Feds take notice of iOS vulnerabilities exploited under mysterious circumstances

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

AnthropicとMozillaが連携、Claude Opus 4.6がFirefoxで100件超のバグをわずか2週間で発見しそのうち14件は高深刻度

AnthropicのFrontier Red TeamとMozillaがAIを用いた脆弱(ぜいじゃく)性検出に関する連携を行い、Claude Opus 4.6がわずか2週間の調査でFirefoxについて計112件の報告を提出し、その中から22件の脆弱性が確認されたことを報告しました。この成果は、AIが大規模なコードベースの安全性を極めて高い速度で検証し、強化できる可能性を実証するものです。

iPhone Users At Serious Risk As Government-Grade Hacking Toolkit Has Fallen Into Hands Of ...

A sophisticated toolkit capable of silently breaking into iPhones has migrated from the hands of a government-linked surveillance vendor to those of criminal hackers, security researchers warned this ...
InfoWorld

Three web security blind spots in mobile DevSecOps pipelines

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile ...
Coinspeaker

iPhone Crypto Exploit Kit: Google Warns of ‘Coruna’ Seed Phrases Theft

The iPhone crypto exploit Coruna targets outdated iOS devices, stealing wallet seed phrases through compromised sites, ...