-
OpenAI rotates macOS certificates after downloading a compromised Axios version, urging users to update apps before revoked certificates are blocked in May 2026.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
BITTER APT spreads ProSpy and ToSpy via Signal, Google, and Zoom lures, targeting journalists through LinkedIn and iMessage spearphishing.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Android banking trojan linked to Cambodia scam compounds uses forced labour to target users in 21 countries, bypassing security to steal funds.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using GitHub typo-squatting to target developers with malware.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are increasingly abusing trusted software development platforms GitHub and GitLab to host malware and credential phishing campaigns, making defensive detection significantly harder for enterprises. Because these Git-based platforms are deeply i…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MuddyWater is now weaponizing a Russian malware-as-a-service (MaaS) platform to run a new operation dubbed “ChainShell”, blending Iranian state targeting with commercially developed cybercrime tooling. The assessment is based on a misconfigured command…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered supply chain attack is spreading the GlassWorm malware across multiple developer environments by abusing the OpenVSX extension marketplace. GlassWorm is not new. Researchers have tracked the campaign since March 2025, when attackers …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
