Main Menu
Cyber Security
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Trent AI Emerges From Stealth With $13 Million in Funding
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Automated Pentesting Tools Fall Short Past the “PoC Cliff”
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
Exchange Online Mailbox Access Issues Impact Outlook Users
Shadow AI and Zero-Click Exploits Are Reshaping Mobile Security Threats
Third-Party Vendors Are the New Breach Vector Organizations Should Fear
Critical ShareFile Flaws Open the Door to Unauthenticated RCE
Strapi CMS Plugins Face Exploitation by Malicious npm Packages
Analysis Reveals .cmd Malware Escalating Privileges and Bypassing Antivirus
Fortinet Acts Quickly on Zero-Day Vulnerability Impacting FortiClient EMS Users
North Korean Cyber Operatives Drain $285 Million from Drift Exchange
Axios HTTP Client Developer Targeted in North Korean Social Engineering Campaign
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Gabby Lee April 10, 2026
Investigating why consumer GPUs outperform a $30,000 AI GPU in password cracking.
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
Cybersecurity
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
Mitchell Langley April 10, 2026
Signature Healthcare hospital in Massachusetts was forced to cancel some services after a cyberattack disrupted operations.
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Cybersecurity
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Mitchell Langley April 10, 2026
A security incident results in major FleetWave outages across UK and US as Chevin takes affected platforms offline.
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
Cybersecurity
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
Gabby Lee April 10, 2026
Global authorities dismantled a $45M crypto scam, rescuing $12M from fraudsters and aiding 20K affected wallets.
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Application Security
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Andrew Doyle April 10, 2026
Vulnerability in EngageLab SDK put Android cryptocurrency wallets at risk, bypassing security sandbox protections.
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Cybersecurity
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Mitchell Langley April 10, 2026
UAT-10362 threatens Taiwanese NGOs with new LucidRook malware.
New Extortion Crew Uses Phishing to Breach High-Value Corporations
News
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Gabby Lee April 10, 2026
Emerging extortion crew targets corporations through sophisticated phishing schemes.
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Application Security
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Andrew Doyle April 10, 2026
Cybercriminals hijacked the Smart Slider 3 Pro plugin update system, pushing malicious versions loaded with multiple backdoors to WordPress and Joomla...
Covert PDF Exploitation Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Cybersecurity
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Mitchell Langley April 10, 2026
Cybercriminals exploit Adobe Acrobat Reader to assess targets and selectively deploy further payloads.
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Cybersecurity
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Gabby Lee April 10, 2026
Discover how wearable biometric authentication is reshaping identity verification by focusing on the user, rather than the session.
Microsoft's Communication Breakdown Leaves Developers Locked Out Without Warning
Cybersecurity
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Andrew Doyle April 10, 2026
Microsoft's handling of developer account lockouts reveals serious communication gaps that are disrupting open source workflows.
Google Enhances Chrome Security with Device Bound Session Credentials
Application Security
Google Enhances Chrome Security with Device Bound Session Credentials
Mitchell Langley April 10, 2026
Google unveils Device Bound Session Credentials in Chrome 146 for Windows to thwart information-stealing malware.
New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Gabby Lee April 10, 2026
Researchers bypass Apple Intelligence guardrails using Neural Exect and Unicode manipulation.
ChipSoft's Website Goes Offline After Ransomware Attack While Email Stays Operational
Cybersecurity
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Gabby Lee April 9, 2026
ChipSoft's website is down following a ransomware attack, though email communication remains functional.
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Cybersecurity
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Gabby Lee April 8, 2026
Hims & Hers Health reports a data breach linked to a third-party customer service platform, impacting support tickets.
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
Cybersecurity
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
Mitchell Langley April 8, 2026
Authentication tokens were stolen during a breach, impacting numerous companies.
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Cybersecurity
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Andrew Doyle April 8, 2026
Discover how CrystalX RAT combines surveillance, data theft, and remote access capabilities in a sophisticated Malware-as-a-Service operation uncovere...
Chinese Threat Actors Exploit TrueConf Zero-Day to Breach Asian Governments
News
Chinese Threat Actors Exploit TrueConf Zero-Day to Breach Asian Governments
Mitchell Langley April 8, 2026
Chinese threat actors used TrueConf zero-day vulnerability to breach Asian government networks for reconnaissance and payload execution.
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
CVE Vulnerability Alerts
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Andrew Doyle April 8, 2026
A new Docker Engine vulnerability allows attackers to bypass authorization plug-ins due to an incomplete fix.
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Cybersecurity
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Mitchell Langley April 8, 2026
Iranian hackers exploit U.S. critical infrastructure networks by targeting internet-exposed Rockwell/Allen-Bradley PLCs.
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Gabby Lee April 10, 2026
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Gabby Lee April 10, 2026
Qilin Ransomware Group Targets German Political Party Die Linke
News
Qilin Ransomware Group Targets German Political Party Die Linke
Mitchell Langley April 7, 2026
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
News
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
Andrew Doyle April 2, 2026

