Cyber Security

Hewlett-Packard Enterprise (HPE) is warning of hardcoded credentials in Aruba Instant On Access Points that allow attackers to bypass normal device authentication and access the web interface. Aruba Instant On …

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. …

Popular JavaScript libraries were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. The npm package eslint-config-prettier, downloaded over …

GPT-5 might be just a few days or weeks away, as we've spotted references to a new model called gpt-5-reasoning-alpha-2025-07-13. As spotted on X, OpenAI is testing a model called …

AI companies could soon disrupt the education market with their new AI-based learning tools for students. BleepingComputer recently reported that OpenAI is working on a Study Together feature for ChatGPT. …

China's Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's used by law enforcement …

UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat …

Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with …