Truebit lost $26 million after a smart-contract overflow bug let an attacker mint tokens at near-zero cost, sending the TRU price down 99%. A $26 million exploit of the offline computation protocol ...

Tens of millions of downloads of the popular Java logging library Log4j this year were vulnerable to a CVSS 10.0-rated vulnerability that first surfaced four years ago, according to Sonatype. The ...

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...

SitusAMC, a technology vendor for real estate lenders, holds sensitive personal information on the clients of hundreds of its banking customers, including JPMorgan Chase. By Rob Copeland Stacy Cowley ...

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...

Halloween’s scare came late for the crypto industry. Decentralized finance (DeFi) protocol Balancer (BAL) has been hit by one of the biggest crypto hacks of 2025, with more than $116 million stolen ...

Balancer, a decentralized finance (DeFi) protocol with over $750 million in value locked, appears to have been hit by its biggest exploit yet, with on-chain data showing upward of $110 million in ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Admit it: the first thing you think of when ransomware is ...

It didn’t take long for cybersecurity researchers to notice some glaring issues with OpenAI’s recently unveiled AI browser Atlas. The browser, which puts OpenAI’s blockbuster ChatGPT front and center, ...

Pixnapping could be used to steal private data, including 2FA codes. Side-channel attack abuses Google Android APIs to steal data on display. Flaw is partially patched, although a more complete fix is ...

A single flaw in Apache Log4j spiraled into one of the most dangerous exploits ever found. Experts warned it could have taken down the entire internet. White House responds to Trump-Putin documents ...

Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with ...