Security researchers from Lookout, iVerify and Google’s Threat Intelligence Group (GTIG) have uncovered a new advanced iOS exploit kit dubbed DarkSword. This browser-based attack chain targets iPhones running vulnerable builds of iOS 18.4–18.7 and can grant attackers full device compromise after a single visit to a malicious or compromised website in Safari. DarkSword exploit kit: … Read more
A recently observed Magecart web skimming campaign demonstrates how modern attackers can steal payment card data without ever modifying the target application’s source code. The malicious JavaScript payload is hidden inside the EXIF metadata of a dynamically loaded favicon and executed entirely in the shopper’s browser at checkout, rendering traditional repository and static code scanners … Read more
Researchers from LayerX have presented a new prompt injection technique that targets browser-integrated AI assistants by abusing custom fonts. The method allows attackers to hide a malicious command in plain sight on a web page so that the human user sees the real, dangerous instruction, while the AI assistant only processes a harmless decoy. The … Read more
Apple has silently closed a critical browser engine vulnerability using its new Background Security Improvements (BSI) mechanism, delivering the patch to supported iPhone, iPad and Mac devices without requiring a full operating system update or reboot. The issue affected the WebKit engine used by Safari and all in-app browsers on Apple platforms, making rapid remediation … Read more
Recent research by Eclypsium has revealed a cluster of nine security vulnerabilities in popular low‑cost IP KVM devices, priced roughly between 30 and 100 USD. These remote management tools operate at the BIOS/UEFI level, giving administrators full console access to servers before the operating system loads. In several cases, the flaws allow unauthenticated attackers to … Read more
The Qualys Threat Research Unit (TRU) has disclosed nine vulnerabilities in the Linux kernel’s AppArmor security module, collectively dubbed CrackArmor. These flaws allow unprivileged users to bypass AppArmor protections, escalate privileges to root, and break container isolation, posing a significant risk to enterprise and cloud environments that rely on AppArmor as a core defense layer. … Read more
Japan has approved a landmark change to its national cybersecurity policy: from 1 October 2025, the Self-Defense Forces (SDF) and national police will be allowed to conduct offensive cyber operations against infrastructure used to launch attacks on Japanese targets. This move marks a transition from a purely defensive stance to a strategy of proactive cyber … Read more
Digg, once a flagship of the early social web, has paused operations again — this time only two months after launching an open beta of its relaunched platform. The company has announced a “hard reset”: operations are frozen, staff cuts are planned, and the site has been deactivated. The primary trigger was a massive wave … Read more
Microsoft threat intelligence has identified a targeted campaign by the group Storm-2561 that abuses search engines and fake corporate VPN download pages to distribute the Hyrax infostealer. The operation specifically targets organizations relying on remote access solutions from Ivanti, Cisco, Fortinet and other major VPN and firewall vendors, putting corporate networks at risk of covert … Read more
Artificial intelligence is quickly becoming a core layer of enterprise infrastructure, yet its security posture is far behind its adoption curve. According to the AI and Adversarial Testing Benchmark Report 2026 by Pentera, most Chief Information Security Officers (CISOs) are trying to protect AI systems with legacy tools and methods that were never designed for … Read more
