Laser Attack Resets Tangem Wallet Passwords on Cards That Can’t Be Patched

10/07/2026 0 Comments 0 tags

Researchers at Ledger’s Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card’s password to anything the

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

10/07/2026 0 Comments 0 tags

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary code execution

New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

10/07/2026 0 Comments 0 tags

The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON. Chinese cybersecurity company QiAnXin said that while the threat

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

10/07/2026 0 Comments 0 tags

A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to

Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking

10/07/2026 0 Comments 0 tags

Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install

Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

10/07/2026 0 Comments 0 tags

A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation’s inner workings: the hacking tools, the activity logs,

From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale

10/07/2026 0 Comments 0 tags

Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600 security leaders in the 2026 Axonius Actionability Report,

Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

10/07/2026 0 Comments 0 tags

A single wrong variable on one line in XQUIC, Alibaba’s QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There

Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks

10/07/2026 0 Comments 0 tags

A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware

Attackers Exploit ‘Ill Bloom’ Vulnerability to Drain $3.1 Million From Cryptocurrency Wallets

10/07/2026 0 Comments 0 tags

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words