Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
A critical vulnerability in libssh2 can allow remote attackers to corrupt heap memory and potentially execute code by sending specially crafted SSH packets to vulnerable…
A new phishing technique is abusing Outlook Groups and Microsoft 365 collaboration features to make malicious activity look like normal workplace communication. Instead of sending…
Tata Electronics has confirmed a cybersecurity incident after a data-extortion group claimed to leak more than 200,000 files allegedly stolen from the Indian electronics manufacturer,…
Security researcher Arvin Shivram earned $148,337 from Google after reporting two remote code execution chains and a follow-up privilege escalation issue in Google Cloud’s internal…
Two young men linked to the Scattered Spider cybercrime group have pleaded guilty to hacking Transport for London in an attack that disrupted digital services,…
A phishing operation known as CodeStorm is using compromised Microsoft 365 accounts to send convincing voicemail-themed emails and steal credentials from other Microsoft 365 users.…
A newly disclosed supply chain weakness called Cordyceps is putting code repositories and CI/CD pipelines at risk by turning normal automation workflows into paths for…
The FBI is warning internet users and businesses about cybercriminals using traffic distribution systems to silently redirect people to fraudulent websites, phishing pages, malware downloads,…
A macOS backdoor called FlutterShell is using Google’s Flutter framework and Apple’s WKWebView technology to make malicious apps look like normal productivity software. The malware…
A new ransomware family called Prinz Eugen is drawing attention because it encrypts recently modified files first and does not leave a ransom note on…
Microsoft has attributed the Mastra AI npm supply chain attack to Sapphire Sleet, a North Korean state-backed hacking group also known as BlueNoroff. The attack…
Hackers are actively exploiting a Gravity SMTP vulnerability that can expose sensitive WordPress site data without requiring a login. The flaw affects Gravity SMTP versions…
The Texas Parks and Wildlife Department has disclosed a major data breach involving a third-party license system vendor that handles hunting and fishing license sales.…
CISA has added a critical Splunk Enterprise vulnerability to its Known Exploited Vulnerabilities catalog after attackers began exploiting the flaw in real-world attacks. The deadline…
The Gentlemen ransomware operation is giving affiliates a growing set of tools designed to shut down endpoint security before data theft or encryption begins. The…