Tycoon 2FA accounted for around 62pc of all phishing attempts blocked by Microsoft by mid-2025. A joint cybersecurity operation has disrupted one of the world’s largest phishing-as-a-service platforms ...

Security researchers at Google have exposed a powerful set of vulnerabilities for iOS called Coruna, which has hacked thousands of iPhone devices.A report from the Google Threat Intelligence Group ...

A hacktivist group claims to have breached the US Department of Homeland (DHS), having leaked what it says are stolen ...

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages ...

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced ...

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

A threat actor has weaponized Anthropic’s Claude Code to breach the Mexican government’s systems and steal over 150GB of data ...

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions ...

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

Over the course of nearly 300 posts, Jonathan Bennett set a very high bar for this column, so we knew it needed to be placed in the hands of somebody who could do it justice.

According to new technical analyses from Google and mobile security firm iVerify, Coruna's technical core comprises five complete exploit chains and 23 distinct iOS vulnerabilities that ...

Sophie Koonin discusses the realities of large-scale technical migrations, using Monzo’s shift to TypeScript as a roadmap.