Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking

Chrome’s DBSC update binds login sessions to user devices, making stolen session cookies harder to reuse in account hijacking ...

Chrome stops hackers from stealing your browser cookies now - how its new security feature works

Now available for all Windows users, Chrome's security feature will thwart attackers who try to impersonate you by using your ...

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...

Education system under threat? Questions raised over CBSE marking system after glitch found

Cybersecurity researcher Nisarga Adhikary, 19, claimed a CBSE test portal had a master password that bypassed OTPs, letting users alter student marks. CBSE denied any main system breach, stating the ...
InfoWorld

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
Dark Reading

Fake Android Apps Commit Carrier Billing Fraud for Premium Services

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.
Windows Report

Tycoon2FA Returns With New Microsoft 365 Device-Code Phishing Attacks

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
MacRumors

Apple Releases Safari Technology Preview 234 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March 2016. Apple designed ‌Safari Technology Preview‌ to allow users to test ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.