tools

March 20, 2026

Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution

Google has released a critical security update for its Chrome desktop web browser, addressing 26 distinct vulnerabilities that could enable…
Read More »
March 20, 2026

New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits

Jenkins disclosed a critical security advisory addressing multiple vulnerabilities impacting its core automation server and the LoadNinja plugin. These flaws…
Read More »
March 20, 2026

ExpressVPN Uncovers Massive AI Data Leak: 3.7M Records Exposed in Plain Sight

A recent investigation published by ExpressVPN has uncovered a staggering 3.7 million pieces of private user data that were made…
Read More »
March 20, 2026

Fake Tools and CDNs Power New “Vibe-Coded” Malware Campaign

“Vibe coding” has evolved from a buzzword to a key battleground, and a new malware campaign shows how attackers are…
Read More »
March 19, 2026

Claude Vulnerabilities Allow Data Exfiltration and Malicious Redirect Attacks

Security researchers have uncovered a critical attack chain within Anthropic’s Claude.ai platform, dubbed “Claudy Day.” This vulnerability sequence enables attackers…
Read More »
March 19, 2026

Pyronut Package Backdoors Telegram Bots With RCE

Malicious ‘Pyronut’ is a trojanized Python package that backdoors Telegram bots and userbots, giving attackers remote code execution over both…
Read More »
March 19, 2026

Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network

A misconfigured opendirectory on an Iranian server has exposed a live censorship-bypass relay and SSH-based botnet operation, revealing how a…
Read More »
March 19, 2026

LeakNet boosts ransomware with ClickFix lures, stealthy Deno loader

Ransomware group LeakNet is scaling its operation by integrating mass-market social engineering lures via ClickFix techniques with a stealthy Deno-based…
Read More »
March 18, 2026

ForceMemo Hijacks GitHub Accounts, Backdoors Python Repos

ForceMemo represents an active campaign targeting GitHub accounts and Python repositories, leveraging force-pushed commits to silently implant malware. Utilizing GlassWorm’s…
Read More »
March 17, 2026

Google Warns Ransomware Groups Shift to Data Theft as Profits Decline

Google is warning that ransomware gangs are reinventing their business model as traditional encryption‑for‑ransom attacks become less profitable and data‑theft…
Read More »
March 17, 2026

GitGuardian Reports 81% Surge in AI-Service Leaks on GitHub

In 2025, Developer Commits Using Claude Code Show 3.2% Secret Leak Rate vs. 1.5% Baseline. The Human Factor Remains Critical…
Read More »
March 16, 2026

IBM Discovers ‘Slopoly’ AI-Generated Malware Linked to Hive0163 Ransomware

Hive0163, a financially driven ransomware group, is testing a probable AI-generated malware framework named “Slopoly,” signaling a rapid shift toward…
Read More »
March 16, 2026

Google Unveils Android 17 Advanced Protection Mode to Stop Malicious Services

Google is preparing to launch Android 17, introducing a comprehensive suite of new features aimed at dramatically enhancing device security,…
Read More »
March 16, 2026

CamelClone Uses Public File-Sharing Sites in Government Cyberattacks

A new cyber espionage campaign dubbed Operation CamelClone is targeting government and strategic sectors across several geopolitically significant regions. The…
Read More »
March 16, 2026

Betterleaks Launches as Open-Source Tool for Scanning Files, Directories, and Git Repositories

Zach Rice, the original creator of the widely popular secret scanning tool Gitleaks, has officially launched its successor, Betterleaks. Sponsored…
Read More »
March 14, 2026

Storm-2561 Uses SEO Poisoning, Fake Signed VPN Apps to Steal Enterprise Credentials

A financially motivated threat actor tracked as Storm-2561 is running a credential theft campaign that abuses SEO poisoning and fake,…
Read More »
March 14, 2026

GlassWorm Spreads via 72 Malicious Open VSX Extensions Hidden in Transitive Dependencies

The GlassWorm malware campaign has advanced significantly, escalating its attacks on software developers. Instead of embedding malware directly into initial…
Read More »
March 13, 2026

Hackers Exploit CloudFlare Anti-Security to Steal Microsoft 365 Login Credentials

A recent Microsoft 365 credential harvesting campaign shows attackers exploiting CloudFlare’s protective features to shield malicious phishing sites from security…
Read More »
March 12, 2026

AI-Driven Phishing Attacks Bypass Email Filters, Land in Inboxes

AI-generated phishing is rapidly reshaping email risk, with more attacks slipping past filters and landing directly in users’ inboxes, even…
Read More »
March 12, 2026

New ClickFix Attacks Target macOS Users with MacSync Infostealer

A new wave of ClickFix campaigns are targeting macOS users and delivering the MacSync infostealer, signaling a growing shift in…
Read More »

Previous page Next page