Researchers at Pen Test Partners successfully bypassed Azure’s MFA requirement for SSO by changing the user-agent of a browser. They used a browser that resembled Chrome on Linux but encountered an error message stating MFA was required.

Cuckoo employs deceptive tactics, claiming to convert Spotify music to MP3 format while actually stealing sensitive data like passwords, browsing history, cryptocurrency wallet details, and more.

The website Spy.pet has been involved in a major privacy breach, selling billions of private messages from Discord users. This breach exposes personal information, private photos, financial details, and potentially company secrets.

Androxgh0st operators are exploiting multiple CVEs, including CVE-2021-3129 and CVE-2024-1709 to deploy a web shell on vulnerable servers, granting remote control capabilities. Evidence also suggests active web shells associated with CVE-2019-2725.

Cybersecurity researchers from Bitdefender discovered critical vulnerabilities in LG TVs running webOS versions 4 through 7. These vulnerabilities could allow attackers to gain complete control over the TV, steal data, or install malware.

Cybersecurity researchers at Netenrich have uncovered a new ransomware group called Red Ransomware Group (Red CryptoApp). This group operates differently from typical ransomware outfits, adding a twist to their extortion tactics.

Atraf, a popular Israeli LGBTQ dating app, has suffered a major data breach exposing the personal information of over half a million users. Leaked data includes cleartext passwords and payment card data.

According to researcher Jeremiah Fowler, the server was affiliated with OTrack, also known as Optimum Pupil/Sonar Tracker, developed by Juniper Education. OTrack is utilized by over 7,000 primary and secondary schools across the United Kingdom.

Cybercriminals now repurpose devices like Raspberry Pi into ‘plug-and-play’ weapons for digital fraud. GEOBOX's capabilities are even more sophisticated, enabling manipulation of GPS, network simulation, Wi-Fi mimicry, and anti-fraud filter evasion.

Cybersecurity researchers at the Synopsys Cybersecurity Research Center (CyRC) have uncovered vulnerabilities within the Zephyr OS network stack, potentially leaving connected devices susceptible to IP spoofing (or IP address spoofing) attacks.