New GoGra malware for Linux uses Microsoft Graph API for comms

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy ...

Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain

A Vercel employee's AI tool OAuth grant gave attackers access to internal systems via a four-hop kill chain. Here's what ...
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

How A Roblox Cheat Download Triggered A $2 Million Hack At Vercel

How A Roblox Cheat Triggered A $2 Million Breach At Vercel. Why The Vercel Incident Changes The Economics Of Enterprise AI ...

App host Vercel says it was hacked and customer data stolen

Vercel blamed its breach on an earlier hack at Context AI, which allowed hackers to hijack a Vercel employee's account to ...
CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects ...
CoinDesk

The $292 million Kelp exploit: how it happened, and what it means for DeFi

DeFi's "worst year in terms of hacks," Ledger's CTO said, as the Kelp exploit shows how a single point of failure can cascade ...
WFMZ-TV

Roblox denies lawsuit allegations of enabling predator to exploit Bucks County teen

BUCKS COUNTY, Pa. - A Bucks County family has filed a federal lawsuit against the online gaming giant Roblox. They claim the platform enabled a sexual predator to target and exploit their then 13-year ...
CoinTelegraph

Drift Protocol says deposits and withdrawals suspended amid active attack

A threat researcher estimates the exploit could reach $200 million and may be linked to a compromised private key. Drift Protocol, a decentralized cryptocurrency exchange (DEX), detected unusual ...
CSOonline

APIs are the new perimeter: Here’s how CISOs are securing them

Today’s attack surface is shifting from the endpoint to the API, and AI and third-party SaaS are worsening the issue. CISOs offer advice for API defense. Recent breaches suggest attackers are shifting ...
Reuters

Iran-linked hackers breach FBI director's personal email, publish photos and documents

WASHINGTON, March 27 (Reuters) - Iran-linked hackers have broken into FBI Director Kash Patel's personal email inbox, publishing photographs of the director and other documents to the internet, the ...