Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers

DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints

Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited, could allow websites to access a user's entire cloud storage content, as opposed to just the files selected for upload via the tool.
"This stems from overly broad OAuth scopes and misleading consent screens that fail to clearly explain the extent of access being granted,

Headline

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File

The Hacker News: Latest News