Latest

Microsoft Discloses ‘Sploitlight’ Vulnerability Affecting macOS Microsoft has disclosed details of a now-patched vulnerability in macOS that could have allowed attackers to bypass Apple’s Transparency, Consent, and Control (TCC) protections and steal sensitive user data—including cached Apple Intelligence content. TCC is the security framework in macOS responsible for

More than 200,000 WordPress websites are running a vulnerable version of the Post SMTP plugin, exposing them to the risk of administrator account takeovers. Post SMTP is a widely used email delivery plugin, with over 400,000 active installations. Promoted as a more reliable alternative to WordPress’s default

A critical remote code execution (RCE) vulnerability has been discovered in LG surveillance cameras—but no fix is coming. The flaw, which allows attackers to gain administrative control, affects thousands of devices worldwide and is being actively highlighted by security experts and government agencies. CISA Issues Warning Last week, the

A critical Windows vulnerability affecting dozens of Microsoft products has been patched with help from Positive Technologies’ research team. The flaw—tracked as CVE-2025-47955 and rated 7.8 on the CVSS scale—was discovered by Sergey Bliznyuk, a specialist with the PT SWARM vulnerability research unit. Vulnerability Overview CVE-2025-47955 impacted

Kristopher Dallmann, the founder of the pirate streaming platform Jetflicks, has been sentenced to seven years in federal prison. Despite maintaining his innocence, Dallmann faced charges ranging from conspiracy and copyright infringement to money laundering. Jetflicks: A 12-Year Piracy Operation Jetflicks operated from 2007 until its shutdown by the FBI

Researchers at Kaspersky Lab have uncovered a new threat actor—FunkSec—believed to be among the first to deploy large-scale, AI-assisted ransomware operations. Active since late 2024, FunkSec is notable for its aggressive tactics, high automation, and use of generative AI to develop its malware. Distinct Characteristics FunkSec’s operations

Ring users are raising alarms after receiving unauthorized login alerts, all dated May 28, 2025. Despite growing concerns, Amazon-owned Ring insists the issue stems from a backend bug—not a breach. Over the past week, numerous users reported receiving notifications that their accounts had been accessed from unfamiliar devices across