Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to downgrade Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed company login portals.FIDO keys are hardware- or software-based authenticators designed to eliminate phishing by binding logins to specific domains using public-private key

Headline

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

The Hacker News: Latest News