Category: Cyber Security News

Anthropic has officially pulled the plug on third-party AI agent access to the Claude subscription, marking a significant shift in how users can leverage its models outside the company’s native ecosystem. According to Anthropic Claude Code exec Boris Cherny, starting…

Read more →

A critical security flaw in F5’s BIG-IP Access Policy Manager (APM) is currently under active exploitation, leaving thousands of enterprise networks at risk. The vulnerability, officially tracked as CVE-2025-53521, has sparked urgent warnings across the cybersecurity community after its impact…

Read more →

A coordinated phishing campaign has been quietly targeting banking customers across the Philippines since early 2024, and it remains active today. The attackers are not relying on crude tricks — they are hiding behind widely trusted internet platforms to steal…

Read more →

Two malicious versions of the popular JavaScript HTTP library Axios were briefly published to the npm registry on March 31, 2026. Each version carried a hidden dependency that installed a remote access trojan (RAT) across macOS, Windows, and Linux systems.…

Read more →

A North Korean threat group known as Kimsuky has been caught running a cyberattack campaign that uses malicious Windows shortcut files, known as LNK files, to quietly install a Python-based backdoor on victim systems. The attack stays hidden across multiple…

Read more →

A new malware has been quietly spreading across cybercrime networks, and security researchers say it is far more capable than most tools of its kind. Called Venom Stealer, this malware-as-a-service platform does not just harvest credentials — it builds an…

Read more →

A botnet that has been running since 2011 is back in the spotlight — not because it is new, but because it keeps reinventing itself. Phorpiex, also known as Trik, has grown from a basic spam tool into a full-scale…

Read more →

As OpenAI introduces advertisements to its free tier, cybercriminals are seizing the opportunity to trick users with fake utility tools. Security researchers have discovered a malicious Google Chrome extension named “ChatGPT Ad Blocker.” While it claims to hide unwanted ads,…

Read more →

The European Commission’s primary web platform, “europa.eu,” recently suffered a severe data breach stemming from a supply-chain compromise involving the popular open-source vulnerability scanner, Trivy. On April 3, 2026, CERT-EU published an official advisory detailing how a threat actor known…

Read more →

A massive automated credential theft campaign is actively targeting web applications worldwide. Cybersecurity researchers at Cisco Talos have uncovered an operation by a hacker group tracked as UAT-10608, which has already compromised over 700 servers. The attackers are exploiting a…

Read more →

Multiple high-severity vulnerabilities exist in TP-Link’s Tapo C520WS smart security cameras. If exploited, these vulnerabilities may allow adjacent attackers to trigger Denial-of-Service (DoS) conditions, crash the device, or completely bypass authentication. TP-Link has released urgent firmware updates to address these…

Read more →

Microsoft has officially begun force-upgrading unmanaged Windows 11 version 24H2 devices to version 25H2, marking the final phase of a staged rollout that relies on machine learning to determine device readiness. The move, confirmed in an updated Windows Release Health…

Read more →

Linux users are known for prioritizing privacy, control, and performance — and in 2026, choosing the best VPN for Linux has become more important than ever. While Linux offers stronger security compared to other operating systems, it still doesn’t protect against ISP…

Read more →

Applications’ performance and availability are monitored, measured, and optimized as part of the practice known as application performance monitoring (APM). Using APM tools and methodologies, organizations may diagnose issues that impair the user experience, discover performance bottlenecks, and gain visibility…

Read more →

A newly identified campaign linked to North Korean state-sponsored threat actors is using Windows shortcut files, known as LNK files, to launch targeted phishing attacks against organizations in South Korea. What makes this campaign alarming is how attackers conceal their…

Read more →

A North Korea-linked threat group has successfully hijacked one of the most widely used JavaScript libraries on the internet, injecting malware into millions of potential development environments. On March 31, 2026, attackers gained access to the Axios Node Package Manager…

Read more →

A threat actor identified as “Mr. Raccoon” has allegedly breached Adobe, claiming to have exfiltrated a massive trove of sensitive data, including 13 million support tickets containing personal information, 15,000 employee records, all HackerOne bug bounty submissions, and a range…

Read more →

The OpenSSH project released version 10.3 and 10.3p1 on April 2, 2026, addressing a shell injection vulnerability and introducing several security-hardening changes that administrators should review before upgrading. The most notable security fix targets a shell injection vulnerability in the…

Read more →

Qilin ransomware group is deploying a sophisticated, multi-stage infection chain via a malicious msimg32.dll that can disable over 300 endpoint detection and response (EDR) drivers from virtually every major security vendor. As organizations increasingly rely on EDR solutions, which offer…

Read more →

A new and dangerous ransomware campaign has surfaced across South America, targeting Windows users with a carefully crafted strain that closely imitates the well-known Akira ransomware. While the two may appear nearly identical on the surface, this new threat is…

Read more →