Users worldwide are reporting an unusual wave of spam emails arriving not from shady domains, but from legitimate customer support addresses belonging to companies that use the Zendesk helpdesk platform. Many recipients are receiving dozens or even hundreds of automated notifications with bizarre or alarming subjects, creating serious disruption even though the messages typically contain … Read more

From mid-January, Fortinet FortiGate firewalls have come under a new wave of highly automated attacks. According to researchers at Arctic Wolf, threat actors are exploiting a vulnerability in the FortiCloud Single Sign-On (SSO) mechanism to obtain administrative access within seconds, create rogue admin and VPN accounts, and exfiltrate full firewall configurations. How the FortiCloud SSO … Read more

Researchers from Miggo Security have demonstrated a novel prompt injection technique against the Google Gemini AI assistant that abuses standard Google Calendar invitations. By embedding carefully crafted instructions into the description field of a meeting invite, attackers were able to trigger data leakage from a user’s calendar without deploying any malware or compromising the endpoint … Read more

Users of the popular password manager LastPass are being targeted in a new phishing campaign that impersonates official maintenance notifications. Attackers are sending emails that urge recipients to create a backup of their password vault within 24 hours, with the real goal of stealing their master passwords. New LastPass phishing campaign mimics maintenance notifications According … Read more

A large-scale malicious browser extension campaign known as GhostPoster has been uncovered in the official extension stores for Google Chrome, Mozilla Firefox and Microsoft Edge. Security researchers report that at least 17 extensions tied to this operation were installed more than 840,000 times, highlighting how easily threat actors can abuse trust in official browser marketplaces. … Read more

A new malware family dubbed Android.Phantom has been identified targeting Android devices through popular mobile games and pirated “premium” app mods. The trojan specializes in automated advertising click fraud and covert data collection, while remaining largely invisible to victims. Distribution takes place via both official and unofficial channels, including the Xiaomi GetApps store, third‑party APK … Read more

Security researchers at Huntress have documented a new browser-based attack chain dubbed CrashFix, which weaponizes a malicious Chrome extension named NexShield. The extension masquerades as the popular ad blocker uBlock Origin Lite, intentionally destabilizes the browser, and then pressures users into running pre-staged PowerShell commands that ultimately install the ModeloRAT remote access Trojan on domain-joined … Read more

Professional video surveillance cameras from TP-Link, specifically the VIGI C and VIGI InSight series, have received a critical security update addressing a serious flaw tracked as CVE-2026-0629. The vulnerability, rated 8.7 out of 10 on the CVSS scale, allowed attackers to gain full control over affected devices via the local web administration interface, posing a … Read more

Security researchers at Check Point have disclosed technical details of VoidLink, a new Linux malware framework that, according to their analysis, was largely engineered with the help of an AI coding assistant and brought to a working state in about a week. The case is being viewed as one of the first thoroughly documented examples … Read more

Google is preparing a major shift in how Android handles the installation of apps from outside Google Play. A new security component called the Accountability Layer will introduce additional checks and confirmation steps when users sideload APK files, with the stated goal of reducing malware and abuse on Android devices. What Is the Android Accountability … Read more