Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Ravie LakshmananApr 10, 2026Malware / Website Security Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and…
Latest Cybersecurity News — Page 419
View all →
Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000
Google announced this week the first stable version of Chrome 147, which includes patches for 60 vulnerabilities, including two that have been rated critical. The…
Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises
However, Litan added, the capability remains opt-in, requires premium licensing and administrative configuration, and disables several Gmail functions, including AI features and comprehensive search, on…
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
In this article During routine security research, we identified a severe intent redirection vulnerability in a widely used third-party Android SDK called EngageSDK. This flaw…
Auto-Remediations: Save Precious Time on Low-Level Incidents
Everyone has heard the saying that “time is money,” but there is one big difference between the two: you can’t make more time, so you…
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular…
Hackers Use AiTM Session Hijacking to Redirect Employee Salaries in New Storm-2755 Campaign
A financially motivated threat group called Storm-2755 has launched a campaign that quietly reroutes employee salary payments to attacker-controlled bank accounts. Targeting Canadian workers, the…
Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data
A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as CVE-2025-59145…
Overcoming Biases in Cyber Security Problem Analysis and Decision-Making
“I don’t care what that report says, the threat actor has to be utilizing vector #1 because that is what our threat model says they’ll…
Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries
A new report from Infoblox Threat Intel connects two issues that are often discussed separately but rarely proven to be linked. The company says it…
To counter cookie theft, Chrome ships device-bound session credentials
Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled server. Because cookies often have…
ClickFix finds a new way to infect Macs
ClickFix campaigns are looking for alternatives now that many Mac users have been made aware of the dangers of pasting certain commands into Terminal. Researchers…