236 article(s)
A devastating security flaw at Moltbook has revealed sensitive data for over a million users, exposing the platform’s bot-infested growth and leaving credentials wide open to attackers. No fix is in sight.
A fraudulent AI coding assistant extension on the official VS Code Marketplace masqueraded as Moltbot, delivering malware and exposing critical security risks in popular AI integrations.
Cal.com, a leading open-source scheduling platform, recently patched critical vulnerabilities that permitted account takeovers and exposed private booking data. An AI-powered security tool uncovered the flaws, highlighting the persistent dangers of broken access controls in modern web applications.
Microsoft’s deprecation of SMTP AUTH in Exchange Online is forcing organizations to migrate to modern authentication or risk disruption and cyber threats. Find out what you need to do before the deadline.
A logic flaw in Cal.com's signup flow allowed attackers to take over user accounts and access private bookings, while API misconfigurations exposed sensitive data. The vulnerabilities have since been patched, but the incident highlights the ongoing risks in open-source infrastructure.
Microsoft accidentally routed test email traffic for the reserved example.com domain to a Japanese electronics company, exposing a critical slip in Internet hygiene. Discover how this happened and what it signals for cloud security.
Okta is the gatekeeper for many organizations, but even small missteps in security settings can open the door to attackers. Learn about six crucial configurations that are often missed—and how to audit your Okta setup for hidden vulnerabilities.
When Estonian scooter company Äike went under, it left behind more than just hardware—every scooter could be unlocked with a universal, hardcoded key. This investigation reveals how a single oversight became a security nightmare for riders worldwide.
TikTok has struck a dramatic deal to continue operating in the U.S., selling a majority stake to American investors and placing user data under Oracle’s control. But is this enough to resolve national security concerns, or just a high-tech sleight of hand?
Twin critical vulnerabilities in Chainlit, the popular AI app framework, have enabled hackers to infiltrate cloud environments and steal secrets. Here’s how the attack works—and what you need to do now.