A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees…
Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization…
Building on the CustomerFirst unit, which was unveiled last week, the UK government has announced that Meta is investing $1m…
Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerable to attacks exploiting a critical…
MEDUSA, an AI-first Static Application Security Testing (SAST) tool boasting 74 specialized scanners and over 180 AI agent security rules….
Threat actors have successfully exploited a design flaw in GitHub’s fork architecture to distribute malware disguised as the legitimate GitHub…
Ravie LakshmananJan 27, 2026Web Security / Malware Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has…
A judge has ordered the Kingdom of Saudi Arabia (KSA) to pay compensation of £3m to a London-based dissident who…
A dangerous phishing campaign is targeting cryptocurrency holders through video calls that use artificial intelligence to create fake versions of…
Dan Lohrmann is calling all government CISOs (and yes, CTOs, CIOs, CFOs, COOs, and even a few corporate CEOs can listen…
Microsoft Purview Data Security Investigations is now available. The tool is part of Microsoft Purview and is intended for scenarios…
Ravie LakshmananJan 27, 2026Vulnerability / Cloud Security A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version…