Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

April 11, 2026 at 11:32AM Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement…

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

April 10, 2026 at 01:28PM Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of i…

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

April 10, 2026 at 11:58AM Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress…

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

April 9, 2026 at 10:56PM Details have emerged about a now-patched security vulnerability in a widely used third-party Android s…

UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

April 9, 2026 at 09:53PM A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campai…

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

April 9, 2026 at 06:27PM Thursday. Another week, another batch of things that probably should've been caught sooner but wer…

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

April 9, 2026 at 04:10PM An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the In…

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

April 8, 2026 at 11:21PM Cybersecurity researchers have flagged a new variant ofmalware called Chaosthat'scapable of hittin…

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

April 8, 2026 at 05:00PM The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As …

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

April 8, 2026 at 02:46PM Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project…

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

April 8, 2026 at 01:17PM The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by p…

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

April 8, 2026 at 09:53AM Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across …