The Hacker News

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

A newly patched SmarterMail flaws is being exploited in the wild, allowing attackers to reset admin passwords and gain SYSTEM ...
Tech Digest

Dark web marketplace exploits stolen air miles for pennies, investigation shows

Cybercriminals have found a lucrative niche in the shadow economy by trading stolen air miles for as little as 56p.

Millions of people imperiled through sign-in links sent by SMS

Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of ...

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its ...
SecurityWeek

Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore

Cybersecurity experts share insights on securing Application Programming Interfaces (APIs), essential to a connected tech ...
InfoWorld

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP ...