Majority of Kelp DAO exploit funds moved through THORChain

A major regulatory or security event shuts down THORChain liquidity or forces a protocol pause, crushing usage and fees. Aave ...
SecurityWeek

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.

CISA orders feds to patch BlueHammer flaw exploited as zero-day

CISA has ordered U.S. federal agencies to patch a Microsoft Defender privilege escalation flaw (dubbed BlueHammer) that has ...

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

Cybercriminals are tricking AI into leaking your data, executing code, and sending you to malicious sites. Here's how.
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
Dark Reading

Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia

The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and ...
Hackaday

Encrypting Encrypted Traffic To Get Around VPN Bans

VPNs, Virtual Private Networks, aren’t just a good idea to keep your data secure: for millions of people living under ...