Threats

New Windows Malware Campaign Distributes NWHStealer via Fake Proton VPN Sites and Gaming Mods

Threats April 16, 2026

A new wave of Windows malware, dubbed NWHStealer, is actively infecting users by masquerading as legitimate software downloads, including fake…

UAC-0247 Campaign Targets Hospitals and Governments for Browser and WhatsApp Data

Threats April 16, 2026

A sophisticated cyberattack campaign, tracked as UAC-0247, has been actively targeting critical local government and municipal healthcare institutions across Ukraine…

Chrome Privacy Analysis Reveals Fingerprinting and Header Leak Vulnerabilities

Threats April 16, 2026

A stark new analysis reveals that Google Chrome, the world’s most popular web browser, offers minimal protection against invasive user…

March sees 31 high-impact vulnerabilities exploited, including a Cisco FMC zero-day attack.

Threats April 16, 2026

March 2026 marked an intense period for cybersecurity, with 31 high-impact vulnerabilities actively exploited across nearly two dozen major technology…

Russian hosting contains over 1,250 Command and Control servers from 165 providers

Threats April 16, 2026

Cybersecurity researchers have uncovered a substantial network of malicious infrastructure operating within Russia’s commercial hosting environments. Over a three-month period…

Hackers Exploit Google Discover with AI-Generated Content for Malicious Notifications

Threats April 16, 2026

A sophisticated cybercriminal operation known as “Pushpaganda” is weaponizing Google Discover, a popular content aggregation service, to distribute malicious push…

Hackers Employ Google Cloud Storage for Remcos RAT Delivery

Threats April 15, 2026

Cybercriminals are increasingly leveraging Google Cloud Storage to bypass email filters and distribute malware, a new report reveals. This sophisticated…

MuddyWater-style attackers scanned over 12,000 systems before targeting Middle East critical sectors.

Threats April 15, 2026

A sophisticated cyber campaign, exhibiting strong operational similarities to the notorious MuddyWater threat group, has been identified conducting extensive scans…

Agentic LLM Browsers Present New Vulnerabilities for Prompt Injection and Data Theft

Threats April 15, 2026

Artificial intelligence is fundamentally altering how people navigate the internet, with new agentic LLM browsers moving beyond simple page display…

Hackers exploit Microsoft 365 mailbox rules to intercept emails.

Threats April 15, 2026

Cybercriminals are leveraging a sophisticated tactic within Microsoft 365, exploiting built-in mailbox rules to silently intercept sensitive business communications. This…

Hackers maintained backdoor access in WordPress plugins for eight months before deploying malware.

Threats April 15, 2026

A sophisticated cyberattack exploited trusted WordPress plugins, hiding a backdoor for eight months before activating malicious malware. The incident, uncovered…

Triad Nexus, linked to FUNNULL, reappears with over 175 rotating CNAME domains and global scam portals.

Threats April 15, 2026

A sophisticated cybercriminal operation, known as Triad Nexus and linked to the FUNNULL Content Delivery Network, has resurfaced with a…

Trending

Eclipse Incident Highlights Ongoing Researcher-Vendor Disputes

Hackers Exploit Critical Vulnerability in Everest Forms Pro WordPress Plugin

Final Layer Remains

Threats

New Windows Malware Campaign Distributes NWHStealer via Fake Proton VPN Sites and Gaming Mods

UAC-0247 Campaign Targets Hospitals and Governments for Browser and WhatsApp Data

Chrome Privacy Analysis Reveals Fingerprinting and Header Leak Vulnerabilities

March sees 31 high-impact vulnerabilities exploited, including a Cisco FMC zero-day attack.

Russian hosting contains over 1,250 Command and Control servers from 165 providers

Hackers Exploit Google Discover with AI-Generated Content for Malicious Notifications

Hackers Employ Google Cloud Storage for Remcos RAT Delivery

MuddyWater-style attackers scanned over 12,000 systems before targeting Middle East critical sectors.

Agentic LLM Browsers Present New Vulnerabilities for Prompt Injection and Data Theft

Hackers exploit Microsoft 365 mailbox rules to intercept emails.

Hackers maintained backdoor access in WordPress plugins for eight months before deploying malware.

Triad Nexus, linked to FUNNULL, reappears with over 175 rotating CNAME domains and global scam portals.