Growing interest in AI-powered assistants and “smart” browser tools is being actively abused by cybercriminals. Researchers at LayerX have disclosed a large-scale campaign, dubbed AiFrame, that leverages malicious AI Chrome extensions to steal sensitive data. At least 30 extensions in the official Chrome Web Store were linked to this operation, collectively installed by more than … Read more

Researchers from Koi Security have documented the first confirmed case of a malicious Outlook add-in being distributed directly through the official Microsoft Office Add-in Store. A previously legitimate extension, AgreeTo, was silently hijacked and converted into a fully fledged phishing kit, enabling attackers to steal more than 4,000 Microsoft accounts as well as sensitive financial … Read more

Microsoft has fixed a critical security vulnerability in the modern Windows 11 Notepad application that allowed attackers to trigger remote code execution (RCE) by abusing Markdown links. The flaw, tracked as CVE-2026-20841, could be exploited with minimal user interaction and turned a basic text editor into an unexpected entry point for compromising Windows endpoints. How … Read more

Singapore’s telecommunications ecosystem has faced one of its most complex cyber incidents to date. According to the Cyber Security Agency of Singapore (CSA), the Chinese-linked advanced persistent threat (APT) group UNC3886 gained unauthorized access to the networks of all four major telecom operators: Singtel, StarHub, M1 and Simba. The campaign, focused on long-term espionage rather … Read more

Microsoft’s February 2026 Patch Tuesday is one of the most impactful security releases in recent years. The company has addressed 58 vulnerabilities across Windows, Office and related components, including six 0‑day flaws that were either publicly disclosed or already exploited in the wild, and has simultaneously launched a large‑scale Secure Boot certificate rotation that will … Read more

One of the most prominent DeFi dashboards in the Solana ecosystem, Step Finance, has reported a major cybersecurity incident resulting in the theft of approximately $40 million in cryptoassets. According to the project, the attack was highly targeted and centered on the compromise of devices belonging to senior leadership, which ultimately gave attackers access to … Read more

Homograph attacks have long been associated mainly with web browsers and domain name systems, but the same Unicode tricks are increasingly dangerous in command line environments. A new cross-platform tool called Tirith, created by developer Sheeki, brings homograph protection directly into shells and terminals — one of the most critical yet least protected components of … Read more

Official client libraries for the dYdX v4 protocol in both the npm and PyPI ecosystems were recently weaponized to deliver malware. The attack, which targeted developers and users integrating with dYdX, combined seed phrase theft from crypto wallets with the deployment of a full-featured Remote Access Trojan (RAT) for covert system control. dYdX v4 npm … Read more

The recent ransomware attack on SmarterTools, the vendor behind the popular email server SmarterMail, has become a textbook example of how a single unpatched, outdated instance can compromise an entire environment — including the infrastructure of the software vendor itself. How the SmarterTools Ransomware Incident Unfolded On 29 January 2026, the Chinese threat group Warlock … Read more

Anthropic’s latest large language model, Claude Opus 4.6, has demonstrated a significant leap in applied cybersecurity. According to the company, the model independently identified more than 500 previously undocumented serious vulnerabilities in widely used open source software, including projects such as Ghostscript, OpenSC, and CGIF. Many of these issues have already been reviewed and patched … Read more