Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication.

Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact

Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact ...

CyberStrikeAI tool adopted by hackers for AI-powered attacks

Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

A bug in Google Chrome's Gemini AI feature could expose your data or allow attackers to monitor you. Here's how to stay protected.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
PCMag

This iOS 'Exploit' Kit Can Hack Vulnerable iPhones Using 23 Different Attacks

Security researchers discover the 'Coruna' exploit kit running over malicious Chinese websites that were able to secretly hack vulnerable iPhones running iOS 13 to 17.2.1.