Security News

Filter by:

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how it propagates through the Open VSX registry. "Instead of requiring every malicious listing to embed the loader directly, the threat actor is now abusing extensionPack and...
The Hacker News 14 Mar 2026 3100 Views

Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries

A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands of residential routers worldwide into a botnet for committing large-scale fraud. "SocksEscort infected home and small business internet routers with malware," the U.S. Department...
The Hacker News 13 Mar 2026 2736 Views

CISA orders feds to patch n8n RCE flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability. [...]
Bleepingcomputer 12 Mar 2026 3263 Views

Threat Actors Using Fake Claude Code Download to Deploy Infostealer

Cybercriminals have found a new way to target developers and IT professionals by setting up fake download pages that impersonate Claude Code, a legitimate AI coding assistant. These deceptive pages trick users into downloading what appears to be an official installation package, but instead silently deploy an...
Cyber Security News 6 Mar 2026 12581 Views

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. [...]
Bleepingcomputer 4 Mar 2026 3304 Views

Qualcomm Zero-Day Exploited in Targeted Android Attacks

The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat groups.
Dark Reading 4 Mar 2026 28091 Views

Critical OpenClaw Vulnerability Exposes AI Agent Risks

The now-patched flaw is the latest in a growing string of security issues associated with the viral AI tool, which has seen rapid adoption among developers.
Dark Reading 3 Mar 2026 27555 Views

Threat Actors Using Fake Avast Website to Harvest Users Credit Card Details

Cybercriminals are frequently refining their techniques to exploit consumer trust, and a highly sophisticated phishing campaign has recently surfaced that impersonates the cybersecurity firm Avast. This operation is designed to harvest sensitive financial credentials by tricking users into believing they are resolving an erroneous charge. By leveraging...
Cyber Security News 26 Feb 2026 13068 Views

Hackers Leveraging Multiple AI Services to Compromise 600+ FortiGate Devices

A financially motivated threat actor exploited various commercial generative AI services to compromise over 600 FortiGate devices across more than 55 countries between January 11 and February 18, 2026. The campaign marks a defining demonstration of how AI is lowering the technical entry barrier to offensive cyber operations...
Cyber Security News 22 Feb 2026 11410 Views

PromptSpy is the first known Android malware to use generative AI at runtime

Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices. [...]
Bleepingcomputer 20 Feb 2026 3906 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY