Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Hack‑for‑Hire Campaign Targets MENA Journalists with Apple, Google Phishing and Android Spyware Links
International digital rights and security groups Access Now, Lookout and SMEX have uncovered a long‑running hack‑for‑hire phishing campaign against journalists, ...
Webloc: Adtech-Based Geolocation Surveillance and the Risks for Mobile Privacy
The global digital advertising ecosystem is no longer just about targeting consumers with personalized ads. According to a new report ...
North Korean APT37 Exploits Facebook Social Engineering to Deploy RokRAT Spyware
A new cyber‑espionage operation attributed to the North Korean threat group APT37 (ScarCruft) demonstrates how quickly social networks are becoming ...
CPUID Website Compromise Turns CPU-Z Downloads into STX RAT Malware Vector
For a brief period in April, the official CPUID website (cpuid[.]com) – home to widely used hardware monitoring tools such ...
Adobe Acrobat and Reader Zero-Day CVE-2026-34621: What You Need to Know and How to Respond
Adobe has released emergency security updates for Adobe Acrobat and Adobe Acrobat Reader after the discovery of a critical vulnerability, ...
Chaos Botnet Evolves: New Malware Variant Targets Misconfigured Cloud Infrastructure
A new variant of the Chaos botnet malware is shifting its focus from home routers and edge devices to misconfigured ...
Chrome 146 Introduces Device Bound Session Credentials to Neutralize Stolen Cookies
Google is rolling out Device Bound Session Credentials (DBSC) for all Chrome 146 users on Windows, positioning the feature as ...
OpenAI Revokes macOS Code Signing Certificate After Axios and Trivy Supply Chain Attacks
OpenAI has disclosed that a compromised Axios npm package was executed inside its macOS application signing pipeline on GitHub Actions. ...
FBI and Indonesian Police Take Down W3LL Phishing Kit Targeting Microsoft 365
US Federal Bureau of Investigation (FBI) agents, working with Indonesia’s National Police, have dismantled the infrastructure behind the W3LL phishing ...
Identity Dark Matter: Why Half of Corporate Access Remains Invisible and How IVIP Changes That
As large enterprises expand their digital footprint, classical Identity and Access Management (IAM) platforms are reaching their limits. User accounts, ...
