2+ hour, 11+ min ago  (280+ words) By routing fully authenticated phishing lures through legitimate channels, the attackers successfully harvest credentials and identity documents. These stolen Facebook Business accounts are subsequently monetized or resold back to victims through an illicit storefront. The foundation of this campaign relies…...

4+ hour, 50+ min ago  (334+ words) A weaponized proof-of-concept (Po C) exploit framework dubbed "c Panel Sniper" has been publicly released for CVE-2026-41940, a maximum-severity authentication bypass in c Panel & WHM that has already led to the compromise of tens of thousands of servers worldwide with attack…...

16+ hour, 20+ min ago  (666+ words) A new and well-planned malware campaign has been actively targeting enterprise administrators, Dev Ops engineers, and security analysts by hijacking their everyday search habits. Rather than using mass phishing or broad spam waves, threat actors behind this operation have carefully…...

17+ hour, 15+ min ago  (605+ words) A new Android spyware tool is being sold openly on the internet, and it comes with something far more dangerous than its surveillance features alone. For a fee, anyone can buy it, put their own name and logo on it,…...

17+ hour, 52+ min ago  (665+ words) Cybercriminals are no longer relying on simple email tricks alone. Across the first quarter of 2026, attackers have been sharpening their approach by using CAPTCHA pages and Click Fix techniques to supercharge credential theft operations at an alarming scale. During Q1 2026, Microsoft…...

1+ day, 3+ min ago  (608+ words) A newly documented scam campaign is using fake CAPTCHA pages to silently trigger dozens of international SMS messages from victims" mobile phones, leaving them with unexpected charges on their phone bills. What looks like a routine "prove you"re human…...

1+ day, 16+ hour ago  (660+ words) A dangerous new phishing platform called Phoenix is quietly spreading across the globe, targeting people through fake SMS messages designed to look like they come from trusted banks, telecom providers, and delivery companies. This platform works on a subscription basis,…...

1+ day, 18+ hour ago  (406+ words) A massive supply chain attack has been uncovered in the Quick Page/Post Redirect Plugin, a popular Word Press plugin with over 70, 000 active installations. Security researcher Austin Ginder discovered a dormant backdoor introduced five years ago that silently injects arbitrary…...

2+ day, 21+ hour ago  (857+ words) Security has become a visible part of the user experience across the digital economy. People now expect strong protection not only from banks and payment apps but also from any platform that handles accounts, transactions and personal data. That expectation…...

2+ day, 19+ hour ago  (301+ words) Video hosting platform Vimeo has confirmed a data breach resulting in unauthorized access to its user database. The security incident stems from a compromise at Anodot, a third-party analytics vendor utilized by Vimeo and several other major organizations. This event…...