According to Socket, the extensions (complete list here) are published under five distinct publisher identities – Yana ...

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...

A now corrected issue let researchers circumvent Apple’s restrictions and force the on-device LLM to execute ...

Threat actors have started exploiting CVE-2026-21643, a critical vulnerability in Fortinet FortiClient EMS leading to remote ...

iPhone users should be on alert: DarkSword spyware has been posted in the wild. Credit: Cheng Xin/Getty Images DarkSword, the web-based hacker tool that can be used to steal data from millions of ...

A hot potato: For more than a decade, the Xbox One stood as a remarkable exception in console security – a machine long considered impervious to hacking attempts. That reputation is now over. At the ...

Qualcomm confirmed that fixes for the GBL exploit were provided to Android device makers earlier this month. The exploit, discovered by Xiaomi ShadowBlade Security Lab, was a key component in ...

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...

A new Qualcomm GBL exploit is reportedly affecting Qualcomm SoCs, mainly the latest Snapdragon 8 Elite Gen 5. This enables bootloader unlocking on flagship phones that were previously difficult to ...

Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of ...

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an ...