News

OpenAI may be testing a cheaper paid plan for ChatGPT

OpenAI is reportedly working on a new plan called 'Go,' which would be cheaper than the existing $20 Plus subscription.

Pi-hole discloses data breach via GiveWp WordPress plugin flaw

Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a ...

Pwn2Own hacking contest pays $1 million for WhatsApp exploit

The Zero Day Initiative is offering a $1 million reward to security researchers who will demonstrate a zero-click WhatsApp ...

Kali Linux can now run in Apple containers on macOS systems

Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple ...

Microsoft to disable Excel workbook links to blocked file types

Microsoft has announced that it will start disabling external workbook links to blocked file types by default between October ...

Spikes in malicious activity precede new security flaws in 80% of cases

Researchers have found that in roughly 80% of cases, spikes in malicious activity like network reconnaissance, targeted ...

Microsoft now pays up to $40,000 for some .NET vulnerabilities

Microsoft has expanded its .NET bug bounty program and increased rewards to $40,000 for some .NET and ASP.NET Core ...

Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds

ClickFix abuses clipboards. FileFix hijacks File Explorer. Both social engineering attacks start in the browser—and end in ...

AI-powered Cursor IDE vulnerable to prompt-injection attacks

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges.

CISA open-sources Thorium platform for malware, forensic analysis

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced the public availability of Thorium, an ...

Microsoft: Russian hackers use ISP access to hack embassies in AiTM attacks

Microsoft warns that a cyber-espionage group linked to Russia's Federal Security Service (FSB) is targeting diplomatic ...

Hackers target Python devs in phishing attacks using fake PyPI site

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing ...