Google Fixes Chrome Zero Day CVE 2026 11645 Amid Active Exploitation Reports
Google has released Chrome security updates to address 74 vulnerabilities, including actively exploited zero day CVE 2026 11645 affecting the V8 JavaScript engine.
Asin Android Spyware Targets Arabic Users Through Fake News And War Map Applications
A new Android spyware campaign dubbed Asin is targeting Arabic speaking users through fake news, PDF tools and war map apps, according to cybersecurity researchers at ESET.
IronWorm And New Miasma Variant Target npm Ecosystem In Expanding Supply Chain Attacks
Cybersecurity researchers have uncovered IronWorm and a new Miasma worm variant targeting npm packages, stealing developer credentials and spreading malware through software supply chain attacks.
China Linked TA4922 Expands Phishing Campaigns Across U.K., Germany, Italy, And South Africa
China linked cybercrime group TA4922 has expanded phishing attacks into Europe and South Africa using evolving malware including ValleyRAT, Atlas RAT, RomulusLoader, and SilentRunLoader.
Cybersecurity Threats Intensify As AI Abuse, Malware Campaigns, And Critical Vulnerabilities Rise
A surge in cyber threats involving AI abuse, malware delivery campaigns, cloud attacks, critical vulnerabilities, and phishing tactics is raising global cybersecurity concerns.
One Click GitHub Dev Vulnerability Exposes Full GitHub OAuth Tokens To Attackers
Cybersecurity researchers have disclosed a one click attack affecting GitHub.dev through VS Code that could allow attackers to steal GitHub OAuth tokens with access to private repositories.
Hackers Maintained Five Month Access To Stock Exchange Executive Outlook Mailbox Using Cloud Exfiltration
Cyber espionage campaign infiltrates a stock exchange executive Outlook mailbox for five months, using Dropbox and OneDrive for stealth data exfiltration and credential theft tools.
Fake Open Source Software Sites Rank On Google To Deliver Malware Through Traffic Distribution Systems
Cybersecurity researchers uncover fake open source and freeware websites ranking on Google that use Traffic Distribution Systems to deliver malware like Remus Stealer, SessionGate, and AnimateClipper.
Wazuh Highlights Unified Approach To Detect Phishing And Insider Threats
Wazuh has outlined how organizations can detect phishing attacks and insider threats through unified monitoring, log analysis, threat intelligence, and endpoint visibility.
Unpatched Windows Search URI Vulnerability Exposes NTLMv2 Hashes To Potential Attacks
Cybersecurity researchers have disclosed an unpatched Windows Search URI vulnerability that could expose NTLMv2 hashes, allowing attackers to conduct relay attacks and gain deeper network access.
