The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...

Violent online groups like 764 are threatening teen lives. Here’s how to protect your kid

Teens across America are being recruited, groomed and extorted by network of online predators known as 764 that specializes ...

How to Spot a Browser-in-the-Browser Phishing Attack

One particularly sneaky scam is a browser-in-the-browser (BitB) attack, in which threat actors create a fake browser window that looks like a trusted single sign-on (SSO) login page within a real ...
The Hacker News

A Browser Extension Risk Guide After the ShadyPanda Campaign

Learn how the ShadyPanda campaign turned trusted browser extensions into spyware and the steps security teams can take to reduce extension risk.

2025’s Top Phishing Trends and What They Mean for Your Security Strategy

Phishing attacks in 2025 increasingly moved beyond email, with attackers using social platforms, search ads, and ...
Hackaday

It Only Takes A Handful Of Samples To Poison Any Size LLM, Anthropic Finds

It stands to reason that if you have access to an LLM’s training data, you can influence what’s coming out the other end of ...