-
The international cybersecurity community was alerted to a major data breach involving Israeli military infrastructure. Handala, a recognized Iranian nation-state threat actor, claims to have successfully breached PSK Wind Technologies, a key Israeli d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have launched a targeted phishing campaign by cloning Ukraine’s official CERT-UA website and distributing malicious software disguised as a security tool, according to a new alert from the national cyber response team. Targets included governme…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing DOCX, RTF, JavaScript, PowerShell, and Python to deliver an in‑memory Cobalt Strike beacon in a stealthy spear‑phishing campaign that impersonates Boeing procurement under the tag NKFZ5966PURCHASE. The operation chains six stages, r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NoVoice is a new Android rootkit campaign that hid in more than 50 apps on Google Play, exploiting 22 vulnerabilities to hijack millions of older and unpatched Android devices and even clone WhatsApp sessions. The apps posed as everyday utilities such …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability affecting Google Chrome and other Chromium-based web browsers. Officially tracked as CVE-2026-5281, this security …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple has officially expanded the rollout of iOS 18.7.7 and iPadOS 18.7.7 to defend users against a critical web-based threat known as the DarkSword exploit. Originally released on March 24, 2026, Apple aggressively pushed the update to more devices vi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has detailed how organizations can detect and mitigate a recent supply chain compromise involving malicious Axios npm releases and infrastructure attributed to the North Korean threat actor Sapphire Sleet. On March 31, 2026, two Axios npm ver…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Federal Bureau of Investigation (FBI) has issued a public warning about potential data security risks associated with foreign-developed mobile applications, particularly those developed by companies based in China. While the advisory focuses on app…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The OWASP Zed Attack Proxy (ZAP) just received a massive upgrade for testing modern web applications. The release of the ZAP PTK Add-on 0.3.0, working alongside OWASP PenTest Kit (PTK) 9.8.0, now converts browser-based security findings directly into n…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has released a high-priority security advisory regarding a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) platform. The flaw, tracked as CVE-2026-20160, carries a near-maximum CVSS severity score of 9.8 out of 10. If e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
