Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
First Confirmed OpenClaw AI Agent Configuration Theft Signals New Attack Surface
Cybersecurity researchers have documented the first confirmed theft of OpenClaw AI agent configuration files, marking a significant milestone in the ...
Head Mare Deploys PhantomHeart PowerShell Backdoor in Living-off-the-Land Attacks on Russian Networks
Analysts from Kaspersky have identified a new targeted campaign by the pro-Ukrainian group Head Mare, aimed at Russian government entities ...
SSHStalker Linux Botnet Targets Cloud Servers with SSH Brute-Force and Kernel Exploits
A newly documented Linux botnet dubbed SSHStalker is actively targeting cloud infrastructure, with a particular focus on Oracle Cloud instances. ...
Preinstalled Malware on Used Devices: Second-Hand Electronics as a Hidden Botnet Resource
Buying used laptops, smartphones, routers, or smart home gadgets is increasingly coming with an unwanted extra: preinstalled malware that silently ...
Malicious VK Styles Chrome Extensions Hijack 500,000 VKontakte Accounts
More than 500,000 VKontakte (VK) users have been exposed to a large-scale browser malware campaign dubbed VK Styles, according to ...
Mass Exposure of OpenClaw AI Agents Puts 220,000 Systems at Risk
SecurityScorecard has identified a critical exposure affecting the rapidly growing OpenClaw ecosystem: more than 220,000 OpenClaw instances are reachable directly ...
Critical WPvivid Backup & Migration Vulnerability (CVE-2026-1357) Enables Unauthenticated RCE on WordPress Sites
A critical security flaw in the popular WPvivid Backup & Migration plugin for WordPress enables unauthenticated remote code execution (RCE) ...
New ClickFix macOS Attacks Exploit Claude Artifacts and Google Ads to Deliver MacSync Infostealer
Security researchers have identified a new wave of ClickFix attacks targeting macOS, in which threat actors combine paid Google Ads ...
Offline Phishing Campaign Targets Trezor and Ledger Users via Paper Letters
A new wave of offline phishing attacks is targeting owners of Trezor and Ledger hardware wallets. Instead of traditional scam ...
Google Gemini Misuse: How State Hackers and Cybercriminals Are Weaponizing Generative AI
Google’s Threat Intelligence Group (GTIG) has published a detailed report describing how threat actors are systematically abusing the Gemini large ...
