Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
RenEngine Malware Campaign: Pirated Games Used to Deliver Lumma, ACR and Vidar Stealers
Security analysts from Howler Cell have documented a large-scale malware distribution campaign that weaponizes pirated games and cracked commercial software. ...
Malicious AI Chrome Extensions Steal Gmail and Browser Data: Inside the AiFrame Campaign
Growing interest in AI-powered assistants and “smart” browser tools is being actively abused by cybercriminals. Researchers at LayerX have disclosed ...
Malicious Outlook Add-in in Official Microsoft Office Store Leads to Massive Account Compromise
Researchers from Koi Security have documented the first confirmed case of a malicious Outlook add-in being distributed directly through the ...
Windows 11 Notepad Vulnerability (CVE-2026-20841) Allows Remote Code Execution via Markdown Links
Microsoft has fixed a critical security vulnerability in the modern Windows 11 Notepad application that allowed attackers to trigger remote ...
Singapore Telecom Sector Hit by Sophisticated UNC3886 Cyber Espionage Operation
Singapore’s telecommunications ecosystem has faced one of its most complex cyber incidents to date. According to the Cyber Security Agency ...
Microsoft Patch Tuesday February 2026: Six 0‑Days, 58 Fixes and a Major Secure Boot Certificate Update
Microsoft’s February 2026 Patch Tuesday is one of the most impactful security releases in recent years. The company has addressed ...
Step Finance Hack: $40M Solana DeFi Breach Highlights Executive Device Risk
One of the most prominent DeFi dashboards in the Solana ecosystem, Step Finance, has reported a major cybersecurity incident resulting ...
Tirith: Protecting Terminals from Unicode Homograph Attacks and Malicious URLs
Homograph attacks have long been associated mainly with web browsers and domain name systems, but the same Unicode tricks are ...
dYdX v4 Supply Chain Attack: Compromised npm and PyPI Packages Deliver Malware to Developers
Official client libraries for the dYdX v4 protocol in both the npm and PyPI ecosystems were recently weaponized to deliver ...
SmarterMail CVE-2026-24423 Exploited in Ransomware Attack on SmarterTools
The recent ransomware attack on SmarterTools, the vendor behind the popular email server SmarterMail, has become a textbook example of ...
