-
Dashlane has disclosed the findings of a recent security investigation, confirming that a limited number of users were impacted by a targeted brute-force attack against its device registration system. The company emphasized that its internal infrastruc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing search results and professional-looking fake download portals to distribute malware by impersonating popular security tools like Ghidra, dnSpy, and SpiderFoot. These sites capture users’ first click on a “Download” button and silent…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale npm supply chain attack has compromised at least 57 packages across more than 286 malicious versions in a rapid, coordinated campaign that unfolded in under two hours on June 3, 2026. The attack began at approximately 23:30 UTC with the c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are leveraging large-scale malvertising campaigns to distribute a newly identified macOS backdoor dubbed FlutterShell, marking a significant evolution in financially motivated adware operations. Security researchers tracking the activity attrib…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A remotely exploitable zero-day vulnerability in Comodo Internet Security’s kernel-level firewall driver allows attackers to crash Windows systems with a single IPv6 packet, and the vendor has yet to respond. Security researcher Marcus Hutchins p…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are actively abusing interest in AI development tools by launching a sophisticated SEO poisoning campaign that impersonates Anthropic’s Claude Code installation flow to deliver a fully fileless .NET infostealer, according to researchers at Howl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly uncovered supply chain attack dubbed “IronWorm” is leveraging malicious npm packages to compromise developer environments, steal sensitive credentials, and propagate itself across repositories in a worm-like fashion. The campaign, identified in…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A prolonged and highly targeted espionage campaign has been uncovered involving the compromise of a senior executive’s Microsoft Outlook account at a major global stock exchange, highlighting the strategic value of executive-level email access in moder…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept (PoC) exploit has been released for a critical server-side request forgery (SSRF) vulnerability impacting Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME), increasing the li…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A rapidly evolving threat cluster tracked as TA4922, a Chinese-speaking cybercriminal actor deploying a diverse and expanding malware arsenal that now includes Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT. The group is notable for its high …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
