In early 2026, data purportedly sourced from the recipe and meal planning service Provecho was alleged to have been obtained in a breach. The exposed data included 713k unique email address along with username and the creator account holders followed.…
Tag: EN
New Massiv Malware Targets Android Banking Users Through Fake IPTV App
As a result of the convenience of mobile streaming, user behavior has quietly been reshaped, normalizing the practice of downloading applications outside of official app marketplaces that have been guarded. In this gray area of digital consumption, a recently…
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
The threat activity cluster known as SloppyLemming has been attributed to a fresh set of attacks targeting government entities and critical infrastructure operators in Pakistan and Bangladesh. The activity, per Arctic Wolf, took place between January 2025 and January 2026.…
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild. The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component.…
Chrome quantum-safe certificates, Gemini Live vulnerability, UK warns of Iranian cyberattacks
Chrome unveils quantum-safe certificates Vulnerability allowed hijacking Gemini Live UK warns of Iranian cyberattack risks Get the show notes here: https://cisoseries.com/cybersecurity-news-chrome-quantum-safe-certificates-gemini-live-vulnerability-uk-warns-of-iranian-cyberattacks/ Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security…
Sweden Intercepts Russian Drone Near French Aircraft Carrier
Swedish military jams Russian drone launched from signals intelligence ship during NATO exercises with French carrier in port of Malmö This article has been indexed from Silicon UK Read the original article: Sweden Intercepts Russian Drone Near French Aircraft Carrier
Huawei Aims For World Comeback With Flagship Launch
Chinese tech giant launches international versions of flagship Mate 80 Pro handset, Watch GT Runner 2 as it overcomes US sanctions This article has been indexed from Silicon UK Read the original article: Huawei Aims For World Comeback With Flagship…
Malvertising Campaign Spreads AMOS ‘malext’ macOS Infostealer via Fake Text-Sharing Ads
A large-scale malvertising operation targets macOS users with fake Google Ads leading to malicious text-sharing sites. These lures deliver the AMOS infostealer variant, dubbed “malext,” which steals sensitive data such as browser credentials and crypto wallets. Suspicious password prompts halted…
Samsung brings Digital Home Key to Samsung Wallet, extending secure access to the home
Samsung Electronics has announced the launch of Digital Home Key, a new feature within Samsung Wallet built on Aliro, a standardized smart lock access protocol that enables Samsung Galaxy users to unlock compatible smart door locks using their smartphone. This…
Threat Actors Deploy ‘AuraStealer’ Infostealer with 48 C2 Domains and Active Campaigns
A new information-stealing malware called AuraStealer has been making its presence felt across the cybersecurity landscape since mid-2025. Developed and actively maintained by a group of Russian-speaking individuals, the malware first appeared on underground hacker forums in July 2025, shortly…
Android Security Update – Patch for 129 Vulnerabilities and Actively Exploited Zero-Day
Google has released its highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month in recent…
Hackers Leveraged CyberStrikeAI Tool to Breach Fortinet FortiGate Devices
A new artificial intelligence (AI) offensive security tool called CyberStrikeAI, which is being actively leveraged by threat actors to target edge devices, particularly Fortinet FortiGate appliances. This open-source platform, developed by a China-based individual with potential ties to state-sponsored operations,…
Threat Actors Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Local Coding Tools
A supply chain attack targeting developers surfaced on March 2, 2026, when unauthorized code was found inside two versions of the Aqua Trivy VS Code extension on the OpenVSX registry. The compromised versions — 1.8.12 and 1.8.13 — were uploaded…
Why Every Enterprise Needs a Strong API Security Strategy?
Modern enterprises are rapidly shifting toward API-centric architectures, leveraging APIs to connect internal systems, external partners, and digital services. With 74% of organizations adopting API-first development models, APIs now drive critical business logic and data exchanges at scale. However, this…
The Attack Chain Your AI System is Already Missing
As AI adoption accelerates, organizations must evolve their security strategies from prompt filtering to comprehensive behavioral monitoring. This shift is critical to safeguarding against adaptive threats and ensuring safe AI deployment in production environments. The post The Attack Chain Your…
Hackerbot-Claw Bot Exploits GitHub Actions CI/CD Flaw to Attack Microsoft and DataDog
Hackerbot-claw, an autonomous AI bot, has launched a week-long campaign abusing GitHub Actions misconfigurations to hit CI/CD pipelines at Microsoft, DataDog, and other major open-source projects, achieving remote code execution (RCE) and even full repo compromise in some cases. The…
Google Chrome Introduces Merkle Tree Certificates to Protect HTTPS from Quantum Attacks
Google Chrome’s Secure Web and Networking Team has unveiled a new initiative aimed at defending HTTPS traffic against emerging quantum computing threats. This development, rooted in the Internet Engineering Task Force’s (IETF) “PKI, Logs, And Tree Signatures” (PLANTS) working group,…
AI went from assistant to autonomous actor and security never caught up
Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core infrastructure. That has exposed a significant gap between what AI agents can do and what security teams can observe…
Gamers furious as Brit studio Cloud Imperium quietly admits to data breach
Slow disclosure and odd reassurance that exposing names and contact details won’t be a problem isn’t going down well Gamers are ready to unleash their mightiest virtual weapons and point them at British games studio Cloud Imperium, after it sat…
Android Security Update Fixes 129 Flaws and Tackles Actively Exploited Zero-Day Flaw
Google has rolled out the highly anticipated March 2026 Android Security Bulletin, delivering critical fixes for 129 security vulnerabilities across the Android ecosystem. This massive update represents one of the highest numbers of patches issued in a single month. The…