The Hacker News

Session Cookie Theft: You Showed Your ID at the Door. But Someone Else Has Your Room Key

Stolen session cookies bypass MFA because tokens remain valid for hours or days, enabling silent account takeovers without triggering security alerts.

The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.
Radio Free Europe/Radio Liberty

live Trump: US 'Intercepted' Iranian-Flagged Ship In The Gulf Of Oman

As the US-Israeli war with Iran continues to impact and shape the region, journalists from RFE/RL deliver ongoing updates and analysis. President Trump announces US forces have intercepted an ...