-
Threat actors are abusing legitimate remote monitoring and management (RMM) tools LogMeIn Resolve and ScreenConnect in a multi‑stage phishing campaign that blends social engineering, living‑off‑the‑land techniques, and stealthy information‑stealing mal…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Iran-linked threat actors have launched a coordinated password-spraying campaign targeting Microsoft 365 environments across the Middle East, according to new findings. The activity, observed throughout March 2026, unfolded in three distinct waves on M…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has rolled out a fresh security intelligence update for Microsoft Defender Antivirus to help secure Windows 11, Windows 10, and Windows Server images. Released on April 7, 2026, this update equips endpoints with the latest threat detection lo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is warning that a fast‑moving threat actor it tracks as Storm‑1175 is aggressively exploiting vulnerabilities in internet‑exposed systems to deliver Medusa ransomware in days and sometimes in under 24 hours. Storm‑1175 is a financially motiva…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe security flaw has been discovered in the Ninja Forms File Upload plugin, a widely utilized WordPress add-on that allows website administrators to accept documents, images, and other media from their visitors. Tracked officially as CVE-2026-074…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability in Fortinet products. The agency officially added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on Apri…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware campaign is abusing Reddit to distribute fake “cracked” builds of TradingView Premium that secretly install Vidar and AMOS information‑stealing malware on Windows and macOS systems. The campaign targets users searching for free or pirated…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered zero-day vulnerability, dubbed “BlueHammer,” has been publicly disclosed. The flaw, which has been linked to Windows Defender, allows attackers to achieve Local Privilege Escalation (LPE) and potentially gain full adminis…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A malicious PyPI package, hermes-px, that masquerades as a “Secure AI Inference Proxy” while secretly stealing user prompts and abusing a private university AI service. Marketed as an OpenAI-compatible, Tor-routed proxy requiring no API keys, the packa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has announced a significant update for its Chrome browser, extending native lazy loading capabilities to audio and video elements. This highly anticipated feature aims to improve web performance, drastically save bandwidth, and offer subtle secu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
