Russia-linked actors target WhatsApp and Signal in phishing campaign Pierluigi Paganini March 22, 2026 Russia-linked actors target WhatsApp and Signal accounts of officials and journalists…
LOLBin stands for “Living Off the Land Binaries,” tools that are pre-installed as part of an operating system. LOLBins are not malicious in themselves but…
A North Carolina man was found guilty of extorting a D.C.-based technology company while still being employed as a data analyst contractor. While a Justice…
The notorious hacking collective LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving the multinational pharmaceutical and biotechnology company AstraZeneca. The threat…
When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious…
Law enforcement agencies in the United States, Germany and Canada have carried out an operation to take down infrastructure used by four major botnets that…
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager Pierluigi Paganini March 22, 2026 Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated…
“You need a full AI security solution,” he tells CSO, arguing that AI systems are dynamic, with models, data, and behaviors that change over time,…
In his hit song “War,” Motown singer Edwin Starr asked a poignant question: “War, huh, yeah, what is it good for?” Well, from a purple…
An information stealer called VoidStealer uses a new approach to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored…
A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November…
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware –…
