13+ hour, 7+ min ago  (331+ words) Microsoft has officially acknowledged a known issue in its April 2026 Windows 11 cumulative update: Remote Desktop Protocol (RDP) security warning dialogs may render incorrectly on certain system configurations, a significant usability concern given that the warnings are designed to protect users…...

11+ hour, 57+ min ago  (199+ words) A sophisticated, memory-resident phishing campaign called Blob Phish, active since October 2024, that exploits browser Blob URL APIs to silently steal credentials from Microsoft 365 users, major U. S. banks, and financial platforms while remaining almost completely invisible to traditional security tools. Blob Phish…...

13+ hour, 34+ min ago  (349+ words) Application security testing firm Checkmarx has confirmed a significant escalation in its ongoing security incident. Cybercriminals have officially published company data on the dark web. This new development directly ties back to a supply chain attack that initially compromised the…...

12+ hour, 4+ min ago  (468+ words) A critical remote code execution (RCE) vulnerability tracked as CVE-2026-3854 in Git Hub's internal git infrastructure that could have allowed any authenticated user to compromise backend servers, access millions of private repositories, and, in the case of Git Hub Enterprise…...

23+ hour, 41+ min ago  (632+ words) A new fake document reader app found on the Google Play Store has been silently installing Anatsa, a powerful Android banking trojan, on thousands of user devices. The malicious application surpassed 10, 000 downloads before Google removed it, putting a significant number…...

14+ hour, 15+ min ago  (358+ words) A critical pre-authentication SQL injection vulnerability in Lite LLM, a widely used open-source AI gateway with over 22, 000 Git Hub stars, is actively being exploited in the wild. Tracked as CVE-2026-42208, this severe flaw allows unauthorized attackers to extract highly sensitive…...

17+ hour, 39+ min ago  (642+ words) Silver Fox, a China-based threat group has launched a new wave of attacks targeting businesses and individuals across Asia, using fake tax audit notifications and counterfeit software update alerts to install dangerous malware on victim systems. The campaign reflects a…...

22+ hour, 50+ min ago  (602+ words) A new Android banking malware, tracked as KYCShadow, was discovered targeting bank customers across India through a carefully designed fake Know Your Customer (KYC) verification workflow. Distributed via Whats App, it tricks victims into installing what appears to be an…...

16+ hour, 36+ min ago  (322+ words) Whats App is currently developing an independent cloud backup system designed to give users more direct control over their chat histories. This upcoming feature will allow users to store their backups securely on Whats App's native servers. The update aims…...

17+ hour, 41+ min ago  (444+ words) A critical zero-click authentication coercion vulnerability, tracked as'CVE-2026-32202, stemming from an incomplete patch for a Windows Shell security feature bypass actively weaponized by the Russian APT28 threat group. Microsoft confirmed active exploitation of the flaw and released a fix as part…...