Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...

Study Reveals Exploit That Lets Your Browsing History Be Spied On Using Your SSD

You can minimize the degree to which your browser spies on you, but potential hackers can use your own SSD against you and ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.

Cybersecurity attackers don’t hack in anymore… they get invited in

"In cybersecurity in 2026, the attackers have stopped breaking down doors. They are being invited in. And the front door they’re walking through is trust itself." — Aida Keehner, founder and CEO, Atru ...
GitHub

JavaScript captcha solver (Node.js): Bypass reCAPTCHA, Cloudflare, GeeTest and more

Use the JavaScript captcha solver to automatically bypass any captcha - including reCAPTCHA v2, Invisible, v3, Enterprise, Cloudflare Turnstile, GeeTest sliders, Amazon WAF, FunCaptcha, and both image ...
The Hacker News

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious ...