SecurityWeek

900 Sangoma FreePBX Instances Infected With Web Shells

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

FBI arrests suspect linked to $46M crypto theft from US Marshals

A U.S. government contractor's son, accused of stealing more than $46 million in cryptocurrency from the U.S. Marshals ...

How a Brute Force Attack Unmasked a Ransomware Infrastructure Network

A routine RDP brute-force alert led to unusual credential hunting and a geo-distributed VPN-linked infrastructure. Huntress Labs explains how one compromised login unraveled a suspected ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
Opinion
PCMag on MSNOpinion

I Taught Myself to Use the Flipper Zero in an Hour, Then Hacked Everything in My Home

It looks like a cute little dolphin-themed toy, but the Flipper Zero is a surprisingly powerful learning tool for hacking. Here's how I mastered mine—and how you can, too.