InsertScript: Blink – DoS of tab via SVG in img tag / CSS context
This is just a quick blogpost to document a behavior in the Blink engine in regards to the processing of SVG images in the context…
Latest Cybersecurity News — Page 387
View all →
Voice channels are the next major attack vector that security teams can’t monitor
For years, cybersecurity teams have worked to close gaps across email, endpoints, cloud infrastructure, and application layers. But as new threats like deepfake voices infiltrate…
NationStates confirms data breach, shuts down game site
NationStates, a multiplayer browser-based game, has confirmed a data breach after taking its website offline earlier this week to investigate a security incident. The government…
PeckBirdy Hackers Abuse LOLBins Across Environments to Deploy Advanced Malware
A sophisticated JScript-based command-and-control framework, PeckBirdy, since 2023, exploiting living-off-the-land binaries (LOLBins) to deliver modular backdoors across diverse execution environments. The framework has been observed…
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
Ravie LakshmananFeb 02, 2026Threat Intelligence / Malware The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic…
India Boosts Cybersecurity, Cloud, Data Centres
When Union Finance Minister Nirmala Sitharaman of India presented the Union Budget 2026–27 on February 1, it became clear that this year’s financial roadmap is…
Arsink Rat Attacking Android Devices to Exfiltrate Sensitive Data and Enable Remote Access
A dangerous Android malware called Arsink RAT has emerged as a serious threat to mobile device security worldwide. This cloud-native Remote Access Trojan gives attackers…
Hackers Target MongoDB Instances to Delete Databases and Plant Ransom Notes
A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls.…
Google Uncovered Significant Expansion in ShinyHunters Threat Activity with New Tactics
The ShinyHunters threat group has expanded its extortion operations with sophisticated attack methods targeting cloud-based systems across multiple organizations. These cybercriminals use voice phishing and…
Online Piracy Sites Seized In U.S.-Bulgarian Crackdown
In a major step against online piracy and illegal copyright distribution, U.S. law enforcement has partnered with Bulgarian authorities to dismantle three of the largest…
1-Click Clawdbot Vulnerability Enable Malicious Remote Code Execution Attacks
A critical vulnerability in OpenClaw, the open-source AI personal assistant trusted by over 100,000 developers, has been discovered and weaponized into a devastating one-click remote…
$3M CrossCurve Bridge Cyberattack Exposes Validation Flaw
CrossCurve bridge, formerly known as EYWA, has suffered a major cyberattack after attackers exploited a vulnerability in its smart contract infrastructure, draining approximately $3 million across…