Author: Mash

An information stealer called VoidStealer has introduced a new technique to bypass Chrome's Application-Bound Encryption by leveraging hardware breakpoints to [...]

Threat actors are exploiting Microsoft Azure Monitor alerts to send fraudulent callback phishing emails impersonating the Microsoft Security Team. The [...]

WordPress.com has introduced new capabilities allowing AI agents to draft, edit, publish posts, manage comments, and organize website content through natural [...]

A sophisticated exploit framework called DarkSword has been actively targeting iPhones running iOS 18.4 through 18.7 since November 2025, stealing [...]

Apple has deployed its first Background Security Improvements update, addressing a WebKit vulnerability tracked as CVE-2026-20643 across iPhones, iPads, and [...]

The cyberattack on medical technology firm Stryker last week involved threat actors using Microsoft Intune to remotely erase tens of [...]

A new open-source utility called Betterleaks has been released to scan directories, files, and git repositories for exposed secrets such [...]

A temporary hijacking of the AppsFlyer Web SDK allowed attackers to distribute malicious JavaScript code designed to steal cryptocurrency from [...]

Microsoft has released three new Windows 11 Insider builds across Dev, Beta, and Canary channels, introducing significant policy updates and [...]

A new malware strain called Slopoly, exhibiting strong signs of generative AI assistance in its development, was used in an [...]

Security researchers have disclosed multiple now-patched vulnerabilities in the n8n workflow automation platform, including critical flaws allowing remote code execution [...]

A newly developed method called "Zombie ZIP" allows malicious payloads to remain undetected by manipulating compressed file headers to deceive [...]

Cybercriminals are targeting employees in financial and healthcare sectors through Microsoft Teams conversations, using Quick Assist remote access tools to [...]

Cybercriminals are exploiting the special-use .arpa domain and IPv6 reverse DNS mechanisms to launch phishing campaigns that evade traditional reputation-based [...]

A threat actor tracked as Velvet Tempest was observed using ClickFix social engineering techniques alongside legitimate Windows tools to deploy [...]

Fraudulent OpenClaw installers hosted on GitHub and promoted through Microsoft Bing's AI-powered search results were found deploying information-stealing malware to [...]

A critical unauthenticated vulnerability in the FreeScout helpdesk platform enables attackers to achieve remote code execution simply by sending a [...]

A phishing campaign is leveraging a counterfeit Google Security page to distribute a Progressive Web App capable of stealing one-time [...]

A popular Chrome extension called QuickLens, which enabled Google Lens searches directly in the browser, was hijacked after being sold [...]

Microsoft is introducing new Windows 11 Insider builds that strengthen security for batch file and CMD script execution in enterprise [...]

Microsoft is investigating a persistent bug causing the mouse pointer to disappear within the classic Outlook desktop client, nearly two [...]

A new information-stealing operation called Arkanix Stealer appeared on dark web forums in late 2025 but vanished after only two [...]

Security researchers have identified PromptSpy, the first Android malware family that integrates generative AI directly into its operational flow. Discovered [...]

A suspected Chinese state-sponsored hacking group has been actively exploiting a critical Dell vulnerability since mid-2024 in a series of [...]

Security researchers have documented the first real-world instance of information-stealing malware targeting configuration files belonging to the popular OpenClaw AI [...]

Threat actors have developed an innovative ClickFix campaign that leverages DNS lookups to distribute malicious payloads, marking the first known [...]

A sophisticated campaign attributed to North Korean hackers is targeting JavaScript and Python developers through fake job interviews involving cryptocurrency-related [...]

Security researcher Wietze Beukema has unveiled four previously undocumented techniques that manipulate Windows shortcut files to conceal malicious payloads. These [...]

Microsoft has resolved a significant security flaw in the Windows 11 Notepad application that enabled attackers to execute software remotely [...]

North Korean hackers are deploying advanced social engineering tactics combined with never-before-seen macOS malware strains to siphon cryptocurrency assets. The [...]

Hackers are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to install legitimate administrative software for harmful purposes. [...]

A widespread spam campaign is once again targeting global inboxes, with many users receiving automated messages from compromised company support [...]

Cyber attackers are misusing a revoked but still functional kernel driver from the EnCase forensic software to create a powerful [...]

Hackers are actively exploiting a severe flaw, designated CVE-2025-11953, in the React Native Metro development server. This vulnerability allows them [...]

Microsoft has issued a new optional update, KB5074105, for Windows 11 versions 24H2 and 25H2. While this C-update is not [...]

Microsoft's recent optional update, KB5074105, is causing problems for some Windows 11 users despite official claims of no known issues. [...]

Google's Threat Intelligence Group, in collaboration with industry partners, has disrupted the infrastructure of IPIDEA, one of the world's largest [...]

Two critical vulnerabilities in the popular open-source automation platform n8n allow authenticated attackers to escape its security sandbox and execute [...]

A new malware-as-a-service (MaaS) operation, dubbed "Stanley," is advertising the creation and publication of malicious Chrome extensions designed to bypass [...]

The North Korean state-linked hacking group Konni is conducting a campaign targeting blockchain engineers with PowerShell malware believed to be [...]