Category: Cyber Security News

A new and dangerous ransomware campaign has surfaced across South America, targeting Windows users with a carefully crafted strain that closely imitates the well-known Akira ransomware. While the two may appear nearly identical on the surface, this new threat is…

Read more →

A threat group recently set up a convincing fake version of Ukraine’s official cybersecurity authority website to trick targets into downloading a dangerous remote access tool. The campaign, now tracked under the identifier UAC-0255, relied on a mix of phishing…

Read more →

In a mature Security Operations Center, escalation is supposed to work like a scalpel, precise, intentional, and reserved for alerts that genuinely demand deeper expertise. But across many teams today, it has become something far less disciplined: a reflex, a…

Read more →

Meta has officially alerted approximately 200 WhatsApp users, primarily located in Italy, that their devices were compromised by a weaponized, fraudulent version of the messaging application. This malicious software was distributed through social engineering tactics rather than official app stores,…

Read more →

The Zed Attack Proxy (ZAP) team has rolled out version 0.3.0 of the OWASP PenTest Kit (PTK) add-on, introducing a transformative workflow upgrade for application security testing. This new release bridges the critical gap between traditional proxy-level scanning and modern…

Read more →

Apple has taken the rare step of expanding the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader set of devices on April 1, 2026, pushing critical backported security patches to millions of users still running iOS 18 who…

Read more →

A widely used JavaScript library called Axios was at the center of a serious supply chain attack that came to light on March 31, 2026. Two updated versions of the Axios npm package — version 1.14.1 and version 0.30.4 —…

Read more →

TA416 has returned to Europe with a fresh wave of espionage emails aimed at government and diplomatic staff. The campaign mixes quiet reconnaissance with malware delivery, showing how a patient threat actor can test who opens a message before sending…

Read more →

Millions of Americans use mobile apps daily without thinking much about where their data actually goes. The Federal Bureau of Investigation has stepped forward to address that. On March 31, 2026, the FBI released a Public Service Announcement outlining serious…

Read more →

A newly discovered critical vulnerability in the widely used PX4 Autopilot software could allow malicious actors to take complete control over drone operations. The Cybersecurity and Infrastructure Security Agency (CISA) released an Industrial Control Systems (ICS) advisory on March 31,…

Read more →

Oracle has executed a massive workforce reduction, eliminating between 20,000 and 30,000 employees globally to free up cash flow for its aggressive artificial intelligence infrastructure investments. The layoffs, representing roughly 18% of its workforce, were communicated abruptly via email, highlighting…

Read more →

Cisco has issued an urgent security warning regarding a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) platform. Enterprise organizations widely use this tool to manage their Cisco software licenses locally. Tracked as CVE-2026-20160, the flaw carries a…

Read more →

A new malware campaign is actively using WhatsApp to deliver harmful files directly to Windows users, exploiting the widespread trust placed in everyday messaging apps. The threat actors send malicious Visual Basic Script (VBS) files through WhatsApp messages, knowing that…

Read more →

Microsoft’s terms of service for its Copilot AI assistant include a notable disclaimer that has sparked renewed scrutiny from security and enterprise communities: the product is intended solely for entertainment purposes. According to the official Copilot terms of use, Microsoft…

Read more →

A high-severity security flaw has been identified in the Symantec Data Loss Prevention (DLP) Agent for Windows. Tracked as CVE-2026-3991, this vulnerability allows a low-privileged local attacker to escalate their system privileges to the highest level. Security researcher Manuel Feifel…

Read more →

Cybercriminals are getting better at hiding their tracks, and a recently uncovered Remcos RAT campaign is proof of that. This attack does not rely on a single malicious file dropped onto a system. Instead, it uses a carefully built, multi-stage…

Read more →

Cisco has recently disclosed a critical security flaw affecting its Integrated Management Controller (IMC), prompting the release of urgent software updates. The vulnerability, officially tracked as CVE-2026-20093, has been assigned a critical Base CVSS score of 9.8, indicating the highest…

Read more →

Digital forensic tools are specialized software designed to analyze, recover, and investigate data from digital devices. They help uncover crucial evidence in cybercrime investigations and legal proceedings. These tools can extract data from various sources, including computers, smartphones, and storage…

Read more →

When it comes to privacy-focused VPNs, several providers stand out in 2026. NordVPN, based in Panama, offers robust security features including Double VPN, Onion over VPN, and an independently audited no-logs policy. Proton VPN, founded by CERN scientists and based…

Read more →

The threat group ShadowByt3s has claimed responsibility for a new cyberattack on Starbucks, allegedly stealing 10GB of proprietary source code and operational firmware. The data was reportedly scraped from a misconfigured Amazon S3 bucket named “sbux-assets” as part of a…

Read more →