Storm Infostealer Sold as Service, Targets Browsers, Wallets and Accounts

New research from Varonis Threat Labs reveals Storm infostealer, a malicious subscription service that bypasses Google Chrome encryption.…...

Why GitHub Developers Are Targeted by Token Giveaway Scams

GitHub developers face rising giveaway scams. Verify repos, links, and maintainers before acting. Avoid rushed clicks, fake rewards, and risky wallet actions...

Apple Pushes Rare iOS 18 Patch for Devices at Risk from DarkSword Exploit

Apple pushes rare iOS 18 security patch to protect devices at risk from the DarkSword exploit, urging users to update or move to iOS 26 for stronger protection...

LinkedIn Phishing Scam Uses Fake Notifications to Hijack Accounts

A LinkedIn phishing scam uses fake notifications and lookalike domains to steal credentials, hijack accounts, and access sensitive professional data...

Anthropic Leaks 512,000 Lines of Claude AI Code in Major Blunder

Human error exposed 512,000+ lines of Anthropic Claude AI Code, revealing KAIROS and Capybara secrets, pushing users to switch to the Native Installer...

Ransomware Groups Exploit Legit IT Tools to Bypass Antivirus

New research from Seqrite explains the 'dual-use dilemma,' where ransomware attackers repurpose legitimate IT tools like IOBit Unlocker…...

ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers

New research from Octagon Networks reveals a critical zero-day ImageMagick vulnerability that allows Remote Code Execution RCE via simple image uploads affecting Ubuntu, Amazon Linux, and WordPress. This magic byte shift bypasses even the most secure policies...

Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec

New York, New York, April 1st, 2026, CyberNewswire...

Defending Encryption in the Post Quantum Era

Post-quantum cryptography explained, risks of quantum attacks, and steps to secure data, systems, and infrastructure for a quantum-resilient…...

Hackers Poison Axios npm Package with 100 Million Weekly Downloads

Axios npm Package compromised in a supply chain attack, exposing developers to malware, data theft, and full system takeover risks worldwide...

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately...

AI Agents Are Democratizing Finance but Also Redefining Risk

AI agents are transforming finance, enabling automated trading and payments, but introduce new risks around keys, data inputs and secure execution control...

Kernel Observability for Data Movement

Kernel-level visibility reveals hidden data movement in breaches, exposing gaps in modern security tools and improving detection, compliance, and system behavior tracking...

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw...

Wave Browser Brings Gaming Tools and Ocean Cleanup into the Same Tab

Wave Browser for gaming: built for multitasking, streaming, and tabs, with tools for gamers plus ocean cleanup support tied to everyday browsing activity...

15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow

15-year-old strongSwan flaw allows attackers to crash VPNs via integer underflow bug, affecting EAP-TTLS plugin and multiple versions worldwide...

24/7 Payments for 24/7 Agents: The Case for Crypto in the Machine Economy

Crypto enables 24/7 payments for AI agents, replacing fiat limits with scalable machine-to-machine transactions and powering the emerging machine economy...

Dark Web Market Lists Alleged 375TB Lockheed Martin Data for $600M

A dark web market known as Threat Market is listing 375TB of Lockheed Martin data, which it claims was provided by a group calling itself ‘APT Iran.’...

TeamPCP Uses Fake Ringtone File in Tainted Telnyx SDK to Steal Credentials

Telnyx issues an urgent alert after hackers TeamPCP uploaded malicious versions 4.87.1 & 4.87.2 of its Python SDK to steal cloud and crypto credentials...

ShinyHunters Claims 350GB Data Breach at European Commission

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet...

Lloyds Group to Compensate 450,000 Customers After App Glitch

Lloyds Banking Group to compensate 450,000 customers after app glitch exposed data. Find out how the glitch affected…...

Iran-Linked Handala Hackers Breach FBI Chief Kash Patel’s Gmail

Iran-linked Handala hackers breached FBI Chief Kash Patel’s Gmail, leaking photos and documents. Officials say no classified data was exposed...

ShinyHunters Walk Away from BreachForums, Leak 300,000-User Database

ShinyHunters leaves BreachForums, leaks data of 300,000 users, warns all active domains are fake, and threatens more leaks from forum backups...

Google Sets 2029 Deadline as Quantum Computers Threaten Encryption

Google fast-tracks post-quantum cryptography with a 2029 deadline as researchers warn quantum computers could break current encryption sooner than expected...

BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks

Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files…...

New Ghost Campaign Uses Fake npm Progress Bars to Phish Sudo Passwords

ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers...

Best AI Security Solutions for Enterprises in 2026

Enterprise AI security solutions in 2026, compare Check Point, Palo Alto, CrowdStrike, Fortinet, and Zscaler across cloud, endpoint, and network...

Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users

7AI research reveals a massive QR code phishing attack that evaded SPF, DKIM, and DMARC. Find out how 1.6 million emails went undetected...

New PXA Stealer Malware Targets Banks, Uses Telegram to Exfiltrate Data

CyberProof researchers have detected a 10% surge in PXA Stealer attacks targeting financial institutions in Q1 2026. Learn…...

Acalvio ShadowPlex Review: Deception-Based Preemptive Cybersecurity

This practitioner-focused review covers Acalvio ShadowPlex, a deception-first platform designed to stop attacker progress across IT, cloud, OT,…...

Suspected Hijacked Developer Accounts Spread npm Malware

Sonatype uncovers a sophisticated malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?...

Mirai Malware Evolves into Hundreds of Variants Driving Botnet Growth

Mirai malware evolves into hundreds of variants, driving botnet growth, including Aisuru and KimWolf, powering large-scale attacks, and increasing risks to vulnerable IoT devices worldwide...

US Bans New Foreign-Made Home Routers Over National Security Fears

The FCC has officially added foreign-made consumer routers to its restricted Covered List, citing major cybersecurity risks. Find out what it means for your current devices...

Best Klaviyo Alternatives for Revenue Growth and Advanced Analytics

Top Klaviyo alternatives offer advanced analytics, automation, and insights to help e-commerce brands improve campaigns, boost revenue, and track performance...

How AI Translation Fixes Multilingual Content Chaos

AI translation fixes multilingual content chaos by improving consistency, workflows, and speed, helping teams reduce errors and scale global content faster...

Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam

OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets...

2026 Cybersecurity Excellence Awards Winners Announced during RSA Conference as AI Security Dominates

San Francisco, USA, 25th March 2026, CyberNewswire...

TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign

Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers...

HackerOne, Mazda, Infinite Campus and Dutch Ministry Hit by Data Breaches

HackerOne, Mazda, Infinite Campus and the Dutch Ministry report data breaches, exposing employee and partner data across multiple sectors worldwide...

Understanding Wiz’s Approach to Securing the AI Supply Chain

As organizations race to deploy AI, securing the rapidly expanding ecosystem of models, data, and dependencies has become a critical priority, much of which can be addressed by Wiz’s CNAPP solution...

All AI and Security Teams Need Transparent Data Pipelines

Transparent AI data pipelines help organizations verify sources, reduce errors, meet regulations, and build trust by making outputs auditable and reliable...

OVHcloud Founder Denies Massive 590TB Data Breach Claims

OVHcloud denies breach after hacker claims 600TB data theft affecting millions of sites, with experts doubting authenticity due to weak proof...

FBI Warns of Iran’s Handala Hack Group Using Fake Apps to Spy on Windows Users

The FBI has issued a warning about Iran-linked Handala Hack Group, targeting Windows users through fake versions of WhatsApp and Telegram...

DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk

DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through…...

Gcore Radar report reveals 150% surge in DDoS attacks year-on-year

Luxembourg, Luxembourg, 24th March 2026, CyberNewswire...

Playnance Introduces Participation-First Model for Social Gaming with New Protocol Launch

Playnance launches social gaming protocol powered by GCOIN, enabling user participation in ecosystem value, transparency, and shared digital growth...

New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper

CanisterWorm spreads via npm supply chain attack, hijacks developer accounts, targets Kubernetes clusters, and deploys destructive Kamikaze wiper payload...

North Korean Hacker Lands Remote IT Job, Caught After VPN Slip

New research from LevelBlue reveals how a suspected North Korean operative landed a remote IT role to fund national weapons programmes...

Police Shut Down 373,000 Dark Web Sites in Single-Operator CSAM Network

Police shut down 373K dark web sites in a one-man CSAM and cybercrime network run by a 35-year-old man in China, with global probe ongoing...

Why Your Weather-Powered Design Tool Needs More Than Just an API Key

Weather-powered design tools need more than an API key. Learn how authentication, access control, and server-side calls keep…...