3+ hour, 1+ min ago  (297+ words) We often treat cloud-based password managers as digital safes that only we can open. These services rely on Zero-Knowledge Encryption, a marketing promise that the company storing your data cannot actually see what is inside. However, new research suggests that…...

4+ day, 3+ hour ago  (550+ words) A massive security failure has put the private conversations of millions at risk after an unprotected database was left accessible online. Discovered by an independent researcher, the leak exposed roughly 300 million messages from more than 25 million users of Chat & Ask…...

1+ week, 5+ day ago  (396+ words) Pride Month does not begin until June 1, 2026, but scammers have already begun targeting employees with Pride themed phishing emails, getting ahead of the calendar. Organisations are being targeted in a phishing campaign that uses Pride Month and diversity messaging to…...

1+ week, 6+ day ago  (284+ words) Researchers at Forcepoint X-Labs have discovered a phishing campaign using Phorpiex malware to deliver Global Group ransomware. The attack uses deceptive Windows shortcut files (.lnk) and a unique "mute" mode to encrypt data offline and evade traditional security detection. The…...

1+ week, 6+ day ago  (260+ words) According to Cisco Talos" security researchers, the campaign is remarkably persistent. "The command and control are still active as of January 2026," they noted, indicating that threat actors are still actively managing their network of compromised devices. Most of us assume…...

2+ week, 2+ day ago  (237+ words) Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs, though passwords and payments stayed secure. While any security breach is concerning, in Flickr's case, passwords and financial information reportedly remained entirely…...

2+ week, 3+ day ago  (270+ words) Researchers link a global DNS hijacking campaign against old home routers redirecting traffic through servers hosted by Aeza International, a US-sanctioned Russian bulletproof hosting provider. Home internet users across more than three dozen countries have had their web traffic redirected…...

2+ week, 4+ day ago  (592+ words) Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings. ANY.RUN experts are observing a new wave of phishing campaigns that abuse trusted cloud and CDN infrastructure, including platforms…...

2+ week, 6+ day ago  (411+ words) If you have ever received a boring email about a business contract or a "request order," you might have clicked it without thinking twice. But a new report suggests that these routine messages are now part of a planned scam....

3+ week, 2+ day ago  (373+ words) Researchers at Zimperium zLabs have identified Arsink, a dangerous Android Trojan that impersonates 50+ popular brands, including WhatsApp and TikTok. With over 45,000 victims across 143 countries, this malware grants hackers complete remote control to record audio, read text messages, and wipe devices....