Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users

Critical security flaws targeting Windows and Office users allow hackers to take complete control of a victim's computer by clicking a malicious link or opening a file. Patch now.
SecurityWeek

Claude Code Flaws Exposed Developer Devices to Silent Hacking

Vulnerabilities in Anthropic’s Claude Code tool could have allowed attackers to silently gain control of a developer’s ...
Graham Cluley

Smashing Security podcast #442: The hack that messed with time, and rogue ransom where negotiators

Time itself comes under attack as a state-backed hacking gang spends two years tunnelling toward a nation’s master clock — with chaos potentially only a tick away. Plus when ransomware negotiators ...
Bleeping Computer

Hackers exploit auth bypass in Service Finder WordPress theme

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. Administrator privileges in ...
Graham Cluley

Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts

A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral ...

Texas sues TP-Link over Chinese hacking risks, user deception

Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while ...