New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch
WhatsApp users should update their apps after Meta patched two flaws that could make risky files and links harder to...
after
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure Pierluigi Paganini April 29, 2026 Attackers quickly exploited a critical LiteLLM...
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project...
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft...
When Geopolitics Writes Your Compliance Roadmap
Cyber policy has always lagged cyber reality. Regulations arrive after breaches, frameworks emerge after failures, and accountability structures materialize long...
Your MTTD Looks Great. Your Post-Alert Gap Doesn’t
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating...
Alleged RedLine malware developer extradited to United States
A man has appeared in federal court in Austin, Texas, after being extradited to the United States to face charges...
Gmail Finally Lets You Change Your Email Address Without Losing Anything
Image: Justin Morgan/Unsplash After more than two decades, US users can now change their Gmail username without losing a single...
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the...
The EU CRA – Treating Cybersecurity as Product Liability
For years, cybersecurity law has mostly behaved like tort law after a car crash. It asked who got hurt,...
44 Aqua Security repositories defaced after Trivy supply chain breach
44 Aqua Security repositories defaced after Trivy supply chain breach Pierluigi Paganini March 23, 2026 Malicious Trivy images on Docker...
Move fast and save things: A quick guide to recovering a hacked account
Cybercriminals go after people’s personal information across every kind of online platform, including WhatsApp, Instagram, LinkedIn, Roblox, YouTube and Spotify,...
Robotic surgery firm Intuitive reports data breach after targeted phishing attack
Robotic surgery firm Intuitive reports data breach after targeted phishing attack Pierluigi Paganini March 18, 2026 Intuitive suffered a phishing...
Lloyds Banking Group Investigates Mobile App Data Exposure Affecting Multiple UK Banks
Lloyds Banking Group has launched an internal investigation after a technical error in its mobile banking applications allowed some...
Passkeys at Scale: The Complete Enterprise Deployment Playbook 2026
When eBay automatically prompted users to register a passkey right after a successful biometric check, adoption jumped 102% compared...
