12 posts were published in the last hour 9:39 : Google Chrome 148 Released With Fixes for 127 Security Flaws 9:38 : Scammers Exploit Disposable VoIP Numbers to Bypass Reputation Blocking 9:38 : Facial recognition arrives at the gates of…
Google Chrome 148 Released With Fixes for 127 Security Flaws
Google has officially rolled out Chrome version 148 to the stable channel, delivering a massive security overhaul that addresses 127 vulnerabilities across Windows, Mac, and Linux. The update, now available as version 148.0.7778.96 for Linux and 148.0.7778.96 or 148.0.7778.97 for…
Scammers Exploit Disposable VoIP Numbers to Bypass Reputation Blocking
New tactics used by threat actors who embed phone numbers in scam emails as a key indicator of compromise (IOC), revealing how attackers exploit VoIP infrastructure to evade detection and scale fraud operations. Telephone-oriented attack delivery (TOAD) remains a dominant…
Facial recognition arrives at the gates of Disney’s magic kingdom
Disney has equipped select entrance lanes at Disneyland Park and Disney California Adventure Park with facial recognition technology, saying the system is intended to streamline re-entry procedures and help prevent fraud. According to the company, certain entrance lanes use cameras…
Node.js 26 ships with Temporal API enabled by default
Developers managing JavaScript runtimes have a new major version to evaluate. Node.js 26.0.0 brings the long-awaited Temporal API to the platform alongside an updated V8 engine, a refreshed HTTP client, and several long-flagged removals that will require code changes in…
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems. “While these wheel packages do implement the features described on…
Daemon Tools Developer Confirms Software Was Trojanized
A China-linked threat actor backdoored a version of Daemon Tools to infect thousands This article has been indexed from www.infosecurity-magazine.com Read the original article: Daemon Tools Developer Confirms Software Was Trojanized
Hut 8 Signs Nearly $10bn Data Centre Lease
Major lease for planned data centre campus in Nueces County, Texas underscores surging demand for compute capacity This article has been indexed from Silicon UK Read the original article: Hut 8 Signs Nearly $10bn Data Centre Lease
New ClickFix Attack Targets macOS Users With Fake Disk Cleanup and Utility Lures
A new wave of cyberattacks is putting macOS users in the crosshairs, and this time the bait looks almost too familiar. Attackers are disguising their malware as helpful disk cleanup tools and system utilities, tricking people into running dangerous commands…
Microsoft Teams for Android Allow Users to Join Third-Party Meetings via SIP
Microsoft is expanding interoperability in its mobile communication ecosystem by allowing Microsoft Teams users on Android devices to join third-party meetings via the Session Initiation Protocol (SIP). Recently detailed on the Microsoft 365 roadmap, this upcoming feature addresses a major…
Critical Ollama Memory Leak Vulnerability Exposes 300,000 Servers Globally
A major security flaw has placed Ollama, one of the most widely used platforms for running local AI models, at risk of a high-profile exposure event. The issue, dubbed “Bleeding Llama,” allows unauthenticated attackers to access the Ollama process and…
Hackers Used Claude AI to Attack on Water and Drainage Utility Systems
A new threat intelligence report has revealed that an unknown group of hackers used a commercial AI tool to target the systems of a municipal water and drainage utility in Monterrey, Mexico. The attack, which took place in January 2026,…
CallPhantom Android scam reached 7.3 million downloads on Google Play
Scams targeting Android users in India and across the Asia-Pacific region have grown around a long-standing curiosity gap: the desire to look up call records tied to a phone number. A cluster of 28 fraudulent apps on Google Play exploited…
UK Financial Regulator Probes PayPal, Mastercard, Visa
Financial Conduct Authority opens rare competition review into PayPal digital wallet and its contracts with Visa, Mastercard This article has been indexed from Silicon UK Read the original article: UK Financial Regulator Probes PayPal, Mastercard, Visa
Red Hat Enterprise Linux adds post-quantum security and AI-driven automation in latest releases
Red Hat has announced the upcoming general availability of Red Hat Enterprise Linux 10.2 and 9.8. Building on the innovation of Red Hat Enterprise Linux 10, the latest versions help address security threats, speed AI innovation and minimize operational drift.…
Kloudfuse 4.0 delivers AI-governed observability and scalable workload isolation
Kloudfuse has announced the general availability of Kloudfuse 4.0. The release helps enterprises meet rising compliance requirements, adopt AI-driven observability with production-grade governance, and scale their observability infrastructure without platform bottlenecks, while keeping every byte of telemetry data inside their…
Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
Cofense has warned of a “significant” increase in phishing campaigns abusing Vercel platform This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
DeepSeek Value Rises To $45bn In First Funding Round
China’s biggest state-backed chip investment fund reportedly in talks to lead AI start-up’s funding round, as valuation more than doubles This article has been indexed from Silicon UK Read the original article: DeepSeek Value Rises To $45bn In First Funding…
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America and southeastern Europe. The campaign focuses on long-term access and data theft, combining advanced backdoors like…
Woflow – 447,593 breached accounts
In March 2026, the AI-driven merchant data platform Woflow was named as a victim by the ShinyHunters data extortion group. The group subsequently published tens of thousands of files allegedly obtained from the company, comprising more than 2TB of data.…
Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion
Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico. The post Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion appeared first on SecurityWeek.…
Google Proposes Spam Policy Changes To Avoid EU Fine
Google reportedly seeks to avoid further EU fines with proposal altering the way it ranks publishers that include commercial content This article has been indexed from Silicon UK Read the original article: Google Proposes Spam Policy Changes To Avoid EU…
Redis Security Flaws Expose Servers to Remote Code Execution Risks
Redis has disclosed and patched five security vulnerabilities, including four rated High severity, that could allow authenticated attackers to achieve remote code execution (RCE) on affected Redis servers. The advisory, published May 5, 2026, by Redis Chief Information Security Officer…
Hackers Exploit Google Ads to Steal GoDaddy ManageWP Logins
Hackers are abusing Google Ads to steal GoDaddy ManageWP credentials by placing a look‑alike phishing ad above the legitimate ManageWP result and proxying victims’ logins in real time via an adversary‑in‑the‑middle (AiTM) setup. The attackers purchase a sponsored Google ads…