Zapier fixes bug chain that researchers say risked widespread account takeover
A five-step flaw chain in the popular automation service, now patched, could have let a single attacker act as any signed-in user across thousands of connected apps.
Advertisement
Showing 10 of 59 results
-
(Photo by Artur Widak/NurPhoto via Getty Images) Cybersecurity -
Threats Proving Identity in the age of agents
Eran Haggiag, CEO & Founder, Glide Identity
-
Anthropic’s Project Glasswing website is displayed on a smartphone screen in this photo illustration in Brussels, Belgium, on April 12, 2026. Governments and financial institutions are reviewing potential cybersecurity risks from the company’s advanced AI model, which has identified thousands of software vulnerabilities but is restricted over misuse concerns. (Photo Illustration by Jonathan Raa/NurPhoto via Getty Images) AI Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
Two reports from former high-level U.S. cyber officials and the UK government’s top AI research institution reveal how top defenders think about the tool’s hacking capabilities.
-
(Getty Images) Technology Ubiquiti defect poses account takeover risk for UniFi Networking Application users
The maximum-severity vulnerability, which hasn’t been exploited in the wild yet, affects software customers use to manage networking devices.
-
PALM BEACH, FLORIDA – NOVEMBER 18: A U.S. Secret Service robot dog manufactured by Boston Dynamics patrols the grounds at President-elect Donald Trump’s Mar-a-Lago resort on November 18, 2024 in Palm Beach, Florida. The incoming Trump administration continues to announce nominees to fill senior positions in his cabinet and government. (Photo by Scott Olson/Getty Images) Government U.S. robotics companies want federal help to keep Chinese robots out of America’s networks
Executives pressed Congress for a strategy as the market – and attack surface – continues to expand.
-
Authorities shut down LeakBase and seized its database and domains. A seizure notice is displayed on the site March 4, 2026. (Department of Justice) Threats Authorities from 14 countries shut down major cybercrime forum LeakBase
The marketplace was one of the world’s largest hubs for cybercrime with more than 142,000 members. Officials identified and arrested multiple suspects after seizing the site’s database.
-
(Getty Images) AI Predator bots are exploiting APIs at scale. Here’s how defenders must respond.
The rise of malicious bots is changing how the internet operates, underscoring the need for stronger safeguards that keep humans firmly in control. Bots now account for more than half of global web traffic, and a new class of “predator bots” has emerged, unleashing self-learning programs that adapt in real time, mimic human behavior, and […]
-
Microsoft seized the infrastructure used to run RedVDS, a cybercrime marketplace that facilitated thousands of attacks globally. (Courtesy of Microsoft) Cybersecurity Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace
The service became a prolific tool for cybercriminals in the past year, as it facilitated thousands of attacks involving credential theft, account takeovers, mass phishing and payment diversion fraud.
-
Getty Images Government DOJ announces takedown of alleged laundering platform used by cybercriminal groups
A Russian national was also indicted for running the platform.
-
(Getty Images) Research Hackers turn open-source AI framework into global cryptojacking operation
Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions into a global cryptojacking bot for profit, according to researchers at cybersecurity firm Oligo. The flaw exists in an Application Programming Interface for Ray, an open-source framework for automating, scaling and optimizing compute resources that Oligo researchers called “Kubernetes […]