CVE-2026-8889 CVE-2026-8889

Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching 25,020 hashes and CIPA blocklist matching 12,352 hashes...

CVE-2026-8889

CVE-2026-8889 is tied to Version 3.0.7 of the Securly Chrome Extension, which uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes). The connected CERT/NVD records describe multiple weak crypto and exposure issues in the same extension...

PT-2026-46054

Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description The software uses deprecated SHA-1 hashing for IWF CSAM URL matching and CIPA blocklist matching. SHA-1 is a cryptographic hash function that is no longer considered secure against well-funded...

Police Shut Down 373,000 Dark Web Sites in Single-Operator CSAM Network

Police shut down 373K dark web sites in a one-man CSAM and cybercrime network run by a 35-year-old man in China, with global probe ongoing...

Regulators around the world are scrutinizing Grok over sexual deepfakes

Grok’s failure to block sexualized images of minors has turned a single “isolated lapse” into a global regulatory stress test for xAI’s ambitions. The response from lawmakers and regulators suggests this will not be solved with a quick apology and a hotfix. Last week we reported on Grok's apology...

Child predators are lurking on dating apps, warns report

Using a dating app? Beware of your potential partner's motives. A report from Edinburgh University warns that child abusers are using these apps to find single parents with vulnerable children. The Searchlight 2025 report, from the University's Childlight Global Child Safety Institute, analyses t...

Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation

In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material CSAM. "A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025," Europol said in a statement...

79 Arrested as Dark Web’s Largest Child Abuse Network ‘Kidflix’ Busted

Dark web child abuse hub ‘Kidflix’ dismantled in global operation. 1.8M users, 91,000+ CSAM videos exposed. 79 arrests, 39 children rescued...

S. Korea’s Notorious Sex Crime Hub Ya-moon Hacked, User Data Leaked

Ya-moon, S. Korea’s notorious sex crime hub operating since 1990, hacked; user data leaked, exposing CSAM, exploitation, and illicit activities...

Police Broke Tor Anonymity to Arrest Dark Web Users in Major CSAM Bust

German authorities dismantled Boystown, a notorious Dark Web platform for CSAM, by deanonymizing Tor users in 2021. This…...

Telegram CEO Pavel Durov’s Arrest Linked to Sweeping Criminal Investigation

French authorities detained Durov to question him as part of a probe into a wide range of alleged violations—including money laundering and CSAM—but it remains unclear if he will face charges...

Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material CSAM, indicating how such information could be used to combat serious crimes. "Approximately 3,300 unique users were found with accounts on...

Researchers Track Identities and Locations of CSAM Users via Malware Logs

Alarming new research exposes thousands of CSAM child sexual abuse material consumers through infostealer malware logs. Recorded Future…...

Hackers Leaking Taylor Swift Tickets? Don’t Get Your Hopes Up

Plus: Researchers uncover a new way to expose CSAM peddlers, OpenAI suffered a secret cyberattack, cryptocurrency thefts jump in 2024, and Twilio confirms hackers stole 33 million phone numbers...

Signal Foundation Warns Against EU's Plan to Scan Private Messages for CSAM

A controversial proposal put forth by the European Union to scan users' private messages for detection of child sexual abuse material CSAM poses severe risks to end-to-end encryption E2EE, warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused messaging...

‘Largest Botnet Ever’ Tied to Billions in Stolen Covid-19 Relief Funds

The US says a Chinese national operated the “911 S5” botnet, which included computers worldwide and was used to file hundreds of thousands of fraudulent Covid claims and distribute CSAM, among other crimes...

Microsoft’s New Recall AI Tool May Be a ‘Privacy Nightmare’

Plus: US surveillance reportedly targets pro-Palestinian protesters, the FBI arrests a man for AI-generated CSAM, and stalkerware targets hotel computers...

CSAM Drives Accurate TruRisk Scoring with EoL/EoS, Unauthorized Software, and Missing Security Agents

With the release of the Enterprise TruRisk Platform, Qualys is focusing each of its cyber security solutions on the more holistic goals of measuring, communicating, and eliminating cyber risk across the extended enterprise. Each offering within the platform works together, driving toward these...

CSAM Strengthens Attack Surface Coverage and Risk Assessment With Third-Party Connectors

Organizations using Qualys CyberSecurity Asset Management CSAM can now import asset data from any external system into the Enterprise TruRisk Platform. With third-party connectors, you will identify any existing coverage gaps and add business context to your unified inventory, helping you...

Qualys WAS Unveils New Features in an Upgraded User Interface

Qualys Web Application Scanning WAS has been at the forefront of web application and API security innovation, and today, were excited to announce a significant leap - the launch of our New User Interface UI. From improved performance and reliability to cutting-edge technology adoption and enhance...