Zeljka Zorz
Security gap in Perplexity’s Comet browser exposed users to system-level attacks
There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s …
MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices
A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. …
Public PoC exploit for 7-Zip vulnerability is available (CVE-2025-11001)
NHS England Digital, the technology arm of the publicly-funded health service for England, has issued a warning about a 7-Zip vulnerability (CVE-2025-11001) being exploited by …
Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034)
Attackers are actively exploiting another FortiWeb vulnerability (CVE-2025-58034) that Fortinet fixed without making its existence public at the time. About CVE-2025-58034 …
Internet slowly recovers after far-reaching Cloudflare outage
A currently undisclosed issue has crippled Cloudflare’s network and has rendered a large swathe of internet’s most popular sites and services temporily …
Google patches yet another exploited Chrome zero-day (CVE-2025-13223)
Google has shipped an emergency fix for a Chrome vulnerability (CVE-2025-13223) reported as actively exploited in the wild by its Threat Analysis Group (TAG). About …
Logitech confirms data breach
Logitech, the Swiss multinational electronics and technology company best known for marketing computer peripherals and hardware, has suffered a data breach. “While the …
Five men admit helping North Korean IT workers infiltrate US companies
US federal prosecutors have secured guilty pleas from five men who helped North Korean IT workers get hired by companies in the United States. This group of domestic …
Chinese cyber spies used Claude AI to automate 90% of their attack campaign, Anthropic claims
Anthropic threat researchers believe that they’ve uncovered and disrupted the first documented case of a cyberattack executed with the help of its agentic AI and minimal …
A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn
A suspected (but currently unidentified) zero-day vulnerability in Fortinet FortiWeb is being exploited by unauthenticated attackers to create new admin accounts on …
Fake spam filter alerts are hitting inboxes
A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning. The emails The bogus email alerts look …
“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and …
Featured news
Resources
Don't miss
- Smart grids are trying to modernize and attackers are treating it like an invitation
- A day in the life of the internet tells a bigger story
- AI vs. you: Who’s better at permission decisions?
- Massive gambling network doubles as hidden C2 and anonymity infrastructure, researchers say
- Portmaster: Open-source application firewall