Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files

Researchers say a vulnerability in Perplexity’s Comet AI browser could expose local files and credentials through malicious ...
siege

Players have found an exploit to display pictures in Rainbow Six Siege's Test Server

Remember when players found a way to display the image of a chicken in Rainbow Six Siege matches? Well, we may be in front a very similar situation, this time in Rainbow Six Siege's Test Server for ...
The Hacker News

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The ...
Dark Reading

Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot

A critical security vulnerability in a Voice over Internet Protocol (VoIP) phone deployed in small and midsized businesses (SMBs), hotels, call centers, and other organizations globally has ...
Tech Digest

Dark web marketplace exploits stolen air miles for pennies, investigation shows

Cybercriminals have found a lucrative niche in the shadow economy by trading stolen air miles for as little as 56p. A new investigation by NordVPN and travel eSIM provider Saily has exposed a massive ...
Searchenginejournal.com

WooCommerce WordPress Plugin Exploit Enables Fraudulent Charges

The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...
World Socialist Web Site

New Zealand government exploits Auckland fire to slander striking firefighters

New Zealand’s National Party-led government has seized on a fire that broke out in Auckland during a brief firefighters’ strike on January 9 to escalate a vicious propaganda campaign against the ...
CoinTelegraph

Trust Wallet will cover $7M lost in Christmas Day hack, CZ says

The malicious Trust Wallet extension has also been exporting users’ personal information, pointing to potential insider activity, according to cybersecurity company SlowMist. Trust Wallet users lost ...
IEEE

A Web Protection Model Against Internationalized Domain Name Homograph Exploits

Abstract: Internationalized Domain Names (IDNs) enhance global accessibility by supporting Unicode characters in web addresses. However, this capability introduces new security vulnerabilities, ...
Ars Technica

Fraudulent gambling network may actually be something more nefarious

A sprawling infrastructure that has been bilking unsuspecting people through fraudulent gambling websites for 14 years is likely a dual operation run by a nation-state-sponsored group that is ...
CoinDesk

Balancer DAO Starts Discussing $8M Recovery Plan After $110M Exploit Cut TVL by Two-Thirds

Weeks after suffering a major exploit that drained over $110 million from its Balancer v2 vaults, Balancer DAO has begun discussing a plan to distribute roughly $8 million in recovered assets to ...
ExtremeTech

Microsoft Rolls Out Emergency Windows Server Update Following WSUS Exploits

Microsoft has released an emergency out-of-band security update for Windows Server to address a probable remote code execution vulnerability tracked as CVE-2025-59287. The issue affects the Windows ...