Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...
Tech Times

Cloudflare, Chrome, and Firefox Plan to Replace CAPTCHAs With Cryptographic Tokens

CAPTCHA replacement protocol PACT was announced June 22 by Cloudflare, Chrome, Firefox, and Edge — using cryptographic blind ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Tech Times

WordPress Email Plugin Flaw Triggers 17 Million Attacks: Gravity SMTP Leaks Live API Keys

Gravity SMTP WordPress vulnerability CVE-2026-4020 has drawn 17 million automated exploit attempts since May 2026, draining ...
LinkedIn

Building a Secure Auth System in Next.js

You need these features: - Session management - Access and refresh tokens - Token rotation - OTP verification - Password resets - Device logout I used JWT access tokens. These are short. Refresh ...
theregister

Vercel debuts eve open source agent framework, tries to fix shadow AI with Passport

Vercel introduced an open source agent framework called eve at its Ship event in London this week, along with other new features including Passport, an attempt to put employee apps created with AI ...
LinkedIn

Browser APIs for Faster Web Development

- WebAuthn Build secure login experiences using biometrics and passkeys. Over the next 10 weeks, I will cover: - Intersection Observer - Resize Observer - Mutation Observer - Web Storage - Clipboard ...

Cloudflare teams up with Chrome, Edge, and Firefox to tackle bot traffic without CAPTCHAs

Cloudflare says it's developing the protocol with Mozilla, Google, Microsoft, and Shopify, with the group planning to submit ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
The Hacker News

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...
Graham Cluley

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

What if your AI coding assistant could be tricked into stealing your own company’s secrets – by reading a single ...