Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Malicious VK Styles Chrome Extensions Hijack 500,000 VKontakte Accounts
More than 500,000 VKontakte (VK) users have been exposed to a large-scale browser malware campaign dubbed VK Styles, according to ...
Mass Exposure of OpenClaw AI Agents Puts 220,000 Systems at Risk
SecurityScorecard has identified a critical exposure affecting the rapidly growing OpenClaw ecosystem: more than 220,000 OpenClaw instances are reachable directly ...
Critical WPvivid Backup & Migration Vulnerability (CVE-2026-1357) Enables Unauthenticated RCE on WordPress Sites
A critical security flaw in the popular WPvivid Backup & Migration plugin for WordPress enables unauthenticated remote code execution (RCE) ...
New ClickFix macOS Attacks Exploit Claude Artifacts and Google Ads to Deliver MacSync Infostealer
Security researchers have identified a new wave of ClickFix attacks targeting macOS, in which threat actors combine paid Google Ads ...
Offline Phishing Campaign Targets Trezor and Ledger Users via Paper Letters
A new wave of offline phishing attacks is targeting owners of Trezor and Ledger hardware wallets. Instead of traditional scam ...
Google Gemini Misuse: How State Hackers and Cybercriminals Are Weaponizing Generative AI
Google’s Threat Intelligence Group (GTIG) has published a detailed report describing how threat actors are systematically abusing the Gemini large ...
Apple fixes critical dyld zero-day CVE-2026-20700 in emergency security updates
Apple has released out-of-band security updates for iOS, iPadOS, macOS, tvOS, watchOS and visionOS to close a critical zero-day vulnerability ...
RenEngine Malware Campaign: Pirated Games Used to Deliver Lumma, ACR and Vidar Stealers
Security analysts from Howler Cell have documented a large-scale malware distribution campaign that weaponizes pirated games and cracked commercial software. ...
Malicious AI Chrome Extensions Steal Gmail and Browser Data: Inside the AiFrame Campaign
Growing interest in AI-powered assistants and “smart” browser tools is being actively abused by cybercriminals. Researchers at LayerX have disclosed ...
Malicious Outlook Add-in in Official Microsoft Office Store Leads to Massive Account Compromise
Researchers from Koi Security have documented the first confirmed case of a malicious Outlook add-in being distributed directly through the ...