Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
108 Malicious Chrome Extensions Steal Google Accounts and Hijack Browser Sessions
A large-scale malware campaign abusing the Chrome Web Store has been uncovered, involving 108 malicious Chrome extensions designed to harvest ...
GlassWorm Malware Abuses Zig Dropper in Fake VS Code Extension to Infect Developer IDEs
A new wave of the GlassWorm malware campaign is targeting software developers by abusing a fake Visual Studio Code extension. ...
Marimo CVE-2026-39987: Critical Remote Code Execution Exploited Within Hours of Disclosure
A critical vulnerability in the popular open-source data notebook Marimo has highlighted how quickly attackers now weaponize newly disclosed security ...
Compromised Smart Slider 3 Pro Update Delivers Backdoor to WordPress Sites
A coordinated supply chain attack on the update mechanism of the Smart Slider 3 Pro plugin for WordPress resulted in ...
Critical EngageLab SDK Android Vulnerability Threatened Cryptocurrency Wallet Security
A high‑risk vulnerability in the widely used EngageLab SDK for Android push notifications and analytics has exposed millions of devices ...
LucidRook Lua Malware Targets Taiwanese NGOs in Stealthy Cyber-Espionage Campaign
A previously undocumented threat cluster, tracked by Cisco Talos as UAT-10362, has been linked to a targeted cyber‑espionage campaign against ...
Hack‑for‑Hire Campaign Targets MENA Journalists with Apple, Google Phishing and Android Spyware Links
International digital rights and security groups Access Now, Lookout and SMEX have uncovered a long‑running hack‑for‑hire phishing campaign against journalists, ...
Webloc: Adtech-Based Geolocation Surveillance and the Risks for Mobile Privacy
The global digital advertising ecosystem is no longer just about targeting consumers with personalized ads. According to a new report ...
North Korean APT37 Exploits Facebook Social Engineering to Deploy RokRAT Spyware
A new cyber‑espionage operation attributed to the North Korean threat group APT37 (ScarCruft) demonstrates how quickly social networks are becoming ...
CPUID Website Compromise Turns CPU-Z Downloads into STX RAT Malware Vector
For a brief period in April, the official CPUID website (cpuid[.]com) – home to widely used hardware monitoring tools such ...
