Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
Google said it identified a "new and powerful" exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files
Image: Perplexity A security flaw in Perplexity’s AI-powered Comet browser could have allowed attackers to access files on a user’s...
Google’s Biggest Android Security Update in Years Fixes 129 Bugs, Including an Actively Exploited Zero-Day
Image: Denny Müller/Unsplash Google just dropped its largest security update in nearly eight years. The March 2026 Android Security Bulletin,...
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
Originally published on the Hacker News here. A new 2026 market intelligence study of 128 enterprise security decision-makers (available...
Invisible Threats: Source Code Exfiltration in Google Antigravity – FireTail Blog
TL;DR: We explored a known issue in Google Antigravity where attackers can silently exfiltrate proprietary source code By...
Attackers abuse OAuth’s built-in redirects to launch phishing and malware attacks
Attackers are abusing normal OAuth error redirects to send users from a legitimate Microsoft or Google login URL to...
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook Pierluigi Paganini March 04, 2026 APT group Silver Dragon,...
U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 04, 2026...
Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals
Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals Pierluigi Paganini March 04, 2026 A ransomware attack...
Cyber Defense Magazine | A New Bell Rings For K-12 Cloud Security After the Illuminate Settlement
This article was originally published in Cyber Defense Magazine on 02/09/26 by Charlie Sander. The Illuminate incident serves as...
Shadow AI vs Managed AI: What’s the Difference? – FireTail Blog
Quick Facts: Shadow AI vs. Managed AI Shadow AI is a visibility gap: It refers to any AI tool...
Google Workspace vs. Microsoft 365: What’s the best office suite for business?
* Paid annually ** Mobile apps available for Android and iOS *** Require additional subscriptions* Mobile apps available for Android...
New RFP Template for AI Usage Control and AI Governance
The Hacker NewsMar 04, 2026Artificial Intelligence / SaaS Security As AI becomes the central engine for enterprise productivity, security leaders...
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Ravie LakshmananMar 04, 2026Threat Intelligence / Application Security Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities...
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Ravie LakshmananMar 04, 2026Malware / Windows Security Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed...