ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
Ravie LakshmananApr 02, 2026Cybersecurity / Hacking News The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the...
Ravie
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
Ravie LakshmananApr 02, 2026Cryptomining / Malware A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs)...
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Ravie LakshmananApr 02, 2026Surveillance / Mobile Security Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked...
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
Ravie LakshmananApr 02, 2026Mobile Security / Vulnerability Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of...
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
Ravie LakshmananApr 01, 2026Email Security / Artificial Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of...
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Ravie LakshmananApr 01, 2026Social Engineering / Malware Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages...
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
Ravie LakshmananApr 01, 2026Malware / Windows Security A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America...
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
Ravie LakshmananApr 01, 2026Vulnerability / Browser Security Google on Thursday released security updates for its Chrome web browser to address...
Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms
Ravie LakshmananApr 01, 2026Data Breach / Artificial Intelligence Anthropic on Tuesday confirmed that internal code for its popular artificial intelligence...
Android Developer Verification Rollout Begins Ahead of September Enforcement
Ravie LakshmananMar 31, 2026Mobile Security / Compliance Google on Monday said it's officially rolling out Android developer verification to all...
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
Ravie LakshmananMar 31, 2026Zero-Day / Vulnerability A high-severity security flaw in the TrueConf client video conferencing software has been exploited...
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
Ravie LakshmananMar 31, 2026Cloud Security / AI Security Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex...
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
Ravie LakshmananMar 30, 2026Threat Intelligence / Browser Security A new campaign has leveraged the ClickFix social engineering tactic as a...
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
Ravie LakshmananMar 30, 2026Cybersecurity / Hacking Some weeks are loud. This one was quieter but not in a good way....
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
Ravie LakshmananMar 30, 2026Malware / Network Security Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via...
