Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says
Hackers can now spin up fake login pages without writing a single line of code. Source link
Month: April 2026
NFC tap-to-pay gets tapped by hackers
Cyber crooks are abusing a trojanized Android payment application to steal near field communication (NFC) data and PINs, enabling cloning of payment cards and draining…
36 Must-Know Password Statistics for 2026
Password security is the first defense against cyber threats, and with billions of credentials stolen each year, it’s important to practice good password hygiene. If…
New npm supply-chain attack self-spreads to steal auth tokens
A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised…
New DinDoor Backdoor Abuses Deno Runtime and MSI Installers to Evade Detection
A newly identified backdoor called DinDoor is using the legitimate Deno JavaScript runtime and MSI installer files to quietly slip past security defenses and compromise…
Router Security Hardening Steps for 2026: From Default Credential Audits to Automated Firmware Risk Monitoring
Network edge devices are now among the most targeted entry points in cyberattacks. Recent intelligence shows that threat actors are focusing more on routers, firewalls,…
Mozilla Firefox 150 Released With Fixes for Multiple Code Execution Vulnerabilities
Mozilla has released Firefox 150 to patch 41 security vulnerabilities, including multiple high-severity flaws that could lead to remote code execution. Users should immediately update…
Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit
Bluesky, the widely used alternative to Twitter/X, is back to normal after several days of outages that left the platform nearly empty. The issue began…
Saudi Arabia’s Cybersecurity Startups Guard the Region’s Digital Shift
Digital transformation across the Middle East has accelerated rapidly in recent years, and cybersecurity has followed close behind. Saudi Arabia is one of the region’s fastest-growing…
Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)
Progress Software has fixed a slew of high-severity vulnerabilities in MOVEit WAF and LoadMaster, including a flaw (CVE-2026-21876) that may allow attackers to bypass firewall…
Researcher claims Claude Desktop installs “spyware” on macOS
Security researcher Alexander Hanff wrote an article titled Anthropic secretly installs spyware when you install Claude Desktop. Claims like that are bound to create two…
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Ravie LakshmananApr 22, 2026Malware / Critical Infrastructure Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at…