TOP CYBERSECURITY HEADLINES

Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
Cybersecurity
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Application Security
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Cybersecurity
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
News
New Extortion Crew Uses Phishing to Breach High-Value Corporations

This Week’s Security Spotlight

New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Gabby Lee April 10, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Mitchell Langley April 8, 2026
Bogus Traffic Violation Text Scam Targeting Americans
News
Bogus Traffic Violation Text Scam Targeting Americans
Andrew Doyle April 7, 2026
Apple Rolls Out DarkSword Exploit Protection to More Devices
Cybersecurity
Apple Rolls Out DarkSword Exploit Protection to More Devices
Mitchell Langley April 3, 2026
More In News
Trending
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts
Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE
New Phishing Techniques Threaten TikTok Business Account Security
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
April 10, 2026
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
Cybersecurity
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
April 10, 2026
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Cybersecurity
FleetWave Users Left Without Service After Chevin Takes Platform Offline
April 10, 2026
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
Cybersecurity
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
April 10, 2026
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Application Security
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
April 10, 2026
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Cybersecurity
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
April 10, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
April 10, 2026
Global authorities dismantled a $45M crypto scam, rescuing $12M from fraudsters and aiding 20K affected wallets.
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
April 10, 2026
Vulnerability in EngageLab SDK put Android cryptocurrency wallets at risk, bypassing security sandbox protections.
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
April 10, 2026
UAT-10362 threatens Taiwanese NGOs with new LucidRook malware.
New Extortion Crew Uses Phishing to Breach High-Value Corporations
April 10, 2026
Emerging extortion crew targets corporations through sophisticated phishing schemes.
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
April 10, 2026
Cybercriminals hijacked the Smart Slider 3 Pro plugin update system, pushing malicious versions loaded with multiple backdoors to WordPress and Joomla...
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
April 10, 2026
Cybercriminals exploit Adobe Acrobat Reader to assess targets and selectively deploy further payloads.
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
April 10, 2026
Discover how wearable biometric authentication is reshaping identity verification by focusing on the user, rather than the session.
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
April 10, 2026
Microsoft's handling of developer account lockouts reveals serious communication gaps that are disrupting open source workflows.
Google Enhances Chrome Security with Device Bound Session Credentials
April 10, 2026
Google unveils Device Bound Session Credentials in Chrome 146 for Windows to thwart information-stealing malware.
New Bypass Technique Bypasses Apple’s AI Safeguards
April 10, 2026
Researchers bypass Apple Intelligence guardrails using Neural Exect and Unicode manipulation.
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
April 9, 2026
ChipSoft's website is down following a ransomware attack, though email communication remains functional.
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
April 8, 2026
Hims & Hers Health reports a data breach linked to a third-party customer service platform, impacting support tickets.
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
April 8, 2026
Authentication tokens were stolen during a breach, impacting numerous companies.
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
April 8, 2026
Discover how CrystalX RAT combines surveillance, data theft, and remote access capabilities in a sophisticated Malware-as-a-Service operation uncovere...
Chinese Threat Actors Exploit TrueConf Zero-Day to Breach Asian Governments
April 8, 2026
Chinese threat actors used TrueConf zero-day vulnerability to breach Asian government networks for reconnaissance and payload execution.
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
April 8, 2026
A new Docker Engine vulnerability allows attackers to bypass authorization plug-ins due to an incomplete fix.
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
April 8, 2026
Iranian hackers exploit U.S. critical infrastructure networks by targeting internet-exposed Rockwell/Allen-Bradley PLCs.
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
April 8, 2026
Russia-linked APT28 is harnessing vulnerable routers in a massive espionage campaign.
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
April 8, 2026
Anthropic's new AI model, Claude Mythos, could protect critical software or potentially enhance cyberattacks.
Trent AI Emerges From Stealth With $13 Million in Funding
April 8, 2026
Startup Trent AI unveils a comprehensive security framework to safeguard artificial intelligence (AI) agents, backed by significant funding.
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Chinese Threat Actors Exploit TrueConf Zero-Day to Breach Asian Governments
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Trent AI Emerges From Stealth With $13 Million in Funding