Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
Security Boulevard

How Threat Actors Turned OpenClaw Into a Scraping Botnet

How did OpenClaw become botnet infrastructure so quickly? DataDome analyzes the hijacked AI agents scraping sites at scale ...
The Hacker News

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...

Elon Musk testifies in Twitter shareholder trial

Tesla CEO accused of making false and misleading statements that drove down Twitter’s stock price before he bought the company ...

npmx.dev: New website for npm package search

The open-source project npmx is used for fast searching of npm packages. It focuses on UX, displays vulnerability warnings, and offers a dark mode.
Cybernews

AI agents are too easy to fool, with websites now littered with hidden “system override” commands

Researchers at Unit 42, a security arm of Palo Alto Networks, have documented real-world attacks, and they’re as dumb as it gets. Hidden text on websites simply asks AI to “ignore previous ...