
Google GTIG Documents First AI-Generated Zero-Day Exploit
Google’s Threat Intelligence Group confirmed the first AI-generated zero-day exploit, targeting 2FA logic in an open-source web admin tool via

Google’s Threat Intelligence Group confirmed the first AI-generated zero-day exploit, targeting 2FA logic in an open-source web admin tool via

Security researchers from Adversa AI and Mitiga disclosed a one-click RCE, silent MCP OAuth token hijacking, and a Chrome extension

Researchers discovered TCLBanker, a banking trojan hidden in trojanized Logitech software installers, stealing credentials from 59 banking and cryptocurrency platforms.

Researchers disclosed PamDOORa, a commercial Linux backdoor sold on the Russian Rehub forum that exploits the PAM authentication framework to

Microsoft disclosed an AiTM phishing campaign targeting 35,000 users in 13,000 organizations across 26 countries between April 14–16, 2026, bypassing

An adversary-in-the-middle phishing campaign hit 35,000 workers across 13,000 organizations in 48 hours, using fake HR emails to bypass MFA

Attackers compromised DigiCert support staff via a chat-delivered screenshot, used their access to obtain code-signing certificates, and signed Zhong Stealer

Threat actors are systematically abusing Amazon SES to send phishing emails that pass SPF, DKIM, and DMARC checks — turning

Stolen credentials often lead to unchecked privilege escalation and security breaches, but identity-first Zero Trust offers a strategic solution.

Discover how wearable biometric authentication is reshaping identity verification by focusing on the user, rather than the session.
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.