-
A large-scale malvertising operation targets macOS users with fake Google Ads leading to malicious text-sharing sites. These lures deliver the AMOS infostealer variant, dubbed “malext,” which steals sensitive data such as browser credential…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google Chrome’s Secure Web and Networking Team has unveiled a new initiative aimed at defending HTTPS traffic against emerging quantum computing threats. This development, rooted in the Internet Engineering Task Force’s (IETF) “PKI, Logs, And Tre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackerbot-claw, an autonomous AI bot, has launched a week-long campaign abusing GitHub Actions misconfigurations to hit CI/CD pipelines at Microsoft, DataDog, and other major open-source projects, achieving remote code execution (RCE) and even full rep…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity security flaw has been discovered in Angular, one of the most popular web application frameworks. This vulnerability, tracked as CVE-2026-27970, affects the framework’s internationalization (i18n) pipeline. If exploited, it allows…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors compromised the Aqua Trivy VS Code extension on OpenVSX by publishing malicious versions 1.8.12 and 1.8.13 on February 27-28, 2026. These versions injected prompts to hijack local AI coding tools for system reconnaissance and data exfiltr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has rolled out the highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command‑and‑control (C2) domains, and multiple ongoing campaigns abusing popular platforms like TikTok and cracked‑software si…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered high-severity vulnerability in Google Chrome’s Gemini Live integration, tracked as CVE-2026-0628, exposed users to significant privacy and security risks. Researchers found that the flaw could allow malicious browser extensions…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft released its Patch Tuesday updates, addressing 59 vulnerabilities, including a critical zero-day flaw in the Windows MSHTML framework. Tracked as CVE-2026-21513, this actively exploited vulnerability allows attackers to bypass security featur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Tire pressure monitoring systems (TPMS) in popular brands like Toyota, Mercedes, and many others quietly broadcast radio signals that can be turned into a powerful vehicle‑tracking tool. New research shows that these routine safety messages can be harv…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
