CBSE OSM Portal Had Critical Vulnerabilities, Ethical Hacker Tells NDTV

CBSE Class 12 Evaluation System Issues: Adhikari claimed that by combining these flaws, an attacker could potentially take over examiner accounts, view assigned answer scripts, modify marks, and ...

'Anyone Could Edit Marks': 19-Year-Old Ethical Hacker Alleges Major Security Flaws In CBSE Evaluation System

Amid mounting student complaints over CBSE’s new On-Screen Marking system, a Class 12 student and cybersecurity researcher ...
Security Boulevard

Reducing Authentication Errors in Enterprise Environments: A Human-Centric Approach

Learn how a human-centric approach can reduce authentication errors in enterprise environments while improving security and ...
CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.

‘No security breach’: CBSE clarifies after Class 12 student claims ‘vulnerabilities’ in OSM portal

CBSE clarified that the portal used for evaluation answer sheets has a different URL than the one visible on the teenager's ...

CBSE Hacking Row Explodes: Board Denies OSM Breach, Teen Hacker Disputes ‘Testing Site’ Claim

CBSE has denied any breach in its Class 12 evaluation system after a 19-year-old hacker claimed to expose major security ...
Windows Report

Tycoon2FA Returns With New Microsoft 365 Device-Code Phishing Attacks

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
Tech Times

npm Supply Chain Attacks Hit GitHub: 2FA Approval Gate Now Blocks Stolen CI Tokens

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...
Dark Reading

Fake Android Apps Commit Carrier Billing Fraud for Premium Services

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.
India Today on MSN

Hacker Nisarga claims he broke into CBSE marking portal, warned board months ago

A teen cybersecurity researcher's blog post alleging serious flaws in CBSE's On-Screen Marking portal has triggered concern ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...