Google Play Scam Apps Hit 7.3M Downloads with Fake Call Logs
ESET found 28 CallPhantom scam apps on Google Play that promised fake call logs and had reached more than 7.3...
Security
Millions of Windows PCs Face a Secure Boot Update Deadline in 2026
Microsoft Secure Boot certificates from 2011 begin expiring in June 2026. Here’s how to check whether your Windows PC has...
6 Best VPNs for the UK in 2026
VPN capabilities and performance levels differ from place to place. Which VPNs are best for U.K. users and expats in...
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is...
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ravie LakshmananMay 07, 2026Vulnerability / Network Security Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM)...
CISA Warning: High-Severity Linux Flaw Puts Unpatched Systems at Risk
CISA warns that the nine-year-old Linux Copy Fail flaw is being actively exploited, allowing local attackers to gain root access...
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Ravie LakshmananMay 07, 2026Vulnerability / Software Security A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library...
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern...
Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
Ravie LakshmananMay 06, 2026Endpoint Security / Threat Intelligence Cybersecurity researchers have disclosed details of an intrusion that involved the use...
Edge browser leaves passwords exposed in plain text, says researcher
Microsoft did not respond to a request for comment. David Shipley, CEO of Beauceron Security, is not impressed with Microsoft’s...
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Ravie LakshmananMay 05, 2026Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security...
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
Ravie LakshmananMay 05, 2026Endpoint Security / Software Security A newly identified supply chain attack targeting DAEMON Tools software has compromised...
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
Ravie LakshmananMay 05, 2026Network Security / Endpoint Security A sophisticated China-nexus advanced persistent threat (APT) group has been attributed to...
New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch
WhatsApp users should update their apps after Meta patched two flaws that could make risky files and links harder to...
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Cybercriminals are no longer just faking legitimacy. They are now using Google’s infrastructure to take over thousands of Facebook accounts....
