Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search…
March 2026
CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks
Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively…
RayNeo Air 4 Pro Review: My Eyes Love These Video Glasses, but My Nose Disagrees
The first video glasses with HDR10 have a great display, but the fit isn’t for me.
Investigating a New Click-Fix Variant
Disclaimer: This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of…
Most Google Cloud Attacks Start With Bug Exploitation
Forget stolen credentials and misconfigurations; AI means vulnerability exploits that beat patching cycles are the top cause of compromises in…
Apple Patches Older iPhones Against ‘Coruna’ Hacks Used in Espionage and Crypto Theft
Apple has released security updates for older-generation iPhones and iPads addressing vulnerabilities used in targeted cyberattacks. Key takeaways: * iOS…
The MacBook Neo is a winner
It was a little surprising to see Apple decide to leap fully into the affordable laptop market, to try and…
Telus Digital data breach confirmed after ShinyHunters claims 1PB theft
Telus Digital is probing a confirmed breach as ShinyHunters claims petabyte-scale data theft tied to compromised cloud credentials. Telus Digital…
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns
The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that…
Real-Time Banking Trojan Strikes Brazil’s Pix Users
The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect…