W3 Total Cache WordPress plugin vulnerable to PHP command injection

WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.

New WrtHug campaign hijacks thousands of end-of-life ASUS routers

Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called ...

Russian bulletproof hosting provider sanctioned over ransomware ties

Today, the United States, the United Kingdom, and Australia announced sanctions targeting Russian bulletproof hosting (BPH) ...

CISA gives govt agencies 7 days to patch new Fortinet flaw

CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet's ...

Google Search is now using AI to create interactive UI to answer your questions

In a move that could redefine the web, Google is testing AI-powered, UI-based answers for its AI mode. Up until now, Google ...

Google's Gemini 3 is living up to the hype and creating games in one shot

Google's Gemini 3 is finally here, and we're impressed with the results, but it still does not adhere to my requests as well ...

California man admits to laundering crypto stolen in $230M heist

A 45-year-old from Irvine, California, has pleaded guilty to laundering at least $25 million stolen in a massive $230 million ...

Cloudflare blames this week's massive outage on database issues

On Tuesday, Cloudflare experienced its worst outage in 6 years, blocking access to many websites and online platforms for ...

Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters

An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation.

OpenAI says its latest GPT-5.1 Codex can code independently for hours

In a post on X, OpenAI confirmed that GPT 5.1-Codex-Max can work independently for hours. Unlike GPT-5.1, which is optimized for research, normal interaction, generating images, etc, Codex is tailored ...

The Tycoon 2FA Phishing Platform and the Collapse of Legacy MFA

Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a ...

Sneaky2FA PhaaS kit now uses redteamers' Browser-in-the-Browser attack

Sneaky2FA, a popular among cybercriminals phishing-as-a-service (PhaaS) kit, has added Browser-in-the-Browser (BitB) capabilities, giving "customers" the option to launch highly deceptive attacks.