The Hacker News

Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

Five fake Chrome extensions impersonate Workday and NetSuite to steal cookies, block admin controls, and hijack sessions for ...
CSO Online

Modular DS bug hands hackers instant WordPress admin access

Security researchers confirmed in-the-wild exploitations of the mx-severity flaw, allowing unauthenticated actors gain full ...

Scammers cost British Airways passenger £4k by cancelling booking out of spite

Exclusive: BA said tickets cancelled by fraudsters could not be reinstated, forcing couple to pay again for poorer seats ...
Dark Reading

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a ...

How a hacking campaign targeted high-profile Gmail and WhatsApp users across the Middle East

The phishing campaign targeted users on WhatsApp, including an Iranian-British activist, and stole the credentials of a ...
Microsoft

Phishing actors exploit complex routing and misconfigurations to spoof domains

Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, ...

4 in 5 small businesses had cyberattacks last year and almost half of those were AI powered

Cybercrime on small businesses is probably costing you: small businesses are raising prices to make up for losses ...
SecurityWeek

In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack

FortiSIEM vulnerability exploited, Sean Plankey renominated to become CISA director, Russia's Polish power grid attack.
DMNewsOpinion

When platforms make infrastructure your problem

Tension: Platforms profit from infrastructure while attempting to externalize operational costs onto the legitimate users who ...
Cloud Security Alliance

Reimagining the Browser as a Critical Policy Enforcement Point: A Zero Trust Security Architecture for Modern Enterprises

Explores turning the browser into a policy enforcement point within a Zero Trust framework, covering governance, MFA, device ...
Biometric Update

KYA emerges as essential tool to ensure agentic AI is trustworthy

As the agentic AI explosion of 2025 meets the concern of how to trust the machines we call AI, the question of the moment is ...