An iPhone exploit that involves a linked Visa card can allow attackers to steal money from a locked device using NFC, but the process is complex, requiring physical access and specialized hardware.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch yet available. Attackers have been exploiting a ...

A researcher released a working ‘BlueHammer’ Windows zero-day exploit that could impact over 1 billion devices, granting SYSTEM-level access and leaving no patch yet. A disgruntled security researcher ...

Threat actors have found a way to inject arbitrary JavaScript into the Flowise low-code platform for building custom LLM and agentic systems. The code injection was possible due to a design oversight, ...

A six-month intelligence operation preceded the $270 million exploit of Drift Protocol and was carried out by a North Korean state-affiliated group, according to a detailed incident update published ...

Last week, cybersecurity researchers uncovered a hacking campaign targeting iPhone users that used an advanced hacking tool called DarkSword. Now someone has leaked a newer version of DarkSword and ...

Following its recent disclosure of the Coruna exploit chain targeting older iOS versions, the company has now revealed a similar attack believed to be called DarkSword. Here are the details. A few ...

A new iOS exploit chain is being used by attackers around the globe, and it's built for espionage actors and financially motivated attackers alike. Google, iVerify, and Lookout this week published ...

A hot potato: For more than a decade, the Xbox One stood as a remarkable exception in console security – a machine long considered impervious to hacking attempts. That reputation is now over. At the ...

Qualcomm confirmed that fixes for the GBL exploit were provided to Android device makers earlier this month. The exploit, discovered by Xiaomi ShadowBlade Security Lab, was a key component in ...

A vulnerability in Qualcomm’s Android Bootloader implementation allows unsigned code to run via the “efisp” partition on Android 16 devices. This is paired with a “fastboot” command oversight to ...