Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
The Hacker News

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...

Hackers Used New Exploit Kit to Compromise Thousands of iPhones

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced ...
The Hacker News

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

Iran-linked MuddyWater hackers breached U.S. networks with new Dindoor malware as regional cyber attacks escalate amid Middle ...

OpenClaw has yet another major security flaw - here's what we know about 'ClawJacked'

Don't leave your OpenClaw with an easy password ...

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...
Coinspeaker

iPhone Crypto Exploit Kit: Google Warns of ‘Coruna’ Seed Phrases Theft

The iPhone crypto exploit Coruna targets outdated iOS devices, stealing wallet seed phrases through compromised sites, enabling crypto theft.
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that ...
Security Boulevard

N8N: Shared Credentials and Account Takeover

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely ...
Silicon Republic

Major phishing operation disrupted in joint Europol action

Tycoon 2FA accounted for around 62pc of all phishing attempts blocked by Microsoft by mid-2025. A joint cybersecurity operation has disrupted one of the world’s largest phishing-as-a-service platforms ...
Security Boulevard

How Threat Actors Turned OpenClaw Into a Scraping Botnet

How did OpenClaw become botnet infrastructure so quickly? DataDome analyzes the hijacked AI agents scraping sites at scale ...