108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

April 14, 2026 at 02:05PM Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome exte…

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

April 14, 2026 at 11:09AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen securit…

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

April 13, 2026 at 10:45PM Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to…

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

April 13, 2026 at 06:31PM Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a c…

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

April 13, 2026 at 05:11PM Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zer…

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

April 13, 2026 at 02:45PM The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-…

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

April 13, 2026 at 12:20PM OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious…

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

April 12, 2026 at 09:55AM Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come …

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

April 11, 2026 at 11:32AM Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement…

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

April 10, 2026 at 01:28PM Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of i…

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

April 10, 2026 at 11:58AM Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress…

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

April 9, 2026 at 10:56PM Details have emerged about a now-patched security vulnerability in a widely used third-party Android s…