January 1, 2025 – CyberGate

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo. “Instead of

Citește mai departe

Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024 presidential election. The federal agency said the entities – a

Citește mai departe

Day: January 1, 2025

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics

Recent News

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

The Hacker News Launches ‘Cybersecurity Stars Awards 2026’ — Submissions Now Open

Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?

Google’s Android Apps Get Public Verification to Stop Supply Chain Attacks

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware

China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed