CSO Online

New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Microsoft uncovers a months-long campaign where threat actors used OpenAI’s legitimate API as a covert command-and-control ...
ZDNet

This new Android exploit can steal everything on your screen - even 2FA codes

Pixnapping could be used to steal private data, including 2FA codes. Side-channel attack abuses Google Android APIs to steal data on display. Flaw is partially patched, although a more complete fix is ...
CoinTelegraph

Trader loses $21M on Hyperliquid after private key leak: How to be protected

On Thursday, a single user on the decentralized trading platform Hyperliquid lost about $21 million after a private key leak led to an exploit involving the platform’s Hyperdrive lending protocol.
Seeking Alpha

ACATS fraud on the rise as criminals exploit brokerage transfer system

Regulators are warning about a surge in a type of crime known as ACATS fraud, where thieves use the brokerage industry’s Automated Customer Account Transfer Service to steal investor assets, the New ...
The Verge

Unity discloses a years-old security exploit and urges developers to update their games

Unity has fixes ready to go, and Valve has released an updated version of Steam, too. Unity has fixes ready to go, and Valve has released an updated version of Steam, too. is a senior reporter ...
The Escapist

Unity Engine exploit dating from 2017 sparks emergency patches across gaming industry

A major security vulnerability affecting Unity engine versions dating back to 2017 has triggered emergency patches across the gaming industry on October 3, with both indie and AAA developers rushing ...
New Republic

Trump Press Sec’s Vile New Effort to Exploit Mormon Shooting Backfires

TNR’s Greg Sargent takes a critical look at the day’s political news and the stories leading NewRepublic.com, and speaks to leading journalists and newsmakers.
TechRadar

US federal agency breached by hackers using GeoServer exploit, CISA says

Attackers exploited a critical GeoServer flaw to breach a US federal agency in July 2024 China Chopper web shell enabled remote access and lateral movement across compromised systems CISA urges timely ...
PBS

How ‘SIM farms’ like the one found near the UN could collapse telecom networks

NEW YORK (AP) — The U.S. Secret Service has found and is quietly dismantling a massive network of “SIM farms” across the New York area just as world leaders gather for meetings at the United Nations.
Wired

‘SIM Farms’ Are a Spam Plague. A Giant One in New York Threatened US Infrastructure, Feds Say

The recent discovery of a sprawling SIM farm operation in the New York City area has revealed how these facilities, typically used by cybercriminals to flood phones with spam calls and texts, have ...
The Conversation

Some new drugs aren’t actually ‘new’ – pharmaceutical companies exploit patents and raise prices for patients, but data transparency can help protect innovation

Lucy Xiaolu Wang does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond ...
Gulf News

UAE Cyber Council warns: 98% of cyberattacks exploit human weaknesses

Abu Dhabi: The UAE Cyber Security Council has warned that social engineering—attacks that exploit human weaknesses rather than technical vulnerabilities—is used in nearly 98 per cent of cyberattacks.