-
Security researchers have disclosed two high-severity vulnerabilities in libpng, the widely deployed reference library used for processing Portable Network Graphics (PNG) image files. These critical flaws allow remote attackers to trigger process crash…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than traditional credential phishing. The service sells a turnkey Microsoft device code phishing kit …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has officially moved its advanced ransomware detection and file restoration features for Google Drive out of beta, making them generally available to organizations globally. Originally launched for beta testing in September 2025, these security …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known as ClickFix attacks. This defense intercepts potentially harmful commands before they are pasted into the Terminal ap…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are once again exploiting global tax seasons, abusing IRS and tax filing lures to deliver malware, remote monitoring and management (RMM) tools, and credential phishing in a wave of new 2026 campaigns. Security researchers have already t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CareCloud, Inc., a prominent healthcare technology provider, has disclosed a material cybersecurity incident involving unauthorized access to its electronic health record (EHR) infrastructure. The security event was first detected on March 16, 2026, wh…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New “DeepLoad” malware is turning a single user click into fileless, credential‑stealing persistence inside enterprise networks, leveraging the ClickFix technique and AI-generated obfuscation to evade traditional defenses. DeepLoad arrives via ClickFix…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Artificial intelligence assistants increasingly handle our most sensitive data, operating under the assumption that enclosed environments keep this information secure. However, a newly disclosed vulnerability in ChatGPT shattered this expectation. Disc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are deploying a new Node. js-based implant dubbed RoadK1ll to quietly turn compromised hosts into on-demand network relays, enabling stealthy pivoting deeper into victim environments without exposing obvious remote access tooling. The implant’s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Calif recently demonstrated the evolving power of artificial intelligence in vulnerability research by using Claude AI to uncover zero-day Remote Code Execution (RCE) flaws in both Vim and Emacs. The discoveries show that merely…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
