account security
-
Mozilla Alerts Developers to Phishing Threats Targeting Add-On Accounts
Mozilla has warned browser extension developers of an active phishing campaign targeting accounts on its AMO repository, urging them to exercise caution and verify the authenticity of emails claiming to be from the organization.
-
ExpressVPN Resolves Critical IP Leak Issue Affecting Remote Desktop Users
ExpressVPN has resolved a critical security flaw that exposed users’ IP addresses during Remote Desktop Protocol sessions, following insights from a bug bounty program. Affected users are encouraged to update their software for enhanced privacy.
-
Google Issues Critical Update for Chrome to Address Exploited Security Flaw
Google has released a critical update for its Chrome browser, addressing a high-severity zero-day vulnerability that could allow remote attackers to escape the browser’s sandbox. This update comes on the heels of multiple exploited vulnerabilities earlier this year, underlining the importance of regular browser updates.
-
Security Flaw in Forminator Plugin Puts Over 600,000 WordPress Sites at Risk
The Forminator plugin for WordPress, used on over 600,000 sites, has a high-severity vulnerability (CVE-2025-6463) that could allow attackers to execute arbitrary file deletions, potentially leading to complete site takeovers. Users are urged to update to the latest version or disable the plugin immediately to avoid exploitation.
-
Security Researchers Warn of Bluetooth Vulnerabilities in Popular Headphones
Security researchers have identified vulnerabilities in Airoha’s Bluetooth products, putting a wide range of earbuds and headphones at risk of unauthorized access and control. Airoha has provided fixes, but manufacturers must implement updates to secure their devices.
-
Glasgow City Council Suffers Major Cyberattack, Services Disrupted
Glasgow City Council is reeling from a major cyberattack that has disrupted its digital services since June 19, 2025, with investigations underway to ascertain the extent of the breach and potential data exposure.
-
Meta Expands Passkey Support to Facebook for Enhanced Security
Meta Platforms is enhancing security for Facebook users by introducing passkey support, a next-generation authentication method designed to be easier and more secure than traditional passwords. This feature will also integrate with Meta Pay for seamless online transactions.
-
CISA Warns of Critical Vulnerability in TP-Link Routers Amid Active Exploitation
CISA has identified a critical vulnerability in TP-Link routers, urging users to take immediate action as evidence of active exploitation emerges. The agency’s guidelines are designed to mitigate the risks associated with this command injection vulnerability, affecting multiple router models.
-
Security Researchers Expose 40,000 Unprotected IoT Cameras, Raising Espionage Concerns
Researchers from Bitsight have exposed serious vulnerabilities in the security of around 40,000 internet-connected cameras globally, raising concerns over espionage and privacy for sensitive locations across the United States.
-
Google Addresses Vulnerability Exposing Users’ Phone Numbers
A vulnerability in Google’s account recovery process allowed researchers to brute-force phone numbers linked to accounts, posing a significant risk of phishing and SIM-swapping attacks, now patched by the tech firm.
