Proofpoint researchers have identified a sophisticated downgrade attack that could bypass FIDO-based authentication, exposing targets to adversary-in-the-middle (AiTM) threats.These are some of the key findings the researchers found: Despite the lack of observed use by threat actors, Proofpoint considers FIDO

Mozilla has fixed several high-severity security bugs with the release of Firefox 142, preventing attackers from remotely executing code of their choosing on affected systems. The security advisory, published on August 19, 2025, reveals nine distinct vulnerabilities ranging from sandbox

Apple has released an urgent security patch for iOS and iPadOS to address a critical zero-day vulnerability. This vulnerability, identified as CVE-2025-43300, has been confirmed to be actively exploited in highly targeted attacks. The urgent patches, released as iOS 18.6.2

A cybersecurity expert has identified zero-day vulnerabilities affecting eleven popular password managers, potentially putting tens of millions of users at risk of credential theft with a single malicious click. An innovative attack strategy, known as “DOM-based Extension Clickjacking,” marks a

Browsing the dark web can reveal disturbing and alarming ads for those involved in cybersecurity. Recently, we noticed a post offering a zero-day exploit, an extremely dangerous type of tool, for sale. The ad, from a user with the handle

An Initial Access Broker is selling access to Nike USA servers on a popular underground forum. A recent post on a dark web forum has raised new concerns about the security of large international companies. An Initial Access Broker (IAB),