Bubble AI app builder abused to steal Microsoft account credentials

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...
The Hacker News

ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More

ThreatsDay roundup covering stealthy attacks, phishing trends, exploit chains, and rising security risks across the threat ...
New Scientist

Security credentials inadvertently leaked on thousands of websites

Researchers identified nearly 10,000 websites where API keys could be found, exposing details that could let attackers access ...
Decrypt

OpenClaw Developers Lured in GitHub Phishing Campaign Targeting Crypto Wallets

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...