Dark Reading

Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing

In embracing device code phishing, attackers trick victims into handing over account access by using a service's legitimate ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

This new tool can steal your passwords and info – even with 2FA enabled

A new infostealer is raising alarms by targeting browser data in a way that can undermine modern protections, including ...