Meta will end Instagram E2EE chats May 8, 2026, reversing a 2021 privacy test and reigniting debate over encrypted messaging ...

China-linked CL-STA-1087 targets Southeast Asian militaries since 2020 using AppleChris and MemFun for espionage and credential theft.

Nine CrackArmor flaws in Linux AppArmor since 2017 enable root escalation and container bypass, putting 12.6M systems at risk.

Operation Lightning dismantled SocksEscort proxy botnet exploiting 369,000 IPs in 163 countries, disrupting fraud networks and freezing $3.5M crypto.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Phishing floods overwhelm SOC analysts; with 66% unable to keep up, attackers hide spear-phishing in alert queues, increasing ...

WebKit fix after Coruna exploit kit abused iOS flaws, protecting older iPhones and iPads from memory corruption attacks ...

Six Android malware families discovered targeting banking apps and crypto wallets, exploiting accessibility features to steal funds and data.