Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Critical OpenClaw RCE Vulnerability and Moltbook Data Exposure Expose AI Agent Security Risks
Two recent security incidents involving the OpenClaw AI agent platform (previously known as ClawdBot and Moltbot) and its companion service ...
Microsoft to Disable NTLM by Default in Windows: Enterprise Authentication Enters a New Era
Microsoft has announced a fundamental change in Windows authentication: in upcoming client and server releases, the NTLM (New Technology LAN ...
Notepad++ Supply Chain Attack: What Happened and How to Protect Software Updates
In 2025, the popular text editor Notepad++ became the target of a sophisticated software supply chain attack. Attackers did not ...
New ClickFix Campaign Uses Fake CAPTCHA, App‑V and PNG Steganography to Deploy Amatera Infostealer
Researchers at BlackPoint Cyber have documented a technically sophisticated malware campaign that combines ClickFix social engineering, a fake CAPTCHA page ...
Ex-Google Engineer Convicted for Stealing AI Infrastructure Trade Secrets for China
A US federal jury has convicted former Google engineer Linwei (Leon) Ding of stealing confidential information about Google’s artificial intelligence ...
AI Toys and Children’s Privacy: Lessons from the Bondu Chatbot Data Breach
AI-powered toys promise personalized learning and engaging conversations, but the recent Bondu AI toy data breach shows how quickly that ...
Android Banking Trojan Uses Hugging Face Infrastructure to Deliver Stealthy Malware
Security researchers at Bitdefender have uncovered a large-scale Android malware campaign that abuses the trusted AI platform Hugging Face to ...
Match Group Data Breach: Okta SSO Compromise Puts Major Dating Apps Under Scrutiny
Match Group, the owner of popular dating platforms such as Tinder, Match, Meetic, OkCupid and Hinge, has disclosed a cybersecurity ...
eScan Supply Chain Attack: What We Know About the Compromised Update Server
On 20 January 2026, antivirus vendor MicroWorld Technologies, the developer of eScan, reported a classic software supply chain attack. Threat ...
Record 31.4 Tbps DDoS Attack: Aisuru (Kimwolf) Botnet Hits Telecoms and Cloudflare
A massive distributed denial‑of‑service (DDoS) campaign in December 2025, attributed to the Aisuru (also known as Kimwolf) botnet, has set ...
