remote Code Execution Attacks
Canon Marketing Japan has disclosed a critical vulnerability in GUARDIANWALL MailSuite that can let remote attackers execute arbitrary code on affected systems. The flaw, tracked…
Hackers Compromise Over 170 npm Packages In Shai-Hulud Supply Chain Attack
Hackers have compromised more than 170 npm packages and two PyPI packages in a new Shai-Hulud supply chain attack aimed at stealing developer credentials, cloud…
Anthropic’s Mythos AI Helps Researchers Find macOS Vulnerability Chain That Could Bypass Apple Security
Security researchers at Calif used techniques from Anthropic’s Mythos AI model to find a new macOS exploit chain that could bypass some of Apple’s strongest…
Microsoft Teams for Android Vulnerability Allows Local Spoofing Attacks
Microsoft has disclosed a spoofing vulnerability in Microsoft Teams for Android that could let an unauthorized local attacker manipulate trusted app elements and mislead users.…
Microsoft Releases KB5089549 for Windows 11 25H2 and 24H2 With Security Fixes and BitLocker Recovery Fix
Microsoft has released KB5089549 for Windows 11 version 25H2 and version 24H2. The cumulative update brings Windows 11 25H2 to OS Build 26200.8457 and Windows…
Google Adds New AI-Powered Android Protections Against Scams, Malware, and Theft
Google has announced a new wave of Android security and privacy features designed to stop scams, malicious apps, device theft, and data abuse before they…
Critical Exim GnuTLS Flaw Enables Remote Code Execution on Mail Servers
Exim has released a security update for a critical vulnerability that can allow unauthenticated remote attackers to corrupt memory and potentially execute code on affected…
iOS 26.5 Brings End-to-End Encrypted RCS Messaging Between iPhone and Android
Apple and Google have started rolling out end-to-end encrypted RCS messaging between iPhone and Android users. The feature arrives with iOS 26.5 and is available…
Critical SandboxJS Escape Flaw Allows Host Code Execution in Affected Apps
A critical vulnerability in SandboxJS can allow attacker-controlled JavaScript to escape the sandbox and execute code on the host system. The flaw is tracked as…
ClickFix Attacks Add PySoxy Proxy to Maintain Access After Initial Compromise
A ClickFix attack chain observed by ReliaQuest shows how the social engineering technique is evolving from a one-time user mistake into a more durable intrusion…
Fragnesia Linux Kernel Flaw Lets Local Attackers Gain Root Access
A newly disclosed Linux kernel vulnerability called Fragnesia can let local attackers escalate privileges to root on vulnerable systems. The flaw is tracked as CVE-2026-46300…
Foxconn Confirms Cyberattack After Nitrogen Ransomware Gang Claims 8TB Data Theft
Foxconn has confirmed that some of its North American factories suffered a cyberattack after the Nitrogen ransomware gang claimed it stole 8TB of data from…
How Top SOCs and MSSPs Stop Phishing Incidents Missed by Email Filters
Email filters remain a critical layer of defense, but they cannot stop every phishing attack. Modern campaigns often reveal the real threat only after a…
TanStack npm Packages Hit by Supply Chain Attack Targeting CI Credentials
TanStack has confirmed a major npm supply chain attack that pushed malicious versions of 42 packages under the @tanstack namespace. In total, 84 compromised package…