GitHub phishers use fake OpenClaw tokens to drain crypto wallets
Victims are first pulled in via GitHub issues that read, “Appreciate for your contributions on GitHub. We analyzed profiles and chose developers to get OpenClaw…
Month: March 2026
RMM Abuse: When IT Convenience Bites Back
Cybercrime is booming, and it’s cashing in on your trusted tools and software. That’s the reality of Remote Monitoring and Management (RMM) abuse. And why…
When “safe” documents aren’t.
Omer Ninburg, CTO of Novee Security, joins us on this episode of Research Saturday to discuss their work on “From PDF to Pwn: Scalable 0day…
Anti-piracy coalition takes down AnimePlay app with 5 million users
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. Backed by more…
Windows 11 and Server 2025 Update to Block Untrusted Cross-Signed Kernel Drivers by Default
Microsoft is taking a major step to harden the Windows operating system against kernel-level threats by removing trust for drivers signed by the deprecated cross-signed…
Fake Certificate Loader Hides BlankGrabber Malware Chain
BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi‑stage Rust and Python infection chain, making this commodity stealer significantly harder to…
BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks
Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files and clever redirection tricks, the BianLian ransomware…
Tails 7.6 ships automatic Tor bridge retrieval and a new password manager
Tails 7.6 is out, and for users operating on networks that block Tor, the most consequential addition is built-in bridge retrieval. The Tor Connection assistant…
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
Ravie LakshmananMar 28, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP…
Capita left to deal with 13,000 civil service pension cases over a year old
Capita was left with 13,000 civil service pension cases that were over one year old when it took over the administration of the scheme in…
RSAC 2026 wrap-up – Week in security with Tony Anscombe
This year, AI agents took the center stage – as a defensive capability, but more pressingly as a risk many organizations haven’t caught up with…
Hong Kong prison department’s IT system hacked, 6,800 employees’ data compromised
A computer system containing Hong Kong prison employees’ personal data has been hacked, compromising the information of 6,800 current and former staffers. The Correctional Services…