Pentagon Urged to Limit Mobile Tracking and Chrome Usage Over Security Risks.
CENTCOM Warns of GPS Data Exploitation Targeting U.S. Troops
Lawmakers Raise Alarm Over Location Data Used for Drone and Missile Targeting.
Lawmakers Raise Alarm Over Location Data Used for Drone and Missile Targeting.
AI-Driven Cyberattacks Increasingly Target U.S. Critical Infrastructure.
🔥2
FIFA World Cup 2026 Scams Begin to Surge
Cybercriminals launch themed phishing and ticket fraud campaigns targeting global fans ahead of the tournament.
Cybercriminals launch themed phishing and ticket fraud campaigns targeting global fans ahead of the tournament.
1,300+ C2 Servers Discovered Across the Middle East
Researchers uncover a large cluster of active command-and-control infrastructure supporting ongoing cyber operations.
Researchers uncover a large cluster of active command-and-control infrastructure supporting ongoing cyber operations.
Kali365 Kit Enables Microsoft 365 MFA Bypass
Advanced phishing kit circumvents MFA protections, allowing attackers to hijack enterprise accounts at scale.
Advanced phishing kit circumvents MFA protections, allowing attackers to hijack enterprise accounts at scale.
Malicious Sicoob NuGet and npm Packages Target Financial and Cloud Secrets
Supply chain attack steals Brazilian banking credentials and CI/CD secrets through widely downloaded packages.
Supply chain attack steals Brazilian banking credentials and CI/CD secrets through widely downloaded packages.
GREYVIBE Cyber Espionage Campaign Targets Ukraine
Emerging threat actor uses phishing and AI-assisted malware to infiltrate government, military, and civilian sectors.
Emerging threat actor uses phishing and AI-assisted malware to infiltrate government, military, and civilian sectors.
Kimsuky Expands Arsenal with HTTPSpy and VS Code Tunneling
North Korean group targets South Korea using fake apps and meetings, adding stealthier persistence techniques.
North Korean group targets South Korea using fake apps and meetings, adding stealthier persistence techniques.
Android NFC Malware Steals Banking Data via Relay Attacks
DevilNFC and NFCMultiPay capture card details and PINs, locking victims in fake interfaces during transactions.
DevilNFC and NFCMultiPay capture card details and PINs, locking victims in fake interfaces during transactions.
Unpatched Gogs RCE Puts Entire Repositories at Risk
A 9.4 severity flaw allows any authenticated user to execute code via malicious branch names; no CVE issued yet.
A 9.4 severity flaw allows any authenticated user to execute code via malicious branch names; no CVE issued yet.
Microsoft Is Taking Screenshots of Your PC
Microsoft Recall is a privacy nightmare. Disable it NOW.
Settings > Privacy & security > Recall & snapshots → Turn OFF
Why it's critical:
- Takes screenshots every 5 seconds
- Captures passwords, credit cards, SSNs, bank screens
- Snapshots stored in unencrypted SQLite DB when logged in
- InfoStealer malware can easily extract everything
- WHY Greenberg called it "pre-installed spyware"
Microsoft made it opt-in & added Windows Hello auth AFTER security researchers exposed the flaws
If you're on a Copilot+ PC, verify it's OFF. Your sensitive data is at risk.
Microsoft Recall is a privacy nightmare. Disable it NOW.
Settings > Privacy & security > Recall & snapshots → Turn OFF
Why it's critical:
- Takes screenshots every 5 seconds
- Captures passwords, credit cards, SSNs, bank screens
- Snapshots stored in unencrypted SQLite DB when logged in
- InfoStealer malware can easily extract everything
- WHY Greenberg called it "pre-installed spyware"
Microsoft made it opt-in & added Windows Hello auth AFTER security researchers exposed the flaws
If you're on a Copilot+ PC, verify it's OFF. Your sensitive data is at risk.
Microsoft Condemns Public Zero-Day Disclosures
Actively exploited Windows flaws trigger takedowns of researcher accounts after controversial full disclosures.
Actively exploited Windows flaws trigger takedowns of researcher accounts after controversial full disclosures.
JINX-0164 Targets Crypto Firms via LinkedIn Lures
New threat actor deploys macOS AUDIOFIX infostealer and MiniRAT backdoor through fake recruiter messages and poisoned npm packages.
New threat actor deploys macOS AUDIOFIX infostealer and MiniRAT backdoor through fake recruiter messages and poisoned npm packages.
FortiClient EMS Flaw Enables Network-Wide Malware Deployment
Critical CVE-2026-35616 allows attackers to push credential stealers as fake updates across managed endpoints.
Critical CVE-2026-35616 allows attackers to push credential stealers as fake updates across managed endpoints.
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say.