Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Ravie LakshmananApr 01, 2026Social Engineering / Malware Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages...
Hacking
Category Added in a WPeMatico Campaign
Block the Prompt, Not the Work: The End of “Doctor No”
The Hacker NewsApr 01, 2026Endpoint Security / Data Protection There is a character that keeps appearing in enterprise security departments,...
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
Ravie LakshmananApr 01, 2026Malware / Windows Security A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America...
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
Ravie LakshmananApr 01, 2026Vulnerability / Browser Security Google on Thursday released security updates for its Chrome web browser to address...
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s...
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean...
Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms
Ravie LakshmananApr 01, 2026Data Breach / Artificial Intelligence Anthropic on Tuesday confirmed that internal code for its popular artificial intelligence...
Android Developer Verification Rollout Begins Ahead of September Enforcement
Ravie LakshmananMar 31, 2026Mobile Security / Compliance Google on Monday said it's officially rolling out Android developer verification to all...
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
Ravie LakshmananMar 31, 2026Zero-Day / Vulnerability A high-severity security flaw in the TrueConf client video conferencing software has been exploited...
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
Ravie LakshmananMar 31, 2026Cloud Security / AI Security Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex...
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a...
The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority
The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number...
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the...
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according...
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
Ravie LakshmananMar 30, 2026Threat Intelligence / Browser Security A new campaign has leveraged the ClickFix social engineering tactic as a...
