Google has officially rolled out End-to-End Encryption (E2EE) for the Gmail application on Android and iOS devices. This major update targets users utilizing Gmail client-side encryption. It allows organisations to handle sensitive data confidentially directly from their smartphones or tablets.…
Category: Cyber Security News
Google Unveils Device-Bound Chrome Sessions in Anti-Cookie-Theft Move
Google officially announced the public rollout of Device Bound Session Credentials (DBSC) for Windows users on Chrome 146. According to the Google Account Security and Chrome teams, this major security update aims to eliminate session hijacking, a primary method for…
Hacker Uses Claude and ChatGPT to Breach Multiple Government Agencies
A single threat actor compromised nine Mexican government agencies and stole hundreds of millions of citizen records in a highly sophisticated cyberattack. The campaign, which ran from late December 2025 through mid-February 2026, highlights a dangerous shift in the modern…
Ransomware Gangs Expand Use of EDR Killers Beyond Vulnerable Drivers, ESET Warns
In recent years, Endpoint Detection and Response (EDR) killers have become a standard, highly effective weapon in modern ransomware intrusions. Before launching their file-encrypting malware, cybercriminals routinely deploy specialized tools to bypass security software. According to a comprehensive new report…
Anthropic Launches Claude Beta for Word, Bringing AI-Powered Editing to Microsoft Docs
Anthropic has officially launched Claude for Word in public beta, bringing its AI assistant directly into Microsoft Word as a native sidebar add-in for Team and Enterprise users on both Mac and Windows platforms. The integration marks a significant step…
France to Replace Windows with Linux on Government Desktops
France has taken a decisive step toward digital sovereignty, announcing plans to migrate government workstations from Microsoft Windows to Linux. The move was formally declared during an interministerial seminar held on April 8, 2026, organized by the Interministerial Directorate for…
Hackers Use AiTM Session Hijacking to Redirect Employee Salaries in New Storm-2755 Campaign
A financially motivated threat group called Storm-2755 has launched a campaign that quietly reroutes employee salary payments to attacker-controlled bank accounts. Targeting Canadian workers, the group uses adversary-in-the-middle (AiTM) techniques to hijack authenticated sessions and bypass multi-factor authentication (MFA), in…
EngageSDK Vulnerability Exposes Millions of Crypto Wallet Users to Cyberattacks
A serious security flaw found inside a widely used Android library called EngageSDK has put over 30 million cryptocurrency wallet users at risk of financial theft and personal data exposure. The vulnerability, described as an intent redirection flaw, allowed malicious…
Censys Warns 5,219 Rockwell/Allen-Bradley PLCs Are Exposed Amid Iranian APT Activity
The FBI, CISA, NSA, EPA, DOE, and U.S. Cyber Command jointly disclosed on April 7, 2026, that Iranian-affiliated advanced persistent threat (APT) actors are actively targeting internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs). These industrial devices are widely used in…
Hackers Use Fake BTS World Tour Ticket Sites to Scam Fans Across Multiple Countries
Cybercriminals are capitalizing on the excitement around BTS’s long-awaited return to the world stage by setting up fraudulent ticket websites that steal money from unsuspecting fans. The campaign has already reached fans across nine countries, making it one of the…
Multiple TP-Link Vulnerabilities Allow Attackers to Seize Control of the Device
Cybersecurity researchers have identified five distinct security flaws in the TP-Link Archer AX53 v1.0 router. Tracked under multiple CVE identifiers, these vulnerabilities impact the router’s core modules, including OpenVPN, dnsmasq, and tmpServer. When exploited, these flaws allow attackers on the…
MuddyWater Turns to Russian Malware-as-a-Service in New ChainShell Campaign
Iranian state-backed hacking group MuddyWater has made a decisive operational shift, adopting a Russian-built Malware-as-a-Service platform to power a new campaign against Israeli targets. The operation, built around a previously unknown tool called ChainShell, marks a clear departure from the…
Trojanized OpenVSX Extension Spreads GlassWorm Across VS Code, Cursor, and Windsurf
A fake developer extension published on the OpenVSX marketplace is silently spreading a known malware strain called GlassWorm to every code editor installed on a developer’s machine. The malicious package disguises itself as a legitimate productivity tool and uses a…
CPUID Website Compromised to Deliver Weaponized HWMonitor and CPU-Z Tools
The cpuid-dot-com website, home to widely used system utilities CPU-Z and HWMonitor, is at the center of an active supply chain security incident. Users downloading HWMonitor 1.63 or CPU-Z ZIPs since early April have reportedly received trojanized installers capable of…
AWS Patches Critical RCE and Escalate Privileges in Research and Engineering Studio
Amazon Web Services (AWS) has released an important security bulletin addressing three severe vulnerabilities in its Research and Engineering Studio (RES). These flaws could allow authenticated attackers to execute arbitrary commands as root and escalate privileges within a targeted cloud…
WhatsApp Introduces Username Feature for Connecting Without Sharing Phone Numbers
WhatsApp is preparing to roll out a long-anticipated username feature that will allow users to communicate without ever revealing their phone numbers, a significant privacy upgrade for one of the world’s most widely used messaging platforms. First spotted by WABetaInfo…
New STX RAT Uses Hidden Remote Desktop and Infostealer Features to Evade Detection
A newly discovered remote access trojan called STX RAT has emerged as a serious cybersecurity threat in 2026, combining hidden remote desktop access with credential-stealing features to quietly compromise targeted machines. The malware gets its name from the Start of…
Hackers Use ClickFix and Malicious DMG Files to Deliver notnullOSX on macOS
A new macOS info-stealer named notnullOSX has surfaced, targeting crypto holders with wallets above $10,000. Written in Go, it uses two parallel attack paths — ClickFix social engineering and malicious DMG disk image files — to silently compromise Apple Mac…
New ClickFix Campaign Uses macOS Script Editor to Deliver Atomic Stealer
A newly discovered ClickFix campaign is targeting macOS users through a technique that completely bypasses Terminal, using Script Editor to drop the Atomic Stealer infostealer onto compromised systems. This campaign marks a clear shift in how attackers are responding to…
Multiple SonicWall Vulnerabilities Enable SQL Injection and Privilege Escalation Attacks
SonicWall has released a critical security advisory addressing four vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances. These security flaws could allow remote attackers to escalate privileges, bypass multi-factor authentication, and enumerate user credentials. The most severe vulnerability…