Smashing Security podcast #470: This AI security flaw might be impossible to fix
A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers...
called
Smashing Security podcast #470: This AI security flaw might be impossible to fix
A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers...
Smashing Security podcast #470: This AI security flaw might be impossible to fix
A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers...
Smashing Security podcast #470: This AI security flaw might be impossible to fix
A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers...
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561...
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Ravie LakshmananMay 20, 2026Artificial Intelligence / Security Testing Microsoft has unveiled two new open-source tools called RAMPART and Clarity to...
The New Phishing Click: How OAuth Consent Bypasses MFA
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340...
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated...
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in...
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment...
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Ravie LakshmananMar 27, 2026Threat Intelligence / Vulnerability A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber...
New Attack Against Wi-Fi
It’s called AirSnitch: Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure...
Smashing Security podcast #457: How a cybersecurity boss framed his own employee
When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the...
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support...
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor...
