A sophisticated Brazilian banking trojan named TCLBANKER, deployed through a trojanized Logitech installer and capable of hijacking victims’ WhatsApp and Outlook accounts to spread itself to new targets. The campaign, tracked as REF3076, delivers TCLBANKER through a malicious MSI installer bundled inside…
Tag: EN
Hackable Robot Lawn Mower Unlocks a New Nightmare
Plus: Meta officially kills encrypted Instagram DMs, the Trump administration targets “violent left wing extremists,” leaked documents reveal Russia’s school for elite hackers, and more. This article has been indexed from Security Latest Read the original article: Hackable Robot Lawn…
Braintrust security incident raises concerns over AI supply chain risks
Braintrust warned customers to rotate API keys after hackers breached an AWS account, exposing secrets tied to cloud-based AI models. AI observability startup Braintrust warned customers to rotate API keys after attackers gained unauthorized access to one of the company’s…
Instagram Removes End-to-End Encryption From Direct Messages, Giving Meta Access to Chat Content
Instagram has removed end-to-end encryption from its direct messages as of May 8, 2026. Thank you for being a Ghacks reader. The post Instagram Removes End-to-End Encryption From Direct Messages, Giving Meta Access to Chat Content appeared first on gHacks.…
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows – CVE-2026-29201 (CVSS score: 4.3) –…
TCLBANKER Malware Targets Users Through Self-Propagating WhatsApp and Outlook Worm Modules
A highly sophisticated Brazilian banking trojan named TCLBANKER, tracked under the campaign REF3076, this malware represents a major update to the older Maverick and SORVEPOTEL families. It stands out because it uses a fake, signed Logitech installer to infect systems…
The breakup: Why CISOs are decoupling data from their SIEMs
<p>The traditional enterprise SIEM pulls security log data from sources across the IT environment, then normalizes it, analyzes it and retains it. But because SIEM providers typically charge more to hold more data, organizations generally must retain less data than…
Malware Campaign: Porn Viewers Should Hide Webcams
Any users who visit porn sites should be extra careful now. Porn viewers should hide their cameras. If users do not hide their webcams, they risk unpleasant recordings and extortion. Porn viewers should hide their webcams. According to a…
Vidar Infostealer Campaign Steals Passwords, Cookies, Crypto Wallets, and Device Data
A highly evasive multi-stage malware campaign deploying the Vidar Infostealer. First discovered in late 2018 and built on the Arkei stealer source code, Vidar is notorious for aggressively harvesting user credentials, browser session cookies, cryptocurrency wallets, and detailed system data.…
The 7 Best Endpoint Encryption Software Choices in 2026
This is a comprehensive list of the best encryption software and tools in 2026, covering their features, pricing and more. Use this guide to determine your best fit. The post The 7 Best Endpoint Encryption Software Choices in 2026 appeared…
6 Best VPNs for the UK in 2026
VPN capabilities and performance levels differ from place to place. Which VPNs are best for U.K. users and expats in 2026? The post 6 Best VPNs for the UK in 2026 appeared first on TechRepublic. This article has been indexed…
Millions of Windows PCs Face a Secure Boot Update Deadline in 2026
Microsoft Secure Boot certificates from 2011 begin expiring in June 2026. Here’s how to check whether your Windows PC has the 2023 update. The post Millions of Windows PCs Face a Secure Boot Update Deadline in 2026 appeared first on…
NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users
A data breach at GFN.AM, an authorized NVIDIA GeForce NOW cloud gaming service provider operating under “GFN CLOUD INTERNET SERVICES” LLC, has exposed personal information belonging to registered users. The company disclosed the incident on May 5, 2026, revealing that…
Cybersecurity Today Month in Review: AI Coding Risks, Canvas Breach, QR Phishing Surge
This week’s panel dives into the cybersecurity stories that matter most for security leaders, IT teams, and anyone watching how AI is changing risk. Jim Love is joined by David Shipley (Beauceron Security), Laura Payne (White Tuque), and Jeff Williams…
NVIDIA Confirms GeForce Data Breach Exposed Users’ Personal Data
GFN Cloud Internet Services, operating as the regional NVIDIA GeForce NOW cloud gaming partner, GFN.AM has officially confirmed a significant data breach. The security incident exposed personal information of users registered on their streaming platform. While the company has now…
Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information
Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge, all released on May 7, 2026, requiring no action from end users or administrators. Microsoft’s Security Response Center published…
Let’s Encrypt Halts Certificate Issuance After Cross-Signed Root Certificate Incident
Let’s Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue involving a cross-signed certificate linking the organization’s Generation X root to its upcoming Generation Y root infrastructure. The incident triggered a complete shutdown…
2026-05-08: macOS Shub Stealer infection
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2026-05-08: macOS Shub Stealer infection
RansomHouse says it breached Trellix and exposes internal systems
RansomHouse claimed responsibility for the Trellix breach, adding the security firm to its Tor data leak site and sharing screenshots of internal systems. The RansomHouse ransomware group has claimed responsibility for the recent cyberattack on cybersecurity firm Trellix. To support…
Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia
Evidence of them has been found by analyzing DNA in the seawater. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. This article has…