Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Tech Times

WordPress Email Plugin Flaw Triggers 17 Million Attacks: Gravity SMTP Leaks Live API Keys

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...
The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.
Phys.org

AI-designed protein unlocks virus-like shells that could reshape vaccine and drug delivery

An international research team led by a Korean scientist has succeeded in designing large-scale protein structures that faithfully replicate the self-assembly principles found in naturally occurring ...
CNET

Is That Call, Text or Email Real? Here’s How to Identify Scams

A suspicious username, often similar to a real username (like “contact12” for a scammer impersonating a company’s customer ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
TechRound

How Did Cybercriminals Use Fake New York Times Pages To Scam Users?

Researchers at Comparitech want to understand the systems working behind spam emails that promise some sort of reward, ...
TechCrunch

Scammers are abusing an internal Microsoft account to send spam links

For months, scammers have been taking advantage of a loophole that allows them to send spammy emails from an internal Microsoft email address typically used for sending legitimate account alerts. It’s ...
Cult of Mac

How to schedule texts and send messages later on iPhone

If you know how to schedule texts on iPhone, you can make sure you never forget to send a reminder, birthday greeting or early morning message for someone in a different time zone. You can schedule a ...