SQL injection flaw in Ally WordPress plugin exposes 200,000+ sites to data theft. Patch released, but most installations remain unpatched and vulnerable. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original…
Google patches two Chrome zero-days under active attack. Update now
Google has released an out-of-band Chrome update to patch two zero-day vulnerabilities that are already being actively exploited. This article has been indexed from Malwarebytes Read the original article: Google patches two Chrome zero-days under active attack. Update now
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns
The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how…
Interpol cybercrime crackdown leads to 94 arrests, 45,000 IP takedowns
Operation Synergia’s third season is the most productive to date Ninety-four people were arrested as part of a global, multi-month cybercrime crackdown, Interpol revealed today.… This article has been indexed from The Register – Security Read the original article: Interpol…
Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War
Pro-Iranian hackers are targeting sites in the Middle East and starting to stretch into the United States during the war, raising the risk of American defense contractors, power stations and water plants. The post Iran-Linked Hackers Take Aim at US…
Accertify’s Attack State targets credential stuffing and ATO attacks
Accertify has announced the launch of Attack State, a new capability in its Account Protection solution designed to help organizations detect and respond to coordinated login attacks and other automated threats targeting customer accounts. Attack State analyzes login activity continuously…
Stryker Hit By Iran-Linked Wiper Attack
Stryker, a major medical technology firm, has experienced a massive global system failure following a wiper malware attack. This article has been indexed from CyberMaterial Read the original article: Stryker Hit By Iran-Linked Wiper Attack
Viking Line Hit By Cyberattack Crisis
Viking Line Senior Vice President Johanna Boijer-Svahnström confirmed that the company fell victim to a widespread DDoS attack targeting major European shipping firms on Thursday. This article has been indexed from CyberMaterial Read the original article: Viking Line Hit By…
Socksescort Botnet Disrupted By Authorities
An international legal operation has successfully shut down SocksEscort, a criminal proxy service that hijacked hundreds of thousands of residential routers to facilitate global fraud. This article has been indexed from CyberMaterial Read the original article: Socksescort Botnet Disrupted By…
Google Paid $17.1M For Bugs In 2025
Google distributed a record-breaking $17 million to 747 security researchers through its Vulnerability Reward Program in 2025. This article has been indexed from CyberMaterial Read the original article: Google Paid $17.1M For Bugs In 2025
Teen Group Busted For DDoS Tool Sales
Police recently apprehended six minors across Poland for orchestrating large-scale cyberattacks against various commercial and service-oriented websites to generate illicit profit. This article has been indexed from CyberMaterial Read the original article: Teen Group Busted For DDoS Tool Sales
New Critical AdGuard Home Flaw Lets Attackers Bypass Authentication
AdGuard Home, a highly popular network-wide ad and tracker blocking solution, has recently issued an emergency security hotfix to address a critical flaw. This severe vulnerability, officially tracked under the identifier CVE-2026-32136, has been assigned a maximum severity rating of…
Apple Released Emergency Updates for iOS 15.8.7 to Thwart ‘Coruna’ Exploit Kit
Apple has rolled out an emergency security update, iOS 15.8.7 and iPadOS 15.8.7, to protect older devices from a severe threat known as the ‘Coruna’ exploit kit. Released on March 11, 2026, this critical patch backports fixes from newer iOS…
EU Parliament backs extension of CSAM detection rules until 2027
The European Parliament has voted to extend a temporary exemption to EU privacy legislation that allows online platforms to voluntarily detect child sexual abuse material (CSAM). The extension prolongs a derogation from the EU’s ePrivacy Directive, which was set to…
Authorities Shut Down Proxy Service Linked to Malware Campaign Targeting Thousands of Users
A coordinated international law enforcement operation successfully dismantled SocksEscort, a massive malicious residential proxy network. Led by the U.S. Justice Department alongside several European allies, the operation disrupted a sophisticated infrastructure that compromised thousands of residential and small business routers…
NanoClaw latches onto Docker Sandboxes for safer AI agents
Take your YOLO and box it up exclusive NanoClaw, an open source agent platform, can now run inside Docker Sandboxes, furthering the project’s commitment to security.… This article has been indexed from The Register – Security Read the original article:…
Bold Security Emerges From Stealth With $40 Million in Funding
The startup relies on AI to turn devices into active agents that understand users’ actions and provide protection in real time. The post Bold Security Emerges From Stealth With $40 Million in Funding appeared first on SecurityWeek. This article has…
Threat Modeling with AI: A Developer-Driven Boon for Enterprise Security
For companies running a modern, adaptive and defense-centered security program, threat modeling is not a new concept. In fact, it’s one of the core tenets of preventative cybersecurity best practices. Being able to find vulnerabilities within software or a network,…
US Agencies Face CISA Deadline Over Critical Cisco SD-WAN Flaw
US agencies race to meet a CISA deadline after a critical Cisco SD-WAN Flaw exposed federal networks to long-term intrusion and forced security action. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
Storm-2561 Uses SEO Poisoning, Fake Signed VPN Apps to Steal Enterprise Credentials
A financially motivated threat actor tracked as Storm-2561 is running a credential theft campaign that abuses SEO poisoning and fake, signed VPN installers to steal enterprise VPN credentials. Active since May 2025, Storm-2561 continues to exploit user trust in search…
Starbucks Data Breach Exposes Personal Data of Hundreds of Users
Starbucks Corporation recently disclosed a targeted cybersecurity incident that compromised the personal and financial information of 889 individuals. This internal platform is utilized by the company to manage human resources, employee benefits, and payroll details. While the number of impacted…
Starbucks Data Breach – Hundreds of Users’ Personal Data Exposed
Starbucks Corporation has confirmed a data breach affecting an undisclosed number of its employees, exposing highly sensitive personal and financial information after unauthorized actors gained access to internal partner accounts through a sophisticated phishing scheme. On or about February 6,…
Google rushes Chrome update fixing two zero-days already under attack
Skia graphics lib and V8 JavaScript engine brings browser’s tally of actively exploited bugs to three in 2026 Google has pushed out an emergency Chrome update to fix two previously unknown vulnerabilities that attackers were already exploiting before the patches…
Google Paid Out $17 Million in Bug Bounty Rewards in 2025
Google paid over $3.7 million for Chrome vulnerabilities, and more than $3.5 million for cloud security defects. The post Google Paid Out $17 Million in Bug Bounty Rewards in 2025 appeared first on SecurityWeek. This article has been indexed from…