Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successful...
Read More...
Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability
In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe...
Read More...
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster d...
Read More...
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selecti...
Read More...
Best Practices
How to prevent business email compromise
Business email compromise (BEC) is the cyber equivalent of an expertly forged handwritten note—no malware fireworks, no flashing warnings...
Read More...
Open source maintainers being targeted by AI agent as part of ‘reputation farming’
AI agents able to submit huge numbers of pull requests (PRs) to open-source project maintainers risk creating the conditions for future s...
Read More...
Leaky Chrome extensions with 37M installs caught divulging your browsing history
An estimated 37 million worldwide installations of a clutch of leaky Chrome extensions are transmitting users’ browsing histories to exte...
Read More...
13 ways attackers use generative AI to exploit your systems
Artificial intelligence is revolutionizing the technology industry and this is equally true for the cybercrime ecosystem, as cybercrimina...
Read More...
Chinese hackers exploited zero-day Dell RecoverPoint flaw for 15 years
For the past 18 months, a Chinese cyberespionage group has been exploiting a prevously unknown vulnerability in Dell’s RecoverPoint for V...
Read More...
New Threats and Vulnerabilities
PromptSpy Android malware may exploit Gemini AI
A newly uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence
Read More...
Flaws in Google and Microsoft products added to Cisa catalogue
Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some...
Read More...
0APT ransomware crew makes embarrassing splash
A ransomware gang called 0APT has attracted attention, but many of its victims may not even be real, and its operators are being accused of over-egging their cr...
Read More...
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citi...
Read More...
Patch Management
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to comp...
Read More...
Cline CLI 230 Supply Chain Attack Installed OpenClaw on Developer Systems
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install ...
Read More...
FBI Reports 1900 ATM Jackpotting Incidents Since 2020 $20M Lost in 2025
The U.S. Federal Bureau of Investigation (FBI) has warned of an increase in ATM jackpotting incidents across the country, leading to losses of more than $20 mil...
Read More...
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI) chatbo...
Read More...
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges.
Windows Admin Center is a...
Read More